Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IDT/QOkUXgmGsFGeDIFmSxGvr1Fx1Q8.roa
File: QOkUXgmGsFGeDIFmSxGvr1Fx1Q8.roa (raw, json)
Hash identifier: JKiF9xqTCYCo108viiee4FxIV8WKj3yT4G0yhDURnRQ=
Subject key identifier: 40:E9:14:5E:09:86:B0:51:9E:0C:81:66:4B:11:AF:AF:51:71:D5:0F
Certificate issuer: /CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493
Certificate serial: 011F
Authority key identifier: 4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/QOkUXgmGsFGeDIFmSxGvr1Fx1Q8.roa
Signing time: Sun 07 Feb 2021 13:04:30 +0000
ROA not before: Sun 07 Feb 2021 13:04:30 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 138997
IP address blocks: 103.152.220.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493
Validity
Not Before: Feb 7 13:04:30 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=40E9145E0986B0519E0C81664B11AFAF5171D50F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:be:1a:65:ec:ec:02:81:cb:77:b8:74:b7:73:
fa:2d:80:18:a3:be:c2:ff:d9:a9:a8:19:9f:d8:34:
2e:f8:1d:2c:8f:3c:f4:23:79:9e:40:32:87:ba:0b:
30:23:cc:3e:90:45:53:40:01:3b:73:15:e8:0a:aa:
3a:cc:83:ab:0f:9e:6c:58:65:72:25:d7:a1:f4:dd:
9e:86:57:2f:ad:1a:5d:46:9c:af:1b:47:dd:9f:d6:
1e:7d:5e:88:28:37:59:90:2d:08:b9:bb:3c:68:c6:
cf:bf:d0:65:d9:4b:f4:7e:a5:92:f0:2b:b4:90:13:
88:bc:a3:8c:1d:ec:f9:83:83:a9:1e:8e:c9:b0:00:
54:88:90:76:54:31:a7:2b:74:0b:1a:7a:0c:e3:59:
f9:73:d8:d5:82:34:cb:ea:22:40:50:a6:0d:fe:25:
ab:0f:5c:44:58:e5:72:51:b2:55:77:da:c9:d6:23:
e4:4b:df:f2:e8:88:6d:cd:d7:bf:6c:b9:85:64:c1:
88:17:92:e7:43:47:60:27:81:af:af:cd:3b:00:44:
63:1a:11:1b:52:23:7f:f5:18:ea:20:71:fd:7b:e3:
b0:ca:08:21:91:a2:77:00:f3:59:51:15:cc:5f:df:
38:52:9f:a7:a7:86:12:22:98:18:f1:aa:9e:bc:a5:
f9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E9:14:5E:09:86:B0:51:9E:0C:81:66:4B:11:AF:AF:51:71:D5:0F
X509v3 Authority Key Identifier:
keyid:4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/QOkUXgmGsFGeDIFmSxGvr1Fx1Q8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.220.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:9b:86:bb:b8:00:e7:a8:31:36:4b:ab:37:06:c8:9b:3d:a8:
1b:cb:66:e6:b2:ec:15:44:d5:e0:48:ce:5a:38:4b:ca:b0:3f:
b4:96:4b:09:3b:74:16:85:88:32:84:85:02:73:43:54:34:15:
99:1d:eb:3d:0c:42:86:f4:d5:c1:41:64:f0:9a:b5:6b:71:72:
11:bd:4a:c2:b7:6b:e7:5a:d3:11:9c:39:2d:af:f9:84:54:e5:
7d:b9:a0:df:b8:d2:57:af:70:a8:1a:f3:01:da:32:7b:37:7c:
07:92:04:6b:04:25:56:53:c3:87:c8:62:ad:bd:eb:8d:54:50:
44:81:aa:64:bf:01:0e:82:2e:9b:ba:87:93:95:ce:36:78:5d:
47:8d:b5:c5:b5:ad:c2:51:f1:8c:a4:af:48:cf:0a:66:06:af:
6a:90:6d:48:6f:c0:aa:e9:8a:db:c5:c6:4c:ce:44:ae:7e:66:
8a:3e:3b:34:c0:c0:14:af:9d:2a:9e:92:59:81:95:2c:f8:4d:
75:91:82:34:29:9c:31:39:7c:54:33:db:18:37:0d:95:03:11:
ff:05:fc:33:4a:0c:a3:bb:5e:8f:07:81:bd:7f:1b:ac:0c:cc:
29:19:07:62:6e:23:1c:b8:ea:4e:99:b9:6b:1c:b4:c2:50:66:
66:c5:ba:0a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZB
NkE2QTY1NUEwQzQyQjk5QzdFMjA4N0VCRUY0NDRBQ0I1NjQ5MzAeFw0yMTAyMDcx
MzA0MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQwRTkxNDVFMDk4NkIw
NTE5RTBDODE2NjRCMTFBRkFGNTE3MUQ1MEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgvhpl7OwCgct3uHS3c/otgBijvsL/2amoGZ/YNC74HSyPPPQj
eZ5AMoe6CzAjzD6QRVNAATtzFegKqjrMg6sPnmxYZXIl16H03Z6GVy+tGl1GnK8b
R92f1h59XogoN1mQLQi5uzxoxs+/0GXZS/R+pZLwK7SQE4i8o4wd7PmDg6kejsmw
AFSIkHZUMacrdAsaegzjWflz2NWCNMvqIkBQpg3+JasPXERY5XJRslV32snWI+RL
3/LoiG3N179suYVkwYgXkudDR2Anga+vzTsARGMaERtSI3/1GOogcf1747DKCCGR
oncA81lRFcxf3zhSn6enhhIimBjxqp68pfmxAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUQOkUXgmGsFGeDIFmSxGvr1Fx1Q8wHwYDVR0jBBgwFoAUT6amplWgxCuZx+II
fr70RKy1ZJMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL1Q2
YW1wbFdneEN1WngtSUlmcjcwUkt5MVpKTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
VDZhbXBsV2d4Q3VaeC1JSWZyNzBSS3kxWkpNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL1FPa1VYZ21Hc0ZHZURJRm1TeEd2cjFG
eDFROC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnmNwwDQYJ
KoZIhvcNAQELBQADggEBAD6bhru4AOeoMTZLqzcGyJs9qBvLZuay7BVE1eBIzlo4
S8qwP7SWSwk7dBaFiDKEhQJzQ1Q0FZkd6z0MQob01cFBZPCatWtxchG9SsK3a+da
0xGcOS2v+YRU5X25oN+40levcKga8wHaMns3fAeSBGsEJVZTw4fIYq29641UUESB
qmS/AQ6CLpu6h5OVzjZ4XUeNtcW1rcJR8Yykr0jPCmYGr2qQbUhvwKrpitvFxkzO
RK5+Zoo+OzTAwBSvnSqeklmBlSz4TXWRgjQpnDE5fFQz2xg3DZUDEf8F/DNKDKO7
Xo8Hgb1/G6wMzCkZB2JuIxy46k6ZuWsctMJQZmbFugo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org