Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/6RhO6YF25xUDK2FridRlBUqfZwk.roa
File: 6RhO6YF25xUDK2FridRlBUqfZwk.roa (raw, json)
Hash identifier: /rcZH5Br+rZP5qSxeQU3xJLhE8rdYaD6t1K3qGWolAk=
Subject key identifier: E9:18:4E:E9:81:76:E7:15:03:2B:61:6B:89:D4:65:05:4A:9F:67:09
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0C52
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/6RhO6YF25xUDK2FridRlBUqfZwk.roa
Signing time: Wed 13 Nov 2024 02:18:47 +0000
ROA not before: Wed 13 Nov 2024 02:18:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 103.252.128.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3154 (0xc52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Nov 13 02:18:47 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=E9184EE98176E715032B616B89D465054A9F6709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4f:82:97:21:2b:f3:2d:5b:ab:11:ee:94:95:
a2:65:71:89:a5:4b:e0:99:e0:c0:1c:8b:ce:6f:3b:
f0:ed:95:21:73:e6:8b:4c:0f:d7:9b:c3:d1:51:7d:
42:44:11:6a:ab:16:1d:66:4f:c2:f9:b8:53:24:04:
ed:d7:ae:b5:ab:cf:bd:47:b5:ba:dd:dd:b2:07:f0:
88:6c:b2:54:a7:d9:d8:7f:6a:dd:35:95:e2:01:72:
56:c0:6b:dd:b9:f2:4f:b1:22:05:c6:00:62:a9:75:
27:49:e2:94:23:ab:7c:44:ac:a7:c4:d6:d1:12:78:
6c:80:4a:b0:0d:54:be:b4:03:2d:b3:8f:31:02:67:
d1:7a:13:c4:ef:d0:2b:9f:b6:a9:3a:dc:1d:c0:5c:
d3:43:e0:20:4e:b9:e5:30:50:4e:7c:19:95:39:5d:
35:15:2a:09:54:2f:85:aa:c9:67:a3:4e:a0:ad:e5:
fb:39:b8:92:73:04:82:fa:93:37:a4:3c:b8:42:af:
6d:20:84:e3:c8:0b:d5:50:66:9e:93:ce:7c:70:1e:
c1:1a:34:31:41:35:6a:50:c3:10:c3:fe:0f:c6:d1:
88:13:1a:69:3a:47:d3:07:ae:e7:83:5a:a5:1d:92:
09:bf:ce:3b:e2:b4:5e:21:e5:d7:a5:60:27:9e:1d:
74:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:18:4E:E9:81:76:E7:15:03:2B:61:6B:89:D4:65:05:4A:9F:67:09
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/6RhO6YF25xUDK2FridRlBUqfZwk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.128.0/22
Signature Algorithm: sha256WithRSAEncryption
20:f6:fa:5d:64:5c:87:9c:cd:d0:8c:77:ea:2f:93:21:2b:bb:
60:91:dd:ff:03:d9:fa:9c:db:ab:9a:ec:d2:2a:7f:08:9c:0d:
05:3b:72:fa:30:05:bc:3d:7d:28:5b:e8:54:32:ee:37:49:e1:
dd:37:17:a6:79:8d:c8:86:91:dd:e9:52:8d:56:f7:5e:be:1c:
c9:77:43:86:48:68:84:a6:97:ec:80:01:00:cf:36:29:46:64:
d2:6a:48:72:04:c8:83:c0:2b:77:f2:ff:97:fc:1a:26:e2:55:
ae:77:ad:0e:41:b0:d0:11:44:1a:26:58:9e:b1:14:ac:2f:5f:
f4:cf:04:41:f9:0f:00:70:36:2b:3b:fc:9c:95:15:d8:f2:e9:
1c:dd:8a:37:bc:f4:7e:8f:78:7d:55:e0:72:4f:81:3a:4f:46:
93:98:cd:b3:b1:96:f0:82:2d:49:3c:f4:38:69:9c:4e:45:28:
ac:78:16:6f:82:9a:56:56:64:48:8e:08:1d:f0:06:d1:32:de:
66:a9:a9:3d:fd:5a:db:38:f1:36:ae:b7:de:62:b2:db:f1:9e:
51:cc:91:8c:47:26:d8:27:dd:ab:7d:af:a5:c7:9d:20:3f:b1:
fc:23:99:43:a2:5c:4c:81:3f:b6:ad:37:0d:38:4e:c8:fa:5b:
aa:2d:2b:f8
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDFIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNDExMTMw
MjE4NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEU5MTg0RUU5ODE3NkU3
MTUwMzJCNjE2Qjg5RDQ2NTA1NEE5RjY3MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGT4KXISvzLVurEe6UlaJlcYmlS+CZ4MAci85vO/DtlSFz5otM
D9ebw9FRfUJEEWqrFh1mT8L5uFMkBO3XrrWrz71Htbrd3bIH8IhsslSn2dh/at01
leIBclbAa9258k+xIgXGAGKpdSdJ4pQjq3xErKfE1tESeGyASrANVL60Ay2zjzEC
Z9F6E8Tv0Cuftqk63B3AXNND4CBOueUwUE58GZU5XTUVKglUL4WqyWejTqCt5fs5
uJJzBIL6kzekPLhCr20ghOPIC9VQZp6TznxwHsEaNDFBNWpQwxDD/g/G0YgTGmk6
R9MHrueDWqUdkgm/zjvitF4h5delYCeeHXRLAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU6RhO6YF25xUDK2FridRlBUqfZwkwHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBLzZSaE82WUYyNXhVREsyRnJpZFJsQlVx
Zlp3ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/IAwDQYJ
KoZIhvcNAQELBQADggEBACD2+l1kXIeczdCMd+ovkyEru2CR3f8D2fqc26ua7NIq
fwicDQU7cvowBbw9fShb6FQy7jdJ4d03F6Z5jciGkd3pUo1W916+HMl3Q4ZIaISm
l+yAAQDPNilGZNJqSHIEyIPAK3fy/5f8GibiVa53rQ5BsNARRBomWJ6xFKwvX/TP
BEH5DwBwNis7/JyVFdjy6Rzdije89H6PeH1V4HJPgTpPRpOYzbOxlvCCLUk89Dhp
nE5FKKx4Fm+CmlZWZEiOCB3wBtEy3mapqT39Wts48Taut95istvxnlHMkYxHJtgn
3at9r6XHnSA/sfwjmUOiXEyBP7atNw04Tsj6W6otK/g=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:45 2025 by rpki-client