Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Shd9Q4wwUkHcLssEOzjShma6WE4.roa
File: Shd9Q4wwUkHcLssEOzjShma6WE4.roa (raw, json)
Hash identifier: +GDh3MtJsW/4rfHXNz4PH2GM4Odj+pATqYOh4I23pBQ=
Subject key identifier: 4A:17:7D:43:8C:30:52:41:DC:2E:CB:04:3B:38:D2:86:66:BA:58:4E
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 09F3
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Shd9Q4wwUkHcLssEOzjShma6WE4.roa
Signing time: Wed 29 Sep 2021 02:40:36 +0000
ROA not before: Wed 29 Sep 2021 02:40:36 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18042
IP address blocks: 123.252.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2547 (0x9f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Sep 29 02:40:36 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4A177D438C305241DC2ECB043B38D28666BA584E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:16:28:66:d8:44:63:70:b3:d8:05:f0:1b:08:
31:0c:bf:7d:4b:f2:32:02:f3:66:6b:b3:18:bf:f9:
d5:35:ae:11:03:11:4b:a3:79:a4:fe:46:cf:10:d5:
7a:46:88:c3:d7:4c:4c:77:69:1c:81:65:0c:66:53:
86:b4:ce:1c:bf:af:36:da:98:68:1f:7a:d8:ec:a8:
84:18:8d:e6:52:df:6f:af:fe:62:7b:af:94:b8:e2:
7e:c7:ea:21:10:cb:9f:b3:77:92:d9:46:60:45:f6:
9e:45:9e:f3:2a:6b:6f:c1:9e:c5:95:4e:5a:05:65:
a6:97:59:f0:5a:04:2e:d1:83:2b:ad:49:5c:38:df:
07:a0:1f:e1:10:2d:5e:e6:37:08:30:f9:07:75:b8:
e1:84:dc:60:ea:ea:1f:c2:27:88:5c:58:d4:da:68:
13:23:18:f5:1b:36:ce:38:20:99:9f:be:c1:35:97:
e0:fc:a7:a7:ca:bf:2e:f3:45:6a:ee:90:49:61:68:
c6:a8:b1:1a:36:8c:cd:c7:85:e4:db:f4:93:44:97:
01:7b:cd:ab:25:7b:6a:3f:d8:0e:e3:13:65:25:43:
8b:b9:7d:8b:5a:56:53:79:75:0e:76:84:2a:73:c9:
18:29:24:81:e1:65:68:24:5e:ae:2e:3e:61:6a:65:
05:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:17:7D:43:8C:30:52:41:DC:2E:CB:04:3B:38:D2:86:66:BA:58:4E
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Shd9Q4wwUkHcLssEOzjShma6WE4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.252.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a2:b6:18:91:ca:c1:2e:c7:35:45:8b:8a:6a:04:31:41:6d:95:
14:07:f6:00:44:d7:86:91:e5:90:3e:fc:32:3e:be:55:e1:c1:
90:ce:e4:c0:e8:1c:5c:69:0c:84:83:11:40:78:5b:09:13:dd:
0e:c1:1d:db:0c:5f:0c:e5:5c:c7:6a:d0:d3:1e:e3:6c:be:77:
ad:59:a5:e9:34:8c:68:7a:82:a7:65:aa:cd:16:13:75:31:3a:
3a:7d:5c:de:a0:98:46:76:69:8f:48:69:f3:7d:b5:a7:42:35:
6b:81:21:71:84:08:93:5d:64:43:09:cd:76:aa:c7:1c:8f:c0:
8f:f5:10:cb:06:ed:c7:2c:42:cb:51:21:77:b6:02:11:6d:eb:
48:7d:78:54:9e:a9:5e:26:25:87:48:95:99:cf:c0:94:71:dd:
0a:f5:cf:8a:dc:85:29:f8:2d:dc:7a:0c:99:b0:cf:2d:8d:46:
a2:fa:e1:f2:00:25:78:f1:91:fb:59:a7:1e:18:9b:52:60:ae:
2f:55:3f:b4:44:61:6a:c5:61:35:a5:1b:6c:cd:24:fd:c2:17:
4f:73:1e:8c:0c:2e:04:59:8e:d7:4c:c6:ef:98:c0:2a:48:28:
0e:1a:d2:77:e0:5d:f7:e5:a4:61:8f:d6:13:99:7d:ef:fe:b0:
64:45:f6:fa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCfMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMTA5Mjkw
MjQwMzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDRBMTc3RDQzOEMzMDUy
NDFEQzJFQ0IwNDNCMzhEMjg2NjZCQTU4NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGFihm2ERjcLPYBfAbCDEMv31L8jIC82Zrsxi/+dU1rhEDEUuj
eaT+Rs8Q1XpGiMPXTEx3aRyBZQxmU4a0zhy/rzbamGgfetjsqIQYjeZS32+v/mJ7
r5S44n7H6iEQy5+zd5LZRmBF9p5FnvMqa2/BnsWVTloFZaaXWfBaBC7RgyutSVw4
3wegH+EQLV7mNwgw+Qd1uOGE3GDq6h/CJ4hcWNTaaBMjGPUbNs44IJmfvsE1l+D8
p6fKvy7zRWrukElhaMaosRo2jM3HheTb9JNElwF7zasle2o/2A7jE2UlQ4u5fYta
VlN5dQ52hCpzyRgpJIHhZWgkXq4uPmFqZQUbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUShd9Q4wwUkHcLssEOzjShma6WE4wHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL1NoZDlRNHd3VWtIY0xzc0VP
empTaG1hNldFNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd7
/AAwDQYJKoZIhvcNAQELBQADggEBAKK2GJHKwS7HNUWLimoEMUFtlRQH9gBE14aR
5ZA+/DI+vlXhwZDO5MDoHFxpDISDEUB4WwkT3Q7BHdsMXwzlXMdq0NMe42y+d61Z
pek0jGh6gqdlqs0WE3UxOjp9XN6gmEZ2aY9IafN9tadCNWuBIXGECJNdZEMJzXaq
xxyPwI/1EMsG7ccsQstRIXe2AhFt60h9eFSeqV4mJYdIlZnPwJRx3Qr1z4rchSn4
Ldx6DJmwzy2NRqL64fIAJXjxkftZpx4Ym1Jgri9VP7REYWrFYTWlG2zNJP3CF09z
HowMLgRZjtdMxu+YwCpIKA4a0nfgXfflpGGP1hOZfe/+sGRF9vo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org