Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GTT/RFOJbcp5jzGl4LOXe_jwbVH3Wnc.roa
File: RFOJbcp5jzGl4LOXe_jwbVH3Wnc.roa (raw, json)
Hash identifier: QQOdXKvp29UJENnnIjJWD8nn1NQH2h4gn7RcJMovqIA=
Subject key identifier: 44:53:89:6D:CA:79:8F:31:A5:E0:B3:97:7B:F8:F0:6D:51:F7:5A:77
Certificate issuer: /CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Certificate serial: 0949
Authority key identifier: B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/RFOJbcp5jzGl4LOXe_jwbVH3Wnc.roa
Signing time: Wed 29 Sep 2021 02:53:13 +0000
ROA not before: Wed 29 Sep 2021 02:53:13 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18042
IP address blocks: 203.118.224.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2377 (0x949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Validity
Not Before: Sep 29 02:53:13 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4453896DCA798F31A5E0B3977BF8F06D51F75A77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2c:07:d0:55:6d:b7:99:fc:76:6e:51:d3:9c:
8f:53:d8:13:e1:d8:f3:7c:88:91:3a:e0:b1:e1:6f:
84:f9:54:57:53:c8:85:83:53:57:04:33:f0:df:61:
87:5d:41:ab:dc:22:76:8a:01:55:2c:0d:c1:eb:69:
de:2b:b6:36:ae:3e:5a:28:ef:14:52:d6:47:83:9e:
a5:29:a3:f9:2a:d2:a3:aa:c9:e0:9f:9b:c4:45:3b:
65:e5:5a:3a:64:0a:52:ab:89:52:f5:8b:67:7a:2b:
67:9d:8d:eb:3b:71:57:74:5f:00:9f:11:8d:60:20:
4c:a2:1d:ce:e9:29:c6:2f:67:5f:11:3a:f4:ca:db:
6d:5b:da:44:a4:0e:ed:a0:11:e9:3c:59:9a:a1:a6:
65:ec:2e:7c:4f:2f:21:22:85:ab:d3:b0:8f:3d:8a:
63:08:d6:8d:44:23:84:d1:6a:a4:ab:a1:89:01:15:
ae:57:d7:30:23:f6:22:d1:80:dc:fe:5a:29:8a:83:
f9:ea:b1:3e:29:6d:35:e8:b3:27:89:ba:2d:02:86:
7d:45:db:1e:29:21:79:c6:32:a9:c6:7d:82:0c:38:
fc:40:bc:20:49:17:b7:b1:b8:b7:3f:eb:5e:62:b8:
5a:1a:6c:dc:ba:38:d0:cb:55:b3:ca:70:4f:02:54:
fd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:53:89:6D:CA:79:8F:31:A5:E0:B3:97:7B:F8:F0:6D:51:F7:5A:77
X509v3 Authority Key Identifier:
keyid:B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/RFOJbcp5jzGl4LOXe_jwbVH3Wnc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.118.224.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:ec:16:3a:82:70:fa:49:b7:84:90:0a:3b:33:bc:69:0f:05:
c0:de:3d:74:5e:1c:5e:2a:3a:b4:5c:6a:66:c4:59:7e:87:d1:
6a:4a:db:6f:03:0d:2a:6c:19:78:7e:96:d3:12:f1:ed:d8:36:
d0:43:9a:da:5e:97:9d:bc:09:c8:f2:43:67:2b:26:d9:2f:01:
7d:89:4c:c6:20:d0:d9:06:c1:91:fc:e6:40:23:9a:6f:24:2d:
e2:5b:03:01:63:70:00:cc:5b:f4:6d:cf:9b:36:69:36:0c:a4:
c5:0f:96:fb:61:ad:fd:d8:a9:09:c9:67:23:61:01:f4:00:38:
b7:93:6b:2c:b3:74:91:a5:6b:d9:2c:67:92:25:3a:58:d5:99:
47:13:47:48:15:62:b4:36:2f:47:16:fb:66:ee:38:8f:8d:53:
4a:e7:9f:ec:15:c9:be:77:48:bd:5d:a3:01:c6:dd:a5:43:bc:
ca:38:04:51:6e:89:20:7b:b3:55:50:27:89:9b:ac:39:f0:3a:
77:a5:41:05:85:0e:75:cd:0d:a1:09:70:a7:35:05:c1:17:48:
da:bf:22:a6:06:4f:ad:5b:cc:3f:bb:ac:3a:0e:f5:9c:56:85:
61:18:3c:24:50:51:0c:04:17:45:d2:eb:92:7b:3b:3c:cf:1d:
57:16:2b:a1
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCUkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRF
QzYxRUQ3RThDNjRGMjEwMzE3RENDN0U4MDhBOUMxOTJEODg0QTAeFw0yMTA5Mjkw
MjUzMTNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQ0NTM4OTZEQ0E3OThG
MzFBNUUwQjM5NzdCRjhGMDZENTFGNzVBNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWLAfQVW23mfx2blHTnI9T2BPh2PN8iJE64LHhb4T5VFdTyIWD
U1cEM/DfYYddQavcInaKAVUsDcHrad4rtjauPloo7xRS1keDnqUpo/kq0qOqyeCf
m8RFO2XlWjpkClKriVL1i2d6K2edjes7cVd0XwCfEY1gIEyiHc7pKcYvZ18ROvTK
221b2kSkDu2gEek8WZqhpmXsLnxPLyEihavTsI89imMI1o1EI4TRaqSroYkBFa5X
1zAj9iLRgNz+WimKg/nqsT4pbTXosyeJui0Chn1F2x4pIXnGMqnGfYIMOPxAvCBJ
F7exuLc/615iuFoabNy6ONDLVbPKcE8CVP3bAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQURFOJbcp5jzGl4LOXe/jwbVH3WncwHwYDVR0jBBgwFoAUtOxh7X6MZPIQMX3M
foCKnBktiEowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL3RP
eGg3WDZNWlBJUU1YM01mb0NLbkJrdGlFby5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
dE94aDdYNk1aUElRTVgzTWZvQ0tuQmt0aUVvLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL1JGT0piY3A1anpHbDRMT1hlX2p3YlZI
M1duYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATLduAwDQYJ
KoZIhvcNAQELBQADggEBAIrsFjqCcPpJt4SQCjszvGkPBcDePXReHF4qOrRcambE
WX6H0WpK228DDSpsGXh+ltMS8e3YNtBDmtpel528CcjyQ2crJtkvAX2JTMYg0NkG
wZH85kAjmm8kLeJbAwFjcADMW/Rtz5s2aTYMpMUPlvthrf3YqQnJZyNhAfQAOLeT
ayyzdJGla9ksZ5IlOljVmUcTR0gVYrQ2L0cW+2buOI+NU0rnn+wVyb53SL1dowHG
3aVDvMo4BFFuiSB7s1VQJ4mbrDnwOnelQQWFDnXNDaEJcKc1BcEXSNq/IqYGT61b
zD+7rDoO9ZxWhWEYPCRQUQwEF0XS65J7OzzPHVcWK6E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org