Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/lIzbbX5OsM0hdcWh0fk7jPIghe0.roa
File: lIzbbX5OsM0hdcWh0fk7jPIghe0.roa (raw, json)
Hash identifier: 3oJjzLtX1sQnmLhl/qhR//LIqFZt6P60rT3dCinCW5s=
Subject key identifier: 94:8C:DB:6D:7E:4E:B0:CD:21:75:C5:A1:D1:F9:3B:8C:F2:20:85:ED
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0955
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/lIzbbX5OsM0hdcWh0fk7jPIghe0.roa
Signing time: Wed 03 Mar 2021 02:07:40 +0000
ROA not before: Wed 03 Mar 2021 02:07:40 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9416
IP address blocks: 220.157.112.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2389 (0x955)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Mar 3 02:07:40 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=948CDB6D7E4EB0CD2175C5A1D1F93B8CF22085ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cf:3d:8d:74:86:57:18:75:f4:81:17:e0:9e:
fc:47:48:b3:89:b4:a8:ae:cc:b1:7e:b4:8f:34:bc:
49:76:3f:f2:01:92:02:86:58:d6:87:83:9a:25:61:
42:4e:a7:32:c1:f8:3b:ec:18:4a:9d:5c:df:20:94:
7c:b6:e3:e6:e3:71:c7:79:43:61:f4:66:e2:54:46:
e0:a8:1b:c9:33:e0:a5:87:80:79:be:d5:c0:a1:44:
95:ad:d9:2f:ca:db:33:a1:ad:6f:fa:4d:cc:a0:91:
ad:0d:b2:e3:97:79:a6:7f:bc:9f:1c:85:8a:10:b9:
8a:79:c1:e6:d3:5e:fa:0c:d7:a1:39:12:51:c5:b3:
e4:88:52:4b:5d:49:3b:3b:0e:76:04:91:0c:d3:78:
3e:41:f7:9b:c4:54:e2:c9:0b:18:c5:63:e2:dd:30:
ae:2e:9e:13:f3:b9:67:a7:79:3f:d4:9d:dc:eb:e0:
a8:50:25:62:48:3d:c0:c8:fb:72:98:80:b6:7f:87:
e5:39:d4:81:0a:59:b1:3e:49:71:df:a1:65:f4:69:
ba:48:de:ad:4c:f4:a2:c0:1f:bf:3b:58:9c:0c:68:
3b:2c:53:eb:af:f5:29:1d:e6:aa:85:bf:1c:2e:1f:
eb:62:7f:90:b8:02:49:db:79:3e:98:3c:17:b3:d0:
14:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8C:DB:6D:7E:4E:B0:CD:21:75:C5:A1:D1:F9:3B:8C:F2:20:85:ED
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/lIzbbX5OsM0hdcWh0fk7jPIghe0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.157.112.0/20
Signature Algorithm: sha256WithRSAEncryption
6b:9b:35:51:3c:49:e8:b9:e8:5b:fc:64:83:d7:f4:1a:df:d0:
a3:f1:e8:fa:ae:3f:7d:e7:1d:a4:e0:16:1d:4f:2c:ba:06:7d:
b8:e5:18:88:ea:ae:d2:5d:da:82:cb:0e:22:c0:30:0c:36:74:
56:53:60:01:7d:62:f3:86:de:4e:3a:f5:df:14:7d:d0:6e:a2:
43:10:e6:61:4e:5e:29:06:54:e1:a8:92:f1:4d:6e:ee:f1:9d:
82:00:b5:b5:b8:72:2f:a6:5c:23:a0:33:c2:a3:af:cf:33:df:
59:3f:e6:bc:b9:c4:ab:da:8e:b2:3e:26:d7:6b:54:1c:a9:47:
a8:21:04:2c:ed:7f:50:60:00:3d:e9:d6:3f:a4:9e:b4:d0:ac:
73:f2:82:a2:fa:a4:94:64:53:c2:bf:00:27:73:05:8c:af:24:
2f:eb:5f:8e:6a:67:78:41:e7:d1:ff:d6:87:e7:86:28:44:29:
3a:08:07:6f:19:18:58:f7:09:fd:25:2d:54:44:8a:2b:bf:25:
e3:cb:a2:33:ce:d4:69:79:4f:bd:fc:39:95:d7:fc:5d:a1:f4:
ce:9c:51:2b:6b:83:2c:5a:b5:26:9a:82:ad:4d:44:2c:db:a3:
c1:81:89:44:11:2f:ee:33:55:68:db:02:9c:07:a0:52:d4:44:
61:1f:5d:57
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCVUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMTAzMDMw
MjA3NDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDk0OENEQjZEN0U0RUIw
Q0QyMTc1QzVBMUQxRjkzQjhDRjIyMDg1RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRzz2NdIZXGHX0gRfgnvxHSLOJtKiuzLF+tI80vEl2P/IBkgKG
WNaHg5olYUJOpzLB+DvsGEqdXN8glHy24+bjccd5Q2H0ZuJURuCoG8kz4KWHgHm+
1cChRJWt2S/K2zOhrW/6Tcygka0NsuOXeaZ/vJ8chYoQuYp5webTXvoM16E5ElHF
s+SIUktdSTs7DnYEkQzTeD5B95vEVOLJCxjFY+LdMK4unhPzuWeneT/Undzr4KhQ
JWJIPcDI+3KYgLZ/h+U51IEKWbE+SXHfoWX0abpI3q1M9KLAH787WJwMaDssU+uv
9Skd5qqFvxwuH+tif5C4AknbeT6YPBez0BSJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlIzbbX5OsM0hdcWh0fk7jPIghe0wHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2xJemJiWDVPc00waGRjV2gw
Zms3alBJZ2hlMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATc
nXAwDQYJKoZIhvcNAQELBQADggEBAGubNVE8Sei56Fv8ZIPX9Brf0KPx6PquP33n
HaTgFh1PLLoGfbjlGIjqrtJd2oLLDiLAMAw2dFZTYAF9YvOG3k469d8UfdBuokMQ
5mFOXikGVOGokvFNbu7xnYIAtbW4ci+mXCOgM8Kjr88z31k/5ry5xKvajrI+Jtdr
VBypR6ghBCztf1BgAD3p1j+knrTQrHPygqL6pJRkU8K/ACdzBYyvJC/rX45qZ3hB
59H/1ofnhihEKToIB28ZGFj3Cf0lLVREiiu/JePLojPO1Gl5T738OZXX/F2h9M6c
UStrgyxatSaagq1NRCzbo8GBiUQRL+4zVWjbApwHoFLURGEfXVc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org