Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/qJFm5RU5oxDpp4uZiybcBhLO5Cs.roa
File:                     qJFm5RU5oxDpp4uZiybcBhLO5Cs.roa (raw, json)
Hash identifier:          Rbktk/0LJJJwYU4+W3xS/WeIiTXYFjF5mpFaP86NkWI=
Subject key identifier:   A8:91:66:E5:15:39:A3:10:E9:A7:8B:99:8B:26:DC:06:12:CE:E4:2B
Certificate issuer:       /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial:       0BFC
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/qJFm5RU5oxDpp4uZiybcBhLO5Cs.roa
Signing time:             Fri 01 Sep 2023 09:11:51 +0000
ROA not before:           Fri 01 Sep 2023 09:11:51 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18042
IP address blocks:        122.99.0.0/18 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3068 (0xbfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
        Validity
            Not Before: Sep  1 09:11:51 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=A89166E51539A310E9A78B998B26DC0612CEE42B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:7f:51:44:4a:22:cf:30:59:fb:7d:e2:69:1a:
                    15:bb:39:d0:67:5a:3c:9d:9e:b6:0c:6e:10:44:1c:
                    3b:75:38:cd:f3:7a:a0:1f:49:14:b7:73:bf:55:a4:
                    da:a6:14:a1:38:4a:3a:8b:ff:8d:89:fe:2f:ba:29:
                    6e:a7:d9:f3:34:45:77:d9:64:4e:4b:31:d5:52:04:
                    b5:c3:5f:c3:b8:8a:a9:0d:51:a3:d1:21:58:09:05:
                    a3:8f:d2:67:96:f0:73:23:fe:d2:a9:be:4d:86:b3:
                    2a:db:8a:52:f4:e3:75:dc:4c:1a:b5:99:8c:96:88:
                    3d:bc:5d:6e:c9:88:3f:01:75:65:de:be:f0:88:32:
                    fa:86:c5:e8:68:3f:81:5e:56:5c:a7:a0:20:aa:77:
                    d2:cb:ea:79:d2:85:47:8b:91:d6:21:9c:c1:a3:9c:
                    c6:57:d4:92:61:a1:da:52:d1:c2:65:38:61:c5:af:
                    d8:5d:33:c2:f5:82:05:de:37:8f:9e:47:d1:02:53:
                    fd:d3:96:2b:49:d8:d2:8a:3d:40:38:fe:11:33:b0:
                    ae:ae:e5:ec:77:03:0f:e3:ae:26:b5:bc:9c:f2:3b:
                    11:d7:65:59:72:1d:2d:22:2f:94:b1:18:94:a9:52:
                    60:23:55:75:75:1a:e0:51:40:02:f1:95:0e:40:95:
                    4f:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:91:66:E5:15:39:A3:10:E9:A7:8B:99:8B:26:DC:06:12:CE:E4:2B
            X509v3 Authority Key Identifier:
                keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/qJFm5RU5oxDpp4uZiybcBhLO5Cs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.99.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         6e:a0:a6:96:78:93:1b:3a:e9:8c:9e:2c:25:94:8f:cb:d3:24:
         f8:74:8c:1c:be:b8:e6:cc:73:ef:49:63:9f:8c:5a:91:46:aa:
         0f:a0:1d:c7:78:dc:51:a4:26:f8:16:9a:8e:29:da:6c:e3:4e:
         ae:f3:c0:14:00:10:9d:c6:97:9f:1c:35:d9:2a:f1:52:56:8e:
         f4:9e:4b:4f:2e:8c:31:3b:43:6b:3e:ce:82:6f:f7:14:aa:8b:
         9e:be:a0:cb:38:3e:65:c5:99:5e:de:71:44:8e:d2:b8:9b:f0:
         b4:30:32:40:9c:1f:c5:64:0c:5d:66:6f:3e:93:59:43:16:dc:
         de:65:a1:e0:37:71:e8:6b:14:72:20:82:54:27:38:fc:41:16:
         ea:64:69:a8:25:27:97:99:11:a1:0a:55:69:c0:c1:c3:9c:68:
         08:67:79:6d:2a:ef:4c:c5:d2:a6:32:41:1c:39:62:a1:78:6e:
         86:f5:12:31:0d:c6:bd:5a:2f:78:9f:cf:c5:74:6e:4b:bb:76:
         e2:82:8b:d3:bf:35:d6:d8:c9:ed:97:f5:7e:db:d8:21:9d:12:
         c1:4b:ad:eb:71:36:6f:92:c9:cc:74:18:04:64:d3:10:7d:62:
         51:b8:6f:cf:e6:66:b9:ed:2c:91:4f:65:ef:91:04:a5:2e:0b:
         76:f5:d4:d6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMzA5MDEw
OTExNTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEE4OTE2NkU1MTUzOUEz
MTBFOUE3OEI5OThCMjZEQzA2MTJDRUU0MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsf1FESiLPMFn7feJpGhW7OdBnWjydnrYMbhBEHDt1OM3zeqAf
SRS3c79VpNqmFKE4SjqL/42J/i+6KW6n2fM0RXfZZE5LMdVSBLXDX8O4iqkNUaPR
IVgJBaOP0meW8HMj/tKpvk2GsyrbilL043XcTBq1mYyWiD28XW7JiD8BdWXevvCI
MvqGxehoP4FeVlynoCCqd9LL6nnShUeLkdYhnMGjnMZX1JJhodpS0cJlOGHFr9hd
M8L1ggXeN4+eR9ECU/3TlitJ2NKKPUA4/hEzsK6u5ex3Aw/jria1vJzyOxHXZVly
HS0iL5SxGJSpUmAjVXV1GuBRQALxlQ5AlU+hAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqJFm5RU5oxDpp4uZiybcBhLO5CswHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL3FKRm01UlU1b3hEcHA0dVpp
eWJjQmhMTzVDcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ6
YwAwDQYJKoZIhvcNAQELBQADggEBAG6gppZ4kxs66YyeLCWUj8vTJPh0jBy+uObM
c+9JY5+MWpFGqg+gHcd43FGkJvgWmo4p2mzjTq7zwBQAEJ3Gl58cNdkq8VJWjvSe
S08ujDE7Q2s+zoJv9xSqi56+oMs4PmXFmV7ecUSO0rib8LQwMkCcH8VkDF1mbz6T
WUMW3N5loeA3cehrFHIgglQnOPxBFupkaaglJ5eZEaEKVWnAwcOcaAhneW0q70zF
0qYyQRw5YqF4bob1EjENxr1aL3ifz8V0bku7duKCi9O/NdbYye2X9X7b2CGdEsFL
retxNm+Sycx0GARk0xB9YlG4b8/mZrntLJFPZe+RBKUuC3b11NY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:44 2025 by rpki-client