Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/86oZ9cv4w-OAJtvkZru1fUNj05U.roa
File: 86oZ9cv4w-OAJtvkZru1fUNj05U.roa (raw, json)
Hash identifier: N28Yq4uAYfpHqZ+gvcitr9mmidCy6GbvyJ9NJIATx7s=
Subject key identifier: F3:AA:19:F5:CB:F8:C3:E3:80:26:DB:E4:66:BB:B5:7D:43:63:D3:95
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0770
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/86oZ9cv4w-OAJtvkZru1fUNj05U.roa
Signing time: Tue 29 Sep 2020 09:59:15 +0000
ROA not before: Tue 29 Sep 2020 09:59:15 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 10085
IP address blocks: 114.29.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1904 (0x770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Sep 29 09:59:15 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F3AA19F5CBF8C3E38026DBE466BBB57D4363D395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:66:79:03:ee:d7:3f:9c:bf:2a:88:c5:9a:11:
47:1d:fe:86:c7:0e:54:36:eb:f2:66:c0:29:1e:18:
6a:11:71:e8:bd:ae:09:8d:58:ba:2b:63:d6:04:f7:
96:54:e7:a7:94:64:76:6b:22:8a:03:bd:0e:70:f4:
6b:33:c2:f5:d9:50:3a:a2:a1:d1:3b:7a:8d:69:5a:
6b:dd:c2:4e:82:ea:d9:d8:9d:9c:cc:79:56:87:22:
11:46:90:e9:24:9e:5b:b6:e1:40:e9:54:0c:ae:c0:
a8:72:40:3a:84:29:db:89:3d:f8:0f:b2:60:0b:59:
71:30:7f:d9:20:a0:ea:fd:f2:9d:a8:43:6a:a0:f1:
0a:9a:1a:f9:98:aa:ee:e7:3f:02:5a:ae:16:ef:71:
28:2b:a1:21:0d:6c:98:ce:b1:f9:1d:c0:4b:5a:fe:
9f:19:d6:a8:26:3d:c1:2c:c7:b5:a4:c9:8e:4a:f4:
c9:fb:82:d8:52:73:98:50:8c:78:9e:48:50:74:b3:
f0:87:1f:2f:77:9e:7d:e9:cc:9b:79:54:51:63:73:
ee:e9:11:9f:8d:19:42:24:e5:92:6e:e9:cd:12:c4:
9a:d7:88:8c:51:81:40:45:5d:cd:52:67:2f:54:fd:
91:83:c4:79:f1:01:76:12:ad:73:c2:3d:26:02:2f:
77:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AA:19:F5:CB:F8:C3:E3:80:26:DB:E4:66:BB:B5:7D:43:63:D3:95
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/86oZ9cv4w-OAJtvkZru1fUNj05U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.29.240.0/22
Signature Algorithm: sha256WithRSAEncryption
05:da:3b:6c:13:57:2d:72:fb:fb:32:48:3b:28:b6:26:a7:cb:
05:dc:b4:fc:fc:e1:e5:bf:a0:f9:ae:e3:f8:fa:60:75:38:4b:
60:bf:1c:c7:d6:55:5c:44:f0:bb:a1:07:38:0b:85:93:00:e0:
10:cc:d5:63:b5:2a:57:cd:0e:d9:2d:2f:84:ac:c7:80:98:77:
7d:bb:0b:6f:c3:47:19:0b:ec:f4:c0:38:6a:6e:1b:04:45:99:
7b:f0:db:dd:65:23:a3:84:ae:30:7d:ce:6c:c6:8f:fe:a3:ad:
fd:80:e4:92:0b:65:3f:08:50:40:1b:95:86:cc:e8:f6:35:fe:
d0:fe:52:e3:6b:aa:f4:5f:7e:b6:81:6c:7a:f0:f1:ab:06:05:
ed:88:96:fd:d3:5b:3d:01:ce:40:d8:75:29:ae:2e:ad:d5:20:
e4:40:1c:4d:1c:05:ea:6f:85:e3:08:e2:1f:8c:77:63:27:8d:
69:d4:c4:fb:50:d8:65:07:09:1b:d2:f8:a7:6c:c2:5b:e8:b6:
e2:ac:4d:ec:68:68:26:63:f7:b8:69:73:ad:be:56:91:a5:ab:
74:37:ff:ac:47:11:fa:a5:cb:83:28:38:c3:65:95:7b:5e:71:
0f:55:7d:6f:11:ee:0c:90:bb:31:cf:dd:18:ac:f7:92:41:bd:
44:37:ad:24
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yMDA5Mjkw
OTU5MTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEYzQUExOUY1Q0JGOEMz
RTM4MDI2REJFNDY2QkJCNTdENDM2M0QzOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsZnkD7tc/nL8qiMWaEUcd/obHDlQ26/JmwCkeGGoRcei9rgmN
WLorY9YE95ZU56eUZHZrIooDvQ5w9GszwvXZUDqiodE7eo1pWmvdwk6C6tnYnZzM
eVaHIhFGkOkknlu24UDpVAyuwKhyQDqEKduJPfgPsmALWXEwf9kgoOr98p2oQ2qg
8QqaGvmYqu7nPwJarhbvcSgroSENbJjOsfkdwEta/p8Z1qgmPcEsx7WkyY5K9Mn7
gthSc5hQjHieSFB0s/CHHy93nn3pzJt5VFFjc+7pEZ+NGUIk5ZJu6c0SxJrXiIxR
gUBFXc1SZy9U/ZGDxHnxAXYSrXPCPSYCL3ebAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU86oZ9cv4w+OAJtvkZru1fUNj05UwHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBLzg2b1o5Y3Y0dy1PQUp0dmtacnUxZlVO
ajA1VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ
KoZIhvcNAQELBQADggEBAAXaO2wTVy1y+/sySDsotianywXctPz84eW/oPmu4/j6
YHU4S2C/HMfWVVxE8LuhBzgLhZMA4BDM1WO1KlfNDtktL4Ssx4CYd327C2/DRxkL
7PTAOGpuGwRFmXvw291lI6OErjB9zmzGj/6jrf2A5JILZT8IUEAblYbM6PY1/tD+
UuNrqvRffraBbHrw8asGBe2Ilv3TWz0BzkDYdSmuLq3VIORAHE0cBepvheMI4h+M
d2MnjWnUxPtQ2GUHCRvS+KdswlvotuKsTexoaCZj97hpc62+VpGlq3Q3/6xHEfql
y4MoOMNllXtecQ9VfW8R7gyQuzHP3Ris95JBvUQ3rSQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org