Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/TSRUI8mopENxMsVhTdrLhZy64N4.roa
File: TSRUI8mopENxMsVhTdrLhZy64N4.roa (raw, json)
Hash identifier: 0DWRqeaRpqcIZ1AQeuce5cYmzsvhwZuzyHW46JGJiqE=
Subject key identifier: 4D:24:54:23:C9:A8:A4:43:71:32:C5:61:4D:DA:CB:85:9C:BA:E0:DE
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0BF6
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/TSRUI8mopENxMsVhTdrLhZy64N4.roa
Signing time: Fri 01 Sep 2023 09:11:49 +0000
ROA not before: Fri 01 Sep 2023 09:11:49 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18042
IP address blocks: 220.157.112.0/20 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3062 (0xbf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Sep 1 09:11:49 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=4D245423C9A8A4437132C5614DDACB859CBAE0DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f1:a3:25:76:7a:16:8c:2a:e6:a0:46:e1:1b:
f7:03:5d:8e:a0:67:cc:c8:80:c2:7a:7c:b2:79:ae:
66:36:96:f9:50:c5:10:2e:8f:03:30:de:d0:06:a1:
7d:fc:65:05:7a:91:4c:82:44:a6:f5:01:fa:d7:43:
52:9a:c6:a9:74:e7:7c:a6:c5:51:6b:4c:99:63:d4:
16:9d:b1:16:1e:66:62:53:70:ec:65:f8:63:a9:f2:
d4:c2:74:dd:36:3d:48:f1:36:5b:45:5b:12:e8:cc:
af:39:42:4a:f5:83:45:a1:89:13:cf:ae:85:76:f2:
bf:54:7e:f1:a0:45:ab:76:19:7c:16:c3:71:65:ad:
71:ed:b9:f3:a4:2d:f3:7b:07:01:26:22:89:68:89:
32:cf:43:eb:08:1b:3f:8e:ee:23:f8:52:c3:86:a6:
57:7c:95:6d:a0:62:2a:c6:f3:79:8f:a3:24:e7:ae:
5f:52:b0:38:a7:da:83:24:05:f8:31:65:30:b1:63:
d7:67:6b:99:53:75:7d:8e:b8:17:32:db:aa:b0:1c:
ec:1e:d2:20:bd:e3:ca:df:a7:ac:a8:89:94:50:c1:
4c:47:eb:f0:de:48:ef:95:81:4a:81:40:56:56:5f:
ab:f5:91:d0:ed:19:19:9f:6c:5d:9f:85:a4:ae:be:
5d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:24:54:23:C9:A8:A4:43:71:32:C5:61:4D:DA:CB:85:9C:BA:E0:DE
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/TSRUI8mopENxMsVhTdrLhZy64N4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.157.112.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:94:a2:00:14:f4:74:ba:8e:e2:b2:88:69:88:ca:68:8c:2c:
2c:f1:ef:13:99:33:71:06:03:30:0a:e7:04:26:5a:ae:e3:99:
ed:88:47:b3:6d:8d:4e:9c:72:1a:79:be:fc:11:a9:d7:6a:33:
cc:65:02:f0:94:27:a3:01:c9:8b:e3:51:2a:80:d2:20:ee:80:
59:42:9c:d0:3f:0a:12:c4:64:ef:c4:c0:1a:b1:cd:e5:51:69:
ed:6f:ac:ed:f7:e5:8a:f9:b0:a1:4d:c0:fd:a7:67:90:50:d2:
68:32:f0:f3:20:2c:61:8f:35:88:71:32:f4:03:c3:86:bd:2d:
dc:2a:ad:0a:74:02:53:e7:57:57:6e:b3:d5:b0:5f:e8:5c:04:
62:1e:be:b8:72:82:2a:49:a3:c1:4a:cf:95:6f:e5:a6:8e:0f:
0a:c7:3d:be:76:bd:6f:58:84:90:ae:b4:d3:28:59:e8:78:31:
23:36:9a:c3:e0:23:53:51:e7:b5:8f:d0:68:6e:85:cc:de:30:
11:51:ac:33:74:0e:b7:28:b3:63:d1:69:a2:c9:f0:14:72:36:
8d:31:28:57:5b:ab:11:54:4c:a0:48:34:a3:14:f7:9b:49:23:
c4:bb:8f:14:96:ed:a9:2e:fc:ec:cd:fc:52:1b:dd:da:82:a6:
5e:70:e7:6a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMzA5MDEw
OTExNDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDREMjQ1NDIzQzlBOEE0
NDM3MTMyQzU2MTREREFDQjg1OUNCQUUwREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDs8aMldnoWjCrmoEbhG/cDXY6gZ8zIgMJ6fLJ5rmY2lvlQxRAu
jwMw3tAGoX38ZQV6kUyCRKb1AfrXQ1Kaxql053ymxVFrTJlj1BadsRYeZmJTcOxl
+GOp8tTCdN02PUjxNltFWxLozK85Qkr1g0WhiRPProV28r9UfvGgRat2GXwWw3Fl
rXHtufOkLfN7BwEmIoloiTLPQ+sIGz+O7iP4UsOGpld8lW2gYirG83mPoyTnrl9S
sDin2oMkBfgxZTCxY9dna5lTdX2OuBcy26qwHOwe0iC948rfp6yoiZRQwUxH6/De
SO+VgUqBQFZWX6v1kdDtGRmfbF2fhaSuvl1tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTSRUI8mopENxMsVhTdrLhZy64N4wHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL1RTUlVJOG1vcEVOeE1zVmhU
ZHJMaFp5NjRONC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATc
nXAwDQYJKoZIhvcNAQELBQADggEBABqUogAU9HS6juKyiGmIymiMLCzx7xOZM3EG
AzAK5wQmWq7jme2IR7NtjU6cchp5vvwRqddqM8xlAvCUJ6MByYvjUSqA0iDugFlC
nNA/ChLEZO/EwBqxzeVRae1vrO335Yr5sKFNwP2nZ5BQ0mgy8PMgLGGPNYhxMvQD
w4a9LdwqrQp0AlPnV1dus9WwX+hcBGIevrhygipJo8FKz5Vv5aaODwrHPb52vW9Y
hJCutNMoWeh4MSM2msPgI1NR57WP0GhuhczeMBFRrDN0Drcos2PRaaLJ8BRyNo0x
KFdbqxFUTKBINKMU95tJI8S7jxSW7aku/OzN/FIb3dqCpl5w52o=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:31:31 2025 by rpki-client