Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/NS5BuGhOYonmiPJlELu72LZ701Q.roa
File: NS5BuGhOYonmiPJlELu72LZ701Q.roa (raw, json)
Hash identifier: l5aY8kf6kZpzW/uAIw/BHahtGHK6e0ThgXa6cSgAAAA=
Subject key identifier: 35:2E:41:B8:68:4E:62:89:E6:88:F2:65:10:BB:BB:D8:B6:7B:D3:54
Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial: 0378
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/NS5BuGhOYonmiPJlELu72LZ701Q.roa
Signing time: Wed 29 Sep 2021 02:53:58 +0000
ROA not before: Wed 29 Sep 2021 02:53:58 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131657
IP address blocks: 103.153.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 888 (0x378)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
Validity
Not Before: Sep 29 02:53:58 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=352E41B8684E6289E688F26510BBBBD8B67BD354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f2:35:3d:17:dc:b9:70:6f:88:22:94:45:52:
d1:e0:36:e2:54:81:87:2e:04:0f:3a:84:6f:97:25:
8a:16:2c:10:a5:70:a3:7b:69:9a:8f:c9:06:69:65:
4a:7d:53:45:84:96:d5:3e:d2:ff:0e:af:59:2f:a4:
fa:4b:a5:cb:9f:ab:bf:c9:d8:7b:3e:e7:96:ef:63:
b4:2b:c5:ad:77:99:d5:6e:1a:95:bd:6c:f2:66:96:
11:1b:b2:eb:65:93:da:69:05:8e:11:0e:4c:cb:67:
ca:ac:1e:d6:ba:ef:05:8f:bb:7e:8f:8b:c6:03:e3:
29:fd:43:ca:01:c1:80:c6:49:cc:e2:45:d1:b1:c7:
f8:83:23:d2:26:09:14:bd:19:ae:14:23:ee:09:98:
8a:b6:a5:ca:10:f9:55:de:df:1c:eb:5c:c7:dd:db:
ee:04:6f:49:da:45:92:ec:70:f0:e2:9c:b1:67:68:
02:1e:a1:2b:13:56:f9:8f:36:ca:8e:67:e2:cf:7f:
1b:9e:22:ec:10:c8:e8:e4:98:ec:b2:71:b3:97:f0:
8f:0d:a6:49:d2:b0:b2:1e:4a:e9:e2:b6:25:18:b8:
18:d6:92:04:41:ec:07:5d:d1:8c:9c:37:58:a8:bd:
99:48:61:ea:db:74:ed:19:5c:b4:cf:8b:4c:cd:30:
48:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2E:41:B8:68:4E:62:89:E6:88:F2:65:10:BB:BB:D8:B6:7B:D3:54
X509v3 Authority Key Identifier:
keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/NS5BuGhOYonmiPJlELu72LZ701Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.176.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:72:49:15:41:d0:5f:17:21:e9:39:90:9a:d2:cd:5c:f9:41:
7c:cb:33:eb:02:00:22:27:a4:61:1f:09:0b:93:66:42:7b:ce:
2c:b8:3f:30:76:2e:bf:fc:c3:c9:af:bc:dc:02:fe:f9:86:ed:
42:fc:1d:30:bd:d8:a5:23:a7:61:ad:54:20:76:47:92:70:46:
32:b7:e0:ab:82:d9:65:12:28:00:88:38:63:10:73:74:71:6c:
9c:5d:9a:ec:09:ee:a5:a1:ad:94:a9:e2:b9:18:82:28:f0:4f:
dc:38:42:9e:e6:8f:c9:10:2d:21:fb:70:66:17:a0:17:fc:ec:
2d:5b:30:87:00:bc:07:30:61:b0:81:7d:ab:fd:4c:db:ec:2d:
00:0d:c2:45:3e:5a:e4:3c:61:45:8f:d5:fc:ca:71:fa:da:8b:
ca:1e:f1:c4:0c:cd:ef:68:85:e7:39:05:9e:33:10:cb:9f:fb:
d1:64:7c:49:19:bb:f8:1c:05:fd:f9:16:28:a2:9d:7e:a1:29:
d8:b7:0b:04:b3:fa:f2:c7:e3:5b:58:6e:98:a5:b2:69:a5:d1:
e9:91:7f:33:ad:ed:6c:c6:5e:cf:d9:93:67:9b:89:ff:08:f8:
0d:00:b2:1c:f6:8e:f2:e5:2f:84:af:d9:1d:7d:e4:2c:db:c8:
83:c9:5a:05
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA3gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMTA5Mjkw
MjUzNThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM1MkU0MUI4Njg0RTYy
ODlFNjg4RjI2NTEwQkJCQkQ4QjY3QkQzNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi8jU9F9y5cG+IIpRFUtHgNuJUgYcuBA86hG+XJYoWLBClcKN7
aZqPyQZpZUp9U0WEltU+0v8Or1kvpPpLpcufq7/J2Hs+55bvY7Qrxa13mdVuGpW9
bPJmlhEbsutlk9ppBY4RDkzLZ8qsHta67wWPu36Pi8YD4yn9Q8oBwYDGScziRdGx
x/iDI9ImCRS9Ga4UI+4JmIq2pcoQ+VXe3xzrXMfd2+4Eb0naRZLscPDinLFnaAIe
oSsTVvmPNsqOZ+LPfxueIuwQyOjkmOyycbOX8I8NpknSsLIeSunitiUYuBjWkgRB
7Add0YycN1iovZlIYerbdO0ZXLTPi0zNMEgLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNS5BuGhOYonmiPJlELu72LZ701QwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL05TNUJ1R2hPWW9ubWlQSmxF
THU3MkxaNzAxUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
mbAwDQYJKoZIhvcNAQELBQADggEBAE5ySRVB0F8XIek5kJrSzVz5QXzLM+sCACIn
pGEfCQuTZkJ7ziy4PzB2Lr/8w8mvvNwC/vmG7UL8HTC92KUjp2GtVCB2R5JwRjK3
4KuC2WUSKACIOGMQc3RxbJxdmuwJ7qWhrZSp4rkYgijwT9w4Qp7mj8kQLSH7cGYX
oBf87C1bMIcAvAcwYbCBfav9TNvsLQANwkU+WuQ8YUWP1fzKcfrai8oe8cQMze9o
hec5BZ4zEMuf+9FkfEkZu/gcBf35FiiinX6hKdi3CwSz+vLH41tYbpilsmml0emR
fzOt7WzGXs/Zk2ebif8I+A0Ashz2jvLlL4Sv2R195CzbyIPJWgU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:56 2023 by rpki-client on console-ams.rpki-client.org