Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GTT/3h-uAJ2FfVasPV5qGxXKGmYXDeQ.roa
File: 3h-uAJ2FfVasPV5qGxXKGmYXDeQ.roa (raw, json)
Hash identifier: DhEvXYfW6KPURYZv96ChuQIH+qgLpIOsufoJxUCNOb8=
Subject key identifier: DE:1F:AE:00:9D:85:7D:56:AC:3D:5E:6A:1B:15:CA:1A:66:17:0D:E4
Certificate issuer: /CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Certificate serial: 08AB
Authority key identifier: B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/3h-uAJ2FfVasPV5qGxXKGmYXDeQ.roa
Signing time: Sun 07 Feb 2021 11:54:09 +0000
ROA not before: Sun 07 Feb 2021 11:54:09 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 203.118.224.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2219 (0x8ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Validity
Not Before: Feb 7 11:54:09 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=DE1FAE009D857D56AC3D5E6A1B15CA1A66170DE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:38:15:f1:42:e3:6d:78:50:38:5c:79:47:ff:
a2:fb:00:27:8f:5f:90:d3:a8:08:1a:30:ab:39:1c:
5b:4f:e0:ea:7a:cb:e0:f5:34:98:3e:60:27:05:28:
41:de:9c:4f:b0:79:7f:b4:63:54:ba:8d:47:de:71:
37:5c:41:96:5e:2a:5c:38:6f:bf:0a:e1:d1:d1:67:
2a:e2:05:6b:5e:cf:65:d9:d8:8b:59:96:c5:95:82:
f2:45:ff:81:6c:5b:ee:c3:30:f1:4e:f2:e3:13:a4:
1b:67:22:5c:e9:fe:02:a3:e0:52:4b:0e:4a:aa:26:
20:a2:29:e8:d9:82:ec:91:bf:38:ef:d0:94:bd:42:
47:5e:c3:fa:3d:30:f5:8f:78:f1:e3:9c:41:18:e4:
34:15:66:a3:d8:93:10:51:46:bb:f5:45:af:30:05:
c8:4a:08:11:6b:ae:eb:1e:b0:f4:03:f3:36:f6:46:
5f:d4:7e:83:1a:f0:12:74:2e:08:5d:af:d9:12:4d:
49:a6:ea:ff:37:9e:a8:cc:42:6b:da:97:2e:69:d0:
27:a7:9c:28:82:aa:05:ca:eb:66:b3:8f:04:71:f3:
5d:4d:78:96:bf:f5:05:b3:b6:49:79:f0:fc:e0:86:
a7:25:85:d4:d3:c4:43:12:80:6b:97:64:39:8d:66:
ca:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1F:AE:00:9D:85:7D:56:AC:3D:5E:6A:1B:15:CA:1A:66:17:0D:E4
X509v3 Authority Key Identifier:
keyid:B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/3h-uAJ2FfVasPV5qGxXKGmYXDeQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.118.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:46:8c:0c:02:fd:ef:8e:1f:50:d2:6d:1f:08:db:fe:ce:bb:
c7:cd:18:3c:1c:d2:f4:55:a5:8e:c1:20:f4:19:21:79:12:1f:
a8:90:ee:07:89:4b:57:ac:e1:50:d6:55:f8:25:03:d9:ee:73:
6c:e5:96:92:0c:13:a6:20:04:1b:ed:15:2a:80:99:e4:03:8c:
65:d4:b3:79:d6:35:1c:ff:2f:c7:0e:9a:1b:24:b2:89:7f:ae:
a5:e2:88:33:8e:16:29:60:a5:cb:d8:04:27:54:c0:6e:59:8a:
56:6c:49:64:ad:d5:6a:60:e7:a7:fc:7e:af:83:b3:61:11:9e:
7f:30:53:d5:66:0c:2f:a5:9e:f9:38:68:1c:6b:69:ed:96:8b:
41:20:2a:90:f7:be:4e:67:de:60:a1:dd:e6:3d:74:eb:75:70:
b3:11:58:a9:34:13:81:f2:7c:ee:c9:07:7a:b9:9d:0e:f0:26:
43:12:0b:ee:a8:1f:20:74:29:b6:52:a9:67:92:e4:9d:6e:8e:
f9:c1:d1:bb:dd:ff:6e:06:70:75:c8:c5:d5:41:8d:41:fe:ec:
5e:88:69:e3:a7:54:77:7c:2a:ab:9e:ec:41:3c:a7:7a:65:44:
d1:71:91:5a:bc:eb:f4:c9:24:fa:e0:cd:a1:17:f3:70:d5:69:
f3:ab:69:3a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRF
QzYxRUQ3RThDNjRGMjEwMzE3RENDN0U4MDhBOUMxOTJEODg0QTAeFw0yMTAyMDcx
MTU0MDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERFMUZBRTAwOUQ4NTdE
NTZBQzNENUU2QTFCMTVDQTFBNjYxNzBERTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5OBXxQuNteFA4XHlH/6L7ACePX5DTqAgaMKs5HFtP4Op6y+D1
NJg+YCcFKEHenE+weX+0Y1S6jUfecTdcQZZeKlw4b78K4dHRZyriBWtez2XZ2ItZ
lsWVgvJF/4FsW+7DMPFO8uMTpBtnIlzp/gKj4FJLDkqqJiCiKejZguyRvzjv0JS9
Qkdew/o9MPWPePHjnEEY5DQVZqPYkxBRRrv1Ra8wBchKCBFrrusesPQD8zb2Rl/U
foMa8BJ0Lghdr9kSTUmm6v83nqjMQmvaly5p0CennCiCqgXK62azjwRx811NeJa/
9QWztkl58PzghqclhdTTxEMSgGuXZDmNZsrXAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU3h+uAJ2FfVasPV5qGxXKGmYXDeQwHwYDVR0jBBgwFoAUtOxh7X6MZPIQMX3M
foCKnBktiEowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL3RP
eGg3WDZNWlBJUU1YM01mb0NLbkJrdGlFby5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
dE94aDdYNk1aUElRTVgzTWZvQ0tuQmt0aUVvLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1RULzNoLXVBSjJGZlZhc1BWNXFHeFhLR21Z
WERlUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATLduAwDQYJ
KoZIhvcNAQELBQADggEBAHpGjAwC/e+OH1DSbR8I2/7Ou8fNGDwc0vRVpY7BIPQZ
IXkSH6iQ7geJS1es4VDWVfglA9nuc2zllpIME6YgBBvtFSqAmeQDjGXUs3nWNRz/
L8cOmhsksol/rqXiiDOOFilgpcvYBCdUwG5ZilZsSWSt1Wpg56f8fq+Ds2ERnn8w
U9VmDC+lnvk4aBxrae2Wi0EgKpD3vk5n3mCh3eY9dOt1cLMRWKk0E4HyfO7JB3q5
nQ7wJkMSC+6oHyB0KbZSqWeS5J1ujvnB0bvd/24GcHXIxdVBjUH+7F6IaeOnVHd8
Kque7EE8p3plRNFxkVq86/TJJPrgzaEX83DVafOraTo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org