Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OtU_tC-4u0AAmEBUSuGLjcvX_LU.roa
File: OtU_tC-4u0AAmEBUSuGLjcvX_LU.roa (raw, json)
Hash identifier: UKnBp33VzcGZP+OTzKH/197yegnIzBVNgyQ4wRGh7AA=
Subject key identifier: 3A:D5:3F:B4:2F:B8:BB:40:00:98:40:54:4A:E1:8B:8D:CB:D7:FC:B5
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0971
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OtU_tC-4u0AAmEBUSuGLjcvX_LU.roa
Signing time: Wed 29 Sep 2021 02:50:29 +0000
ROA not before: Wed 29 Sep 2021 02:50:29 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 134823
IP address blocks: 103.122.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2417 (0x971)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 02:50:29 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=3AD53FB42FB8BB40009840544AE18B8DCBD7FCB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7a:57:83:c9:ce:cc:67:bf:57:07:28:4b:47:
a3:18:62:63:a0:e1:29:35:08:c8:39:c9:12:9c:db:
54:cb:f9:13:01:70:fe:cd:9c:86:04:60:57:db:ce:
24:ff:ee:65:c1:0d:db:52:7c:0e:9e:a7:ff:55:69:
1d:71:18:f5:89:ca:72:f3:7a:82:f3:7b:9c:80:5f:
4f:14:1d:31:ba:e9:de:ec:cd:22:80:02:08:3a:3b:
6b:84:d4:d3:a7:d8:1c:ad:4b:9f:64:e0:61:12:37:
1c:8f:98:ac:80:4f:42:fb:8a:ce:93:af:19:3a:26:
14:e9:39:57:43:3d:d5:01:57:a1:7d:d5:b5:68:54:
a1:a6:e7:06:e3:34:ef:f5:ca:2b:1b:92:21:c5:a1:
96:c6:02:45:b5:58:c1:4a:48:0f:6a:8f:eb:da:b9:
fe:9c:a0:71:01:34:da:f2:1b:ec:b3:50:05:3b:fb:
a5:27:7a:51:59:31:9b:f7:e1:65:99:34:3f:85:82:
ac:e8:65:8d:1e:f9:06:5b:21:9f:d8:39:4c:8a:d0:
0e:0f:13:49:29:77:e2:8f:97:c6:ed:b7:30:15:f7:
04:aa:65:f4:db:62:8c:c3:25:f3:b3:c7:b6:fe:4d:
90:b4:40:25:f7:c1:d4:d7:f5:c6:10:79:1a:75:21:
7c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D5:3F:B4:2F:B8:BB:40:00:98:40:54:4A:E1:8B:8D:CB:D7:FC:B5
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OtU_tC-4u0AAmEBUSuGLjcvX_LU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:06:f2:6a:f1:3c:f5:c8:03:4b:bb:41:22:1a:48:5a:93:b3:
f5:62:a0:68:17:44:db:29:05:91:7c:e6:92:4c:df:39:93:23:
4b:9e:39:4a:d5:c3:75:bf:b1:58:76:74:fd:14:42:4a:a2:77:
96:70:f4:7e:66:c1:c5:a3:08:5d:f0:fc:5d:d4:8a:fa:72:d3:
a7:75:ac:01:1d:89:c0:2c:69:17:00:11:2c:5a:3d:34:2b:24:
8f:9e:98:1d:e5:07:a9:34:d3:f3:c6:55:2f:6c:2c:24:ec:51:
63:0f:24:60:3d:95:f3:82:dd:4c:01:4f:3f:f9:d3:e5:0f:c6:
a6:e4:12:65:d6:f3:80:fb:ef:1a:03:75:72:56:68:b5:30:ae:
14:9b:18:1b:ce:6a:f2:98:ba:ff:3c:3a:70:2e:eb:4d:7a:b6:
86:ea:32:d8:b0:e2:22:2a:94:d2:c2:ba:ac:2b:03:09:00:46:
d1:ea:b9:ac:2c:33:f9:c1:0e:8b:8d:fd:05:69:df:56:a4:d7:
00:1a:74:6a:22:68:3a:80:34:4f:c0:19:bb:27:e6:a1:6f:4a:
74:1a:c6:f4:43:59:d7:17:85:65:ba:0b:b1:56:80:94:ae:52:
d8:6e:e0:0a:9f:61:2d:18:38:41:0a:47:46:39:d3:e6:a8:82:
47:7a:2d:1b
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTA5Mjkw
MjUwMjlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDNBRDUzRkI0MkZCOEJC
NDAwMDk4NDA1NDRBRTE4QjhEQ0JEN0ZDQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMeleDyc7MZ79XByhLR6MYYmOg4Sk1CMg5yRKc21TL+RMBcP7N
nIYEYFfbziT/7mXBDdtSfA6ep/9VaR1xGPWJynLzeoLze5yAX08UHTG66d7szSKA
Agg6O2uE1NOn2BytS59k4GESNxyPmKyAT0L7is6Trxk6JhTpOVdDPdUBV6F91bVo
VKGm5wbjNO/1yisbkiHFoZbGAkW1WMFKSA9qj+vauf6coHEBNNryG+yzUAU7+6Un
elFZMZv34WWZND+FgqzoZY0e+QZbIZ/YOUyK0A4PE0kpd+KPl8bttzAV9wSqZfTb
YozDJfOzx7b+TZC0QCX3wdTX9cYQeRp1IXxrAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUOtU/tC+4u0AAmEBUSuGLjcvX/LUwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9PdFVfdEMtNHUwQUFt
RUJVU3VHTGpjdlhfTFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQCKBvJq8Tz1yANLu0EiGkhak7P1YqBo
F0TbKQWRfOaSTN85kyNLnjlK1cN1v7FYdnT9FEJKoneWcPR+ZsHFowhd8Pxd1Ir6
ctOndawBHYnALGkXABEsWj00KySPnpgd5QepNNPzxlUvbCwk7FFjDyRgPZXzgt1M
AU8/+dPlD8am5BJl1vOA++8aA3VyVmi1MK4UmxgbzmrymLr/PDpwLutNeraG6jLY
sOIiKpTSwrqsKwMJAEbR6rmsLDP5wQ6Ljf0Fad9WpNcAGnRqImg6gDRPwBm7J+ah
b0p0Gsb0Q1nXF4VluguxVoCUrlLYbuAKn2EtGDhBCkdGOdPmqIJHei0b
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:54 2023 by rpki-client on console-ams.rpki-client.org