Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GTT/lhXc2OVp4MDWfeDZxhdS0Gn9jV0.roa
File: lhXc2OVp4MDWfeDZxhdS0Gn9jV0.roa (raw, json)
Hash identifier: CTzaK6pmfutVPmAjay7SR5vBQ/VmYYtT2nwCHeqDZjk=
Subject key identifier: 96:15:DC:D8:E5:69:E0:C0:D6:7D:E0:D9:C6:17:52:D0:69:FD:8D:5D
Certificate issuer: /CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Certificate serial: 0A34
Authority key identifier: B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/lhXc2OVp4MDWfeDZxhdS0Gn9jV0.roa
Signing time: Thu 15 Sep 2022 02:50:55 +0000
ROA not before: Thu 15 Sep 2022 02:50:55 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18042
IP address blocks: 203.118.224.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2612 (0xa34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Validity
Not Before: Sep 15 02:50:55 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9615DCD8E569E0C0D67DE0D9C61752D069FD8D5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f5:a5:4f:76:73:60:52:67:aa:ba:5b:ac:5d:
c4:20:be:27:88:6e:fd:2d:ab:46:e4:37:3e:d8:42:
6a:ad:73:89:ac:f6:2e:13:9b:76:3e:5a:7c:25:bb:
f8:f1:13:d3:35:b6:50:2d:b6:a4:b2:43:89:70:42:
3f:de:81:0b:00:48:a8:b9:85:b0:37:c9:7d:52:7b:
7e:20:3d:85:cd:7a:d8:16:41:91:68:b4:6f:ce:f6:
0f:47:47:de:a0:a8:ff:d6:1c:bc:1e:05:35:cb:6f:
87:05:b5:dc:45:fb:b2:5a:99:7c:f9:c2:3f:b3:f2:
09:90:9e:20:13:31:20:77:c3:90:2a:e9:c3:85:36:
9f:11:a4:c0:29:c5:c2:d7:63:f3:ef:21:b4:de:58:
47:7a:4e:97:57:8f:af:1b:46:aa:bb:9e:8c:33:fb:
e5:1c:00:23:c5:30:43:a2:40:aa:fd:18:5f:79:fb:
7a:b8:3a:fe:ba:7f:62:bb:a1:0a:e4:ff:93:e8:d4:
11:01:91:47:d7:b3:e5:bf:95:ec:9b:e1:df:d8:fe:
c8:cf:12:db:96:b0:e0:01:20:6b:66:0f:87:65:88:
cf:40:22:39:5d:e9:2a:c5:7b:bb:f9:87:5a:6d:4d:
da:47:41:dd:fe:0b:6d:69:42:48:83:bd:7b:6e:b5:
61:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:15:DC:D8:E5:69:E0:C0:D6:7D:E0:D9:C6:17:52:D0:69:FD:8D:5D
X509v3 Authority Key Identifier:
keyid:B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/lhXc2OVp4MDWfeDZxhdS0Gn9jV0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.118.224.0/20
Signature Algorithm: sha256WithRSAEncryption
61:db:f7:16:6e:11:1d:71:7d:a5:17:11:78:f1:c4:a4:a5:11:
60:54:9f:2a:bd:a3:22:74:a4:a7:d9:58:bc:03:ab:6e:d8:47:
75:70:69:88:cb:2e:2c:8d:bc:80:ee:70:e0:c3:e8:07:8e:65:
8d:73:c2:5c:59:a4:8f:e6:ca:50:f3:04:e8:f5:2f:bc:d6:e7:
88:1c:ae:d0:98:74:60:03:15:9b:e3:ca:c7:98:91:5e:cd:37:
0d:8e:aa:4f:f2:9b:32:7e:8b:ab:d5:8b:65:8a:ef:0f:52:8b:
ed:fc:84:f7:ce:78:78:9d:dc:cf:a3:d5:bf:44:99:83:d2:e6:
44:21:77:5b:27:6e:00:61:86:d9:8d:5c:df:b8:a1:8c:47:31:
7c:b0:9e:50:dc:36:85:d3:45:ee:dc:52:b0:a2:ca:18:17:9d:
22:e9:a4:6c:5b:15:04:ea:21:53:a3:57:3d:1d:b7:81:a4:7a:
e3:c8:7f:a4:2e:32:e2:79:d5:81:09:8f:03:ba:91:1f:69:4c:
aa:21:2d:d5:f8:91:32:92:ae:ec:ea:ac:37:fd:bf:4d:ed:ee:
7a:01:8b:0c:59:96:23:84:38:98:c2:59:8e:b9:2f:56:72:d3:
aa:62:b3:eb:9b:30:a3:34:96:cf:0d:bd:4b:ba:0e:fa:55:bb:
9b:d3:1e:67
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCjQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRF
QzYxRUQ3RThDNjRGMjEwMzE3RENDN0U4MDhBOUMxOTJEODg0QTAeFw0yMjA5MTUw
MjUwNTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk2MTVEQ0Q4RTU2OUUw
QzBENjdERTBEOUM2MTc1MkQwNjlGRDhENUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz9aVPdnNgUmequlusXcQgvieIbv0tq0bkNz7YQmqtc4ms9i4T
m3Y+Wnwlu/jxE9M1tlAttqSyQ4lwQj/egQsASKi5hbA3yX1Se34gPYXNetgWQZFo
tG/O9g9HR96gqP/WHLweBTXLb4cFtdxF+7JamXz5wj+z8gmQniATMSB3w5Aq6cOF
Np8RpMApxcLXY/PvIbTeWEd6TpdXj68bRqq7nowz++UcACPFMEOiQKr9GF95+3q4
Ov66f2K7oQrk/5Po1BEBkUfXs+W/leyb4d/Y/sjPEtuWsOABIGtmD4dliM9AIjld
6SrFe7v5h1ptTdpHQd3+C21pQkiDvXtutWFZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUlhXc2OVp4MDWfeDZxhdS0Gn9jV0wHwYDVR0jBBgwFoAUtOxh7X6MZPIQMX3M
foCKnBktiEowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL3RP
eGg3WDZNWlBJUU1YM01mb0NLbkJrdGlFby5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
dE94aDdYNk1aUElRTVgzTWZvQ0tuQmt0aUVvLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL2xoWGMyT1ZwNE1EV2ZlRFp4aGRTMEdu
OWpWMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATLduAwDQYJ
KoZIhvcNAQELBQADggEBAGHb9xZuER1xfaUXEXjxxKSlEWBUnyq9oyJ0pKfZWLwD
q27YR3VwaYjLLiyNvIDucODD6AeOZY1zwlxZpI/mylDzBOj1L7zW54gcrtCYdGAD
FZvjyseYkV7NNw2Oqk/ymzJ+i6vVi2WK7w9Si+38hPfOeHid3M+j1b9EmYPS5kQh
d1snbgBhhtmNXN+4oYxHMXywnlDcNoXTRe7cUrCiyhgXnSLppGxbFQTqIVOjVz0d
t4GkeuPIf6QuMuJ51YEJjwO6kR9pTKohLdX4kTKSruzqrDf9v03t7noBiwxZliOE
OJjCWY65L1Zy06pis+ubMKM0ls8NvUu6DvpVu5vTHmc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org