Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GTT/Y9Z-uwTYDufu5opaEmSr3PZN_lE.roa
File: Y9Z-uwTYDufu5opaEmSr3PZN_lE.roa (raw, json)
Hash identifier: ZtrQ2n6vhxzZBQ+qAA0Sx3CrMglejR1fKAFrEwB1jYY=
Subject key identifier: 63:D6:7E:BB:04:D8:0E:E7:EE:E6:8A:5A:12:64:AB:DC:F6:4D:FE:51
Certificate issuer: /CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Certificate serial: 08A9
Authority key identifier: B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/Y9Z-uwTYDufu5opaEmSr3PZN_lE.roa
Signing time: Sun 07 Feb 2021 11:53:00 +0000
ROA not before: Sun 07 Feb 2021 11:53:00 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9416
IP address blocks: 203.118.224.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2217 (0x8a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Validity
Not Before: Feb 7 11:53:00 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=63D67EBB04D80EE7EEE68A5A1264ABDCF64DFE51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8d:c6:0c:63:ef:a3:dd:3c:52:46:4e:53:c9:
85:1d:c1:db:66:38:d5:ad:fd:7b:33:c1:e0:b5:2c:
e6:a4:06:37:90:d6:b7:41:23:88:93:f1:e3:36:fb:
86:fe:e6:8d:83:1a:b0:c8:80:a2:53:cb:91:7f:96:
43:63:ef:29:69:42:70:db:57:86:5e:fc:15:01:62:
a9:57:93:ce:b2:f0:dc:5c:9b:2b:5b:6c:23:19:59:
88:46:b9:81:c1:13:eb:f0:9a:90:0e:fb:58:6f:13:
aa:04:7c:e8:bc:dd:c9:b1:58:f9:f4:62:5e:98:36:
b3:52:01:16:15:72:ba:4e:be:e8:85:c0:4d:18:29:
ca:e9:28:d2:55:9d:ca:07:65:6b:29:08:f6:2d:a0:
19:01:93:c5:33:12:89:9e:85:d4:e7:4a:13:e5:a6:
ee:3c:64:ab:5b:ba:5c:11:5e:04:a7:a4:4f:3c:46:
5a:ba:24:66:b3:46:1e:6d:57:94:d5:11:bf:b2:f9:
a8:5d:86:f1:54:2a:80:26:0a:d1:71:11:dc:c2:aa:
27:a4:99:f9:e4:71:c6:5a:c9:48:57:9e:98:13:6a:
9c:7e:95:4c:6b:df:76:db:a0:21:5c:07:91:be:ff:
6e:3a:eb:1f:b0:48:53:85:91:7d:8b:39:c6:8d:7e:
ca:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D6:7E:BB:04:D8:0E:E7:EE:E6:8A:5A:12:64:AB:DC:F6:4D:FE:51
X509v3 Authority Key Identifier:
keyid:B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/Y9Z-uwTYDufu5opaEmSr3PZN_lE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.118.224.0/20
Signature Algorithm: sha256WithRSAEncryption
02:d8:33:d9:46:01:06:72:a0:d9:80:46:7e:68:e1:16:52:8d:
8c:08:53:51:01:d0:ce:e7:79:3e:00:c6:63:a0:35:92:20:1f:
60:4b:e6:2a:6b:2b:90:c4:c1:37:2e:95:d3:d9:13:9d:78:83:
64:b5:5c:2b:db:ec:ee:d8:95:30:be:32:b8:75:e2:65:60:d8:
2c:ef:9b:53:58:b4:50:92:1e:28:71:19:42:4f:e9:cf:12:77:
88:41:fb:4d:6f:62:8d:bc:84:61:1d:32:0e:be:2e:b3:f7:73:
94:ff:09:d4:91:63:a4:d7:dd:bf:a2:1c:ec:c3:6c:9d:8d:99:
b9:bc:38:3f:06:ff:29:3a:3e:d1:30:6b:d0:64:bd:ff:5e:78:
8f:f2:42:e7:cb:59:cb:14:a8:12:37:2a:28:5d:72:d2:11:33:
37:fd:98:16:6a:48:9b:68:89:8f:6f:8e:1f:7b:3d:c9:68:7e:
71:9d:ba:4c:56:bf:07:28:dd:5e:d7:15:97:2b:bb:bb:e1:d1:
c4:43:57:51:b6:33:3f:0b:db:e1:ae:51:cf:a3:c9:80:d4:79:
8d:c9:06:30:68:06:7d:9a:19:16:63:9a:a8:19:f9:70:06:4d:
75:9a:44:ab:60:c0:ec:fa:76:a4:98:3e:bf:94:7b:6b:71:41:
ce:fa:75:77
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRF
QzYxRUQ3RThDNjRGMjEwMzE3RENDN0U4MDhBOUMxOTJEODg0QTAeFw0yMTAyMDcx
MTUzMDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDYzRDY3RUJCMDREODBF
RTdFRUU2OEE1QTEyNjRBQkRDRjY0REZFNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdjcYMY++j3TxSRk5TyYUdwdtmONWt/XszweC1LOakBjeQ1rdB
I4iT8eM2+4b+5o2DGrDIgKJTy5F/lkNj7ylpQnDbV4Ze/BUBYqlXk86y8Nxcmytb
bCMZWYhGuYHBE+vwmpAO+1hvE6oEfOi83cmxWPn0Yl6YNrNSARYVcrpOvuiFwE0Y
KcrpKNJVncoHZWspCPYtoBkBk8UzEomehdTnShPlpu48ZKtbulwRXgSnpE88Rlq6
JGazRh5tV5TVEb+y+ahdhvFUKoAmCtFxEdzCqiekmfnkccZayUhXnpgTapx+lUxr
33bboCFcB5G+/2466x+wSFOFkX2LOcaNfspfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUY9Z+uwTYDufu5opaEmSr3PZN/lEwHwYDVR0jBBgwFoAUtOxh7X6MZPIQMX3M
foCKnBktiEowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL3RP
eGg3WDZNWlBJUU1YM01mb0NLbkJrdGlFby5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
dE94aDdYNk1aUElRTVgzTWZvQ0tuQmt0aUVvLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL1k5Wi11d1RZRHVmdTVvcGFFbVNyM1Ba
Tl9sRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATLduAwDQYJ
KoZIhvcNAQELBQADggEBAALYM9lGAQZyoNmARn5o4RZSjYwIU1EB0M7neT4AxmOg
NZIgH2BL5iprK5DEwTculdPZE514g2S1XCvb7O7YlTC+Mrh14mVg2Czvm1NYtFCS
HihxGUJP6c8Sd4hB+01vYo28hGEdMg6+LrP3c5T/CdSRY6TX3b+iHOzDbJ2Nmbm8
OD8G/yk6PtEwa9Bkvf9eeI/yQufLWcsUqBI3KihdctIRMzf9mBZqSJtoiY9vjh97
PclofnGdukxWvwco3V7XFZcru7vh0cRDV1G2Mz8L2+GuUc+jyYDUeY3JBjBoBn2a
GRZjmqgZ+XAGTXWaRKtgwOz6dqSYPr+Ue2txQc76dXc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org