Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSNET/3BW08WcHmShw-CcRD2FVVyVYzcI.roa
File: 3BW08WcHmShw-CcRD2FVVyVYzcI.roa (raw, json)
Hash identifier: FQBRMSksX92LEP0ZVpFJrfKOCCrWA4A1NuL/0QW5QOk=
Subject key identifier: DC:15:B4:F1:67:07:99:28:70:F8:27:11:0F:61:55:57:25:58:CD:C2
Certificate issuer: /CN=4C47DF748EC0FF16912283CEC10EC10ED32D244F
Certificate serial: 0949
Authority key identifier: 4C:47:DF:74:8E:C0:FF:16:91:22:83:CE:C1:0E:C1:0E:D3:2D:24:4F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TEffdI7A_xaRIoPOwQ7BDtMtJE8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSNET/3BW08WcHmShw-CcRD2FVVyVYzcI.roa
Signing time: Wed 29 Sep 2021 02:42:54 +0000
ROA not before: Wed 29 Sep 2021 02:42:54 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38837
IP address blocks: 211.78.64.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2377 (0x949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4C47DF748EC0FF16912283CEC10EC10ED32D244F
Validity
Not Before: Sep 29 02:42:54 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DC15B4F16707992870F827110F6155572558CDC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:89:a7:6f:cd:31:3d:dc:46:1e:8e:45:1a:03:
18:a1:30:e3:77:7a:84:68:72:b9:9e:4a:85:dc:a5:
e9:4d:d7:47:39:77:63:2a:99:69:03:1e:69:35:5a:
19:75:9e:4e:c1:c3:54:f5:7f:c6:61:9b:76:70:0a:
5f:c9:e4:82:cb:ed:7c:93:1f:18:91:18:44:53:f5:
68:7f:c8:d8:b0:37:92:05:0f:db:89:bf:fd:18:74:
25:87:96:1a:3e:b5:bd:b0:62:c5:e2:48:c4:94:35:
b5:f7:57:1a:4c:e6:16:46:9a:12:71:f7:ad:02:d6:
65:9b:1c:78:6c:eb:56:4f:67:8d:a3:8c:3d:28:6b:
f2:b1:95:8f:b5:3c:37:a7:1b:43:21:eb:76:5d:bd:
bf:28:0c:d8:df:a2:7e:55:3a:2c:6a:60:a0:91:df:
d2:54:ce:a8:b5:50:0a:e9:64:2e:c5:a8:92:a4:1b:
23:22:a0:57:ae:65:77:3e:38:9f:ba:53:87:18:11:
bb:04:2c:ae:d8:7f:ee:57:19:21:67:2e:0b:98:bb:
70:1a:4a:db:d0:43:6c:42:83:f5:83:2b:c4:b2:5d:
43:38:30:85:42:61:c4:54:45:e7:b3:1d:6e:90:83:
de:7e:2a:ae:20:cc:54:27:8b:d6:e2:1a:36:d6:12:
e8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:15:B4:F1:67:07:99:28:70:F8:27:11:0F:61:55:57:25:58:CD:C2
X509v3 Authority Key Identifier:
keyid:4C:47:DF:74:8E:C0:FF:16:91:22:83:CE:C1:0E:C1:0E:D3:2D:24:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSNET/TEffdI7A_xaRIoPOwQ7BDtMtJE8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TEffdI7A_xaRIoPOwQ7BDtMtJE8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSNET/3BW08WcHmShw-CcRD2FVVyVYzcI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.64.0/20
