Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/xf3H6iEfSJpFZCPSSoX8NiXOhZA.roa
File: xf3H6iEfSJpFZCPSSoX8NiXOhZA.roa (raw, json)
Hash identifier: E31B+rnQXCbMbRravpVU3jVhMFi0PGjkjC4NPD3mwIQ=
Subject key identifier: C5:FD:C7:EA:21:1F:48:9A:45:64:23:D2:4A:85:FC:36:25:CE:85:90
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0923
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/xf3H6iEfSJpFZCPSSoX8NiXOhZA.roa
Signing time: Mon 22 Feb 2021 14:07:22 +0000
ROA not before: Mon 22 Feb 2021 14:07:22 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 115.43.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2339 (0x923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Feb 22 14:07:22 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C5FDC7EA211F489A456423D24A85FC3625CE8590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:d5:19:94:f0:ba:b2:9d:80:bd:8f:51:a3:0f:
41:14:ce:11:04:87:de:bd:20:44:dc:c6:2a:e7:31:
0a:8c:9d:dd:be:f9:9c:52:fc:c9:e8:79:ae:9d:53:
cb:0a:04:7f:d4:b5:c2:22:ea:b5:2f:a3:52:98:0c:
19:5b:aa:41:86:96:22:bc:cd:01:31:22:b1:88:a0:
e3:0a:e7:9c:1a:a5:ac:9b:d6:10:d3:78:f7:36:58:
f7:84:38:7e:fd:49:cb:79:1c:e8:6e:d3:4d:b0:fe:
90:79:2d:28:b1:3d:4a:d5:f1:ab:70:b2:47:88:90:
e9:84:3c:8c:54:62:2a:19:84:99:20:41:65:14:c7:
26:1b:55:a3:80:8b:ce:1e:56:9a:49:a6:e5:61:2d:
bc:b3:ec:a1:d9:69:75:66:63:bb:80:82:ae:5f:17:
09:69:eb:b2:46:a9:63:31:4f:19:11:9a:59:6f:4f:
7d:1c:7f:41:14:10:6f:59:22:98:6c:f7:b2:39:92:
79:64:85:ea:60:12:fe:bb:56:cd:0f:5d:ac:e7:ca:
cc:3b:48:da:23:90:61:62:5a:3c:fc:2d:11:29:69:
e3:e2:03:57:0f:3a:22:26:81:3e:4b:00:db:ac:91:
27:40:d2:29:07:4c:9d:c9:eb:07:30:c5:c8:b6:36:
5e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FD:C7:EA:21:1F:48:9A:45:64:23:D2:4A:85:FC:36:25:CE:85:90
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/xf3H6iEfSJpFZCPSSoX8NiXOhZA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.43.128.0/17
Signature Algorithm: sha256WithRSAEncryption
27:ed:d6:7a:d4:d2:99:65:b5:7c:51:3d:f3:de:3e:dd:b2:78:
cd:3c:7f:77:80:13:5b:15:11:f4:29:fe:c4:0d:d0:7f:b5:be:
f5:12:16:e7:75:b7:93:a7:0d:c2:fb:bf:56:5a:a0:bb:df:05:
af:1e:bf:3c:9b:2b:8f:5f:0e:b8:5d:c9:5c:7c:32:ca:15:7a:
41:00:66:c8:86:7e:7f:26:f0:38:f5:44:3b:e5:dc:8d:f9:28:
cb:22:e4:3b:8a:45:a3:87:c5:76:71:78:9b:79:1a:1d:f9:61:
9e:c6:65:bc:17:f4:83:8b:13:f1:11:30:da:e9:93:b6:66:1e:
b8:65:4a:e3:08:a7:31:49:23:0c:ec:7b:cb:f7:b0:68:3b:63:
77:73:e0:9b:dc:b9:12:ed:ad:02:80:60:c1:41:94:af:15:a0:
bf:f9:32:9e:ea:e3:80:43:c3:ed:4b:cf:f0:e0:9d:a3:12:14:
83:3a:15:ca:36:3e:8a:f3:56:00:a2:39:a9:a6:cc:2f:d4:3c:
0b:4e:f2:aa:fd:ad:68:73:bb:75:fb:c3:02:60:90:18:ad:e5:
d1:cd:ea:d9:37:f4:c9:c2:d9:61:7c:09:65:b2:14:9d:e0:b9:
9a:87:41:1e:5d:2f:9d:c4:2b:9f:b8:03:74:b3:58:b9:a1:17:
07:3c:c4:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCSMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMTAyMjIx
NDA3MjJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM1RkRDN0VBMjExRjQ4
OUE0NTY0MjNEMjRBODVGQzM2MjVDRTg1OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD51RmU8LqynYC9j1GjD0EUzhEEh969IETcxirnMQqMnd2++ZxS
/Mnoea6dU8sKBH/UtcIi6rUvo1KYDBlbqkGGliK8zQExIrGIoOMK55wapayb1hDT
ePc2WPeEOH79Sct5HOhu002w/pB5LSixPUrV8atwskeIkOmEPIxUYioZhJkgQWUU
xyYbVaOAi84eVppJpuVhLbyz7KHZaXVmY7uAgq5fFwlp67JGqWMxTxkRmllvT30c
f0EUEG9ZIphs97I5knlkhepgEv67Vs0PXaznysw7SNojkGFiWjz8LREpaePiA1cP
OiImgT5LANuskSdA0ikHTJ3J6wcwxci2Nl6DAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxf3H6iEfSJpFZCPSSoX8NiXOhZAwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL3hmM0g2aUVmU0pwRlpDUFNT
b1g4TmlYT2haQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAdz
K4AwDQYJKoZIhvcNAQELBQADggEBACft1nrU0plltXxRPfPePt2yeM08f3eAE1sV
EfQp/sQN0H+1vvUSFud1t5OnDcL7v1ZaoLvfBa8evzybK49fDrhdyVx8MsoVekEA
ZsiGfