Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/SdJSXe3jqw4eXC-Qh_nWa6crm8E.roa
File: SdJSXe3jqw4eXC-Qh_nWa6crm8E.roa (raw, json)
Hash identifier: IyI4pZVI7Uz4uwO0WJIqOBi+6cmg5jm7xB0HC8SM8oQ=
Subject key identifier: 49:D2:52:5D:ED:E3:AB:0E:1E:5C:2F:90:87:F9:D6:6B:A7:2B:9B:C1
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 09EC
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/SdJSXe3jqw4eXC-Qh_nWa6crm8E.roa
Signing time: Wed 29 Sep 2021 02:40:34 +0000
ROA not before: Wed 29 Sep 2021 02:40:34 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9416
IP address blocks: 123.252.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2540 (0x9ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Sep 29 02:40:34 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=49D2525DEDE3AB0E1E5C2F9087F9D66BA72B9BC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:07:54:1c:54:d3:dd:32:8e:49:15:3b:ed:17:
5c:2e:16:ab:70:86:37:31:02:f0:40:d0:bc:60:99:
38:60:20:57:a3:8a:98:27:cc:49:8d:62:ea:b7:b3:
7c:82:09:64:1b:37:3e:b3:2c:a7:a7:d9:a1:cf:20:
23:af:03:3c:c7:1f:1b:b7:df:48:1d:86:4b:c8:dd:
bb:9e:66:10:5b:3d:5e:0b:41:18:5e:27:d0:b6:c0:
53:70:78:ab:e2:6a:f7:15:31:fb:56:c4:d3:52:86:
92:f1:72:d1:fb:bb:96:d4:08:09:f0:63:13:1f:72:
8b:ca:38:f2:c5:b1:dd:de:69:10:96:03:49:10:a0:
f9:48:bc:80:30:2e:c3:6a:52:ea:af:6a:be:7c:29:
83:af:29:17:10:6d:67:2f:d2:f3:8c:5d:f0:24:39:
cb:2e:e7:ae:82:ce:48:cf:0a:4f:b3:33:8b:09:ad:
6a:34:d0:9d:ae:d1:8f:b5:92:c4:22:27:3d:c0:2c:
fe:06:8b:c4:c8:86:e3:33:71:0f:be:73:6e:6e:03:
45:fd:17:2b:81:a9:3c:a3:9d:90:47:28:43:7f:62:
30:5c:ca:2e:e2:6d:2c:99:6d:a1:e9:c8:31:8d:16:
2b:7e:c3:97:5b:cf:2d:58:b2:ed:a0:49:4a:d2:56:
0a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D2:52:5D:ED:E3:AB:0E:1E:5C:2F:90:87:F9:D6:6B:A7:2B:9B:C1
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/SdJSXe3jqw4eXC-Qh_nWa6crm8E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.252.0.0/17
Signature Algorithm: sha256WithRSAEncryption
b0:79:a3:cd:57:c6:2a:62:d3:07:db:51:e8:92:e2:40:0f:75:
6c:d2:ea:d3:c6:32:d0:6d:a8:b4:8f:24:01:17:7b:0d:09:0e:
03:38:bd:a2:18:b8:7d:93:25:59:94:a6:13:e6:34:3e:8f:e4:
ff:f0:6d:db:a1:b8:91:39:80:73:8c:ed:f4:29:25:df:e0:19:
a8:91:52:e5:6f:5d:c3:cb:47:4a:66:4a:e6:84:7d:34:e0:4d:
eb:d5:c5:29:be:bb:b5:d3:5c:95:85:b2:3b:f5:d3:b3:91:08:
71:ed:b0:08:ef:a9:c9:5d:d5:41:2d:03:a1:ea:51:f6:02:61:
43:2e:36:7d:d9:dd:e6:80:c7:f4:80:9f:41:5e:7b:b4:e4:71:
7d:c2:fe:32:e5:07:56:55:9b:ba:a5:55:f7:82:35:39:54:45:
cb:cc:9e:a5:6d:65:72:b0:da:7a:6c:97:6b:a9:41:04:2b:a4:
87:24:c3:5d:6f:07:07:65:f4:46:e4:88:b1:c1:f1:4d:27:34:
86:b7:c2:b5:10:47:68:c4:b7:0e:8d:d6:f0:20:b8:31:cf:36:
c8:a9:46:57:fa:15:b4:6f:2a:d5:e5:1a:d3:60:b0:9d:66:ea:
a6:00:4c:81:1b:66:fd:da:fc:8e:56:8a:42:04:f3:a4:8c:ba:
01:5e:f2:23
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMTA5Mjkw
MjQwMzRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQ5RDI1MjVERURFM0FC
MEUxRTVDMkY5MDg3RjlENjZCQTcyQjlCQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzB1QcVNPdMo5JFTvtF1wuFqtwhjcxAvBA0LxgmThgIFejipgn
zEmNYuq3s3yCCWQbNz6zLKen2aHPICOvAzzHHxu330gdhkvI3bueZhBbPV4LQRhe
J9C2wFNweKviavcVMftWxNNShpLxctH7u5bUCAnwYxMfcovKOPLFsd3eaRCWA0kQ
oPlIvIAwLsNqUuqvar58KYOvKRcQbWcv0vOMXfAkOcsu566CzkjPCk+zM4sJrWo0
0J2u0Y+1ksQiJz3ALP4Gi8TIhuMzcQ++c25uA0X9FyuBqTyjnZBHKEN/YjBcyi7i
bSyZbaHpyDGNFit+w5dbzy1Ysu2gSUrSVgrfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUSdJSXe3jqw4eXC+Qh/nWa6crm8EwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL1NkSlNYZTNqcXc0ZVhDLVFo
X25XYTZjcm04RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd7
/AAwDQYJKoZIhvcNAQELBQADggEBALB5o81Xxipi0wfbUeiS4kAPdWzS6tPGMtBt
qLSPJAEXew0JDgM4vaIYuH2TJVmUphPmND6P5P/wbduhuJE5gHOM7fQpJd/gGaiR
UuVvXcPLR0pmSuaEfTTgTevVxSm+u7XTXJWFsjv107ORCHHtsAjvqcld1UEtA6Hq
UfYCYUMuNn3Z3eaAx/SAn0Fee7TkcX3C/jLlB1ZVm7qlVfeCNTlURcvMnqVtZXKw
2npsl2upQQQrpIckw11vBwdl9EbkiLHB8U0nNIa3wrUQR2jEtw6N1vAguDHPNsip
Rlf6FbRvKtXlGtNgsJ1m6qYATIEbZv3a/I5WikIE86SMugFe8iM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:56 2023 by rpki-client on console-ams.rpki-client.org