Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/9APe5-DoSkzQk3fpzXJJ9LnOleY.roa
File: 9APe5-DoSkzQk3fpzXJJ9LnOleY.roa (raw, json)
Hash identifier: 3tqJDanjQmdp7yx0DNbu4XjIa1iBL/ZD2ALTf815Oj0=
Subject key identifier: F4:03:DE:E7:E0:E8:4A:4C:D0:93:77:E9:CD:72:49:F4:B9:CE:95:E6
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 02D5
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/9APe5-DoSkzQk3fpzXJJ9LnOleY.roa
Signing time: Sun 07 Feb 2021 13:03:54 +0000
ROA not before: Sun 07 Feb 2021 13:03:54 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9678
IP address blocks: 103.98.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 725 (0x2d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Feb 7 13:03:54 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F403DEE7E0E84A4CD09377E9CD7249F4B9CE95E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:dc:72:eb:3e:55:59:db:38:99:8a:9c:3b:70:
57:01:ae:44:f4:f8:86:88:f6:7e:16:f5:43:5a:14:
d5:ef:b4:4c:bc:a9:4d:ae:7b:ef:78:57:92:0f:6d:
72:a8:ea:f1:5d:9d:e4:05:5e:bf:cd:c5:44:76:3d:
0a:dc:7d:28:45:ed:70:c0:43:9b:75:d8:86:dc:05:
8b:61:f0:ea:20:a2:79:11:03:f1:2c:65:5f:25:57:
e0:86:84:31:2e:6e:2d:8f:b8:79:36:3c:1d:a5:dc:
a4:a5:66:62:dc:44:d6:ad:87:2d:3a:8e:f7:7f:23:
9c:5e:71:58:3a:83:f9:b5:88:65:e0:e9:11:6d:65:
e2:ba:ae:01:c9:a1:06:29:b6:0a:27:f7:7a:a8:ed:
07:9f:03:43:34:f9:a3:43:90:76:68:39:68:13:8c:
84:b8:f1:e4:5f:aa:18:04:75:b1:95:10:73:1f:3d:
f9:d1:e7:e4:ac:18:00:ef:93:b1:a7:d8:28:c2:db:
41:b4:de:ee:4c:6a:d1:2a:a4:32:3f:f1:0e:17:1c:
62:e3:57:d0:9e:d8:8f:3b:39:f6:d5:7b:49:46:63:
c7:17:7d:2e:4b:af:96:4f:2c:67:89:65:88:f5:eb:
67:ca:af:40:bf:7e:27:bc:1b:3a:be:b6:78:e9:8b:
00:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:03:DE:E7:E0:E8:4A:4C:D0:93:77:E9:CD:72:49:F4:B9:CE:95:E6
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/9APe5-DoSkzQk3fpzXJJ9LnOleY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.98.73.0/24
Signature Algorithm: sha256WithRSAEncryption
74:5a:aa:7a:21:e3:3d:ae:92:65:6a:db:6d:de:b6:fa:ce:e3:
42:72:24:45:d8:97:55:85:bf:f5:f2:81:ec:ee:8d:59:5d:fd:
ee:df:1b:f3:65:6e:33:dd:39:52:03:b6:f1:ae:67:61:2c:49:
e2:b0:17:59:ee:2b:fc:77:77:5f:60:97:3e:1e:c3:e5:69:db:
b8:95:b6:cc:ef:22:58:78:e3:de:49:5f:75:b3:59:47:c1:35:
08:a8:3b:95:1a:a4:9e:fa:2b:ec:b3:1d:fa:95:64:ca:2d:59:
8a:55:0d:94:67:c5:6a:50:70:e0:e4:d5:f8:cd:51:ab:32:9f:
f0:41:87:ce:12:c7:16:cf:4c:ee:78:28:12:ac:e0:23:07:fe:
62:55:2b:b4:e0:8c:28:c6:de:be:d5:96:4c:51:32:20:dd:8b:
c2:09:28:fd:42:9c:0d:10:51:f9:be:ea:75:46:d2:44:bc:af:
9c:38:86:9c:3c:d6:d1:5c:ee:50:a9:3b:b7:22:a8:5a:b5:75:
d7:1a:22:f5:42:b5:04:59:ca:35:9a:27:15:6d:93:07:2f:6f:
22:af:a7:78:be:a3:ae:ff:ac:4d:0c:8c:88:2f:d1:30:04:d6:
b8:92:c7:59:c0:47:a4:ca:fb:15:02:03:b9:eb:80:36:e2:44:
23:58:3e:b1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAtUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yMTAyMDcx
MzAzNTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY0MDNERUU3RTBFODRB
NENEMDkzNzdFOUNENzI0OUY0QjlDRTk1RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN3HLrPlVZ2ziZipw7cFcBrkT0+IaI9n4W9UNaFNXvtEy8qU2u
e+94V5IPbXKo6vFdneQFXr/NxUR2PQrcfShF7XDAQ5t12IbcBYth8OogonkRA/Es
ZV8lV+CGhDEubi2PuHk2PB2l3KSlZmLcRNathy06jvd/I5xecVg6g/m1iGXg6RFt
ZeK6rgHJoQYptgon93qo7QefA0M0+aNDkHZoOWgTjIS48eRfqhgEdbGVEHMfPfnR
5+SsGADvk7Gn2CjC20G03u5MatEqpDI/8Q4XHGLjV9Ce2I87OfbVe0lGY8cXfS5L
r5ZPLGeJZYj162fKr0C/fie8Gzq+tnjpiwCrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9APe5+DoSkzQk3fpzXJJ9LnOleYwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOLzlBUGU1LURvU2t6UWszZnB6
WEpKOUxuT2xlWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
YkkwDQYJKoZIhvcNAQELBQADggEBAHRaqnoh4z2ukmVq223etvrO40JyJEXYl1WF
v/XygezujVld/e7fG/NlbjPdOVIDtvGuZ2EsSeKwF1nuK/x3d19glz4ew+Vp27iV
tszvIlh4495JX3WzWUfBNQioO5UapJ76K+yzHfqVZMotWYpVDZRnxWpQcODk1fjN
Uasyn/BBh84SxxbPTO54KBKs4CMH/mJVK7TgjCjG3r7VlkxRMiDdi8IJKP1CnA0Q
Ufm+6nVG0kS8r5w4hpw81tFc7lCpO7ciqFq1ddcaIvVCtQRZyjWaJxVtkwcvbyKv
p3i+o67/rE0MjIgv0TAE1riSx1nAR6TK+xUCA7nrgDbiRCNYPrE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org