Signature Algorithm: sha256WithRSAEncryption
3c:88:ee:f9:96:d1:98:cf:b0:76:4a:58:90:f2:47:b5:1b:9a:
58:63:24:d6:f5:dd:af:55:1d:28:43:fe:6d:11:55:52:f5:a8:
b1:2b:42:b1:c9:d3:86:24:9c:38:70:54:8e:bb:3c:a8:21:2c:
7d:c6:6f:06:07:51:83:d1:7e:f9:90:3b:b3:7a:ea:30:a9:ce:
13:f0:a9:59:3f:89:78:89:9d:8a:a9:49:2c:6c:7a:b7:58:58:
ad:2e:87:51:8c:2e:65:29:41:61:a3:e1:de:e5:71:33:fb:38:
6d:53:33:1e:53:f0:fd:8c:27:c0:6a:39:36:7e:43:6a:55:33:
3f:13:4e:ee:03:89:a8:a8:f8:0d:ba:60:a4:80:95:a8:67:68:
36:5c:6f:1b:83:1e:94:f4:d8:d5:54:24:72:a5:d7:e5:f8:5b:
d2:8d:91:b6:9e:cf:20:d0:6d:c9:b7:a3:0d:62:a7:b9:6d:0b:
9b:af:2a:f8:a0:35:a7:22:cb:e4:1f:06:9f:ea:da:2d:a3:6d:
6d:ae:8c:0e:b6:ff:8c:12:87:67:0b:27:10:1d:0b:8b:1a:c0:
72:ab:e2:04:91:0b:3e:0d:50:2a:69:a5:e4:03:1d:94:0f:5b:
12:e9:1a:b3:2d:04:b1:93:c4:aa:6f:77:c2:55:48:d8:71:de:
e2:e6:a9:79
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCUkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEM0
N0RGNzQ4RUMwRkYxNjkxMjI4M0NFQzEwRUMxMEVEMzJEMjQ0RjAeFw0yMTA5Mjkw
MjQyNTRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERDMTVCNEYxNjcwNzk5
Mjg3MEY4MjcxMTBGNjE1NTU3MjU1OENEQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtiadvzTE93EYejkUaAxihMON3eoRocrmeSoXcpelN10c5d2Mq
mWkDHmk1Whl1nk7Bw1T1f8Zhm3ZwCl/J5ILL7XyTHxiRGERT9Wh/yNiwN5IFD9uJ
v/0YdCWHlho+tb2wYsXiSMSUNbX3VxpM5hZGmhJx960C1mWbHHhs61ZPZ42jjD0o
a/KxlY+1PDenG0Mh63Zdvb8oDNjfon5VOixqYKCR39JUzqi1UArpZC7FqJKkGyMi
oFeuZXc+OJ+6U4cYEbsELK7Yf+5XGSFnLguYu3AaStvQQ2xCg/WDK8SyXUM4MIVC
YcRUReezHW6Qg95+Kq4gzFQni9biGjbWEuhXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3BW08WcHmShw+CcRD2FVVyVYzcIwHwYDVR0jBBgwFoAUTEffdI7A/xaRIoPO
wQ7BDtMtJE8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NORVQv
VEVmZmRJN0FfeGFSSW9QT3dRN0JEdE10SkU4LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9URWZmZEk3QV94YVJJb1BPd1E3QkR0TXRKRTguY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HU05FVC8zQlcwOFdjSG1TaHctQ2NSRDJG
VlZ5Vll6Y0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE005A
MA0GCSqGSIb3DQEBCwUAA4IBAQA8iO75ltGYz7B2SliQ8ke1G5pYYyTW9d2vVR0o
Q/5tEVVS9aixK0KxydOGJJw4cFSOuzyoISx9xm8GB1GD0X75kDuzeuowqc4T8KlZ
P4l4iZ2KqUksbHq3WFitLodRjC5lKUFho+He5XEz+zhtUzMeU/D9jCfAajk2fkNq
VTM/E07uA4moqPgNumCkgJWoZ2g2XG8bgx6U9NjVVCRypdfl+FvSjZG2ns8g0G3J
t6MNYqe5bQubryr4oDWnIsvkHwaf6toto21trowOtv+MEodnCycQHQuLGsByq+IE
kQs+DVAqaaXkAx2UD1sS6RqzLQSxk8Sqb3fCVUjYcd7i5ql5
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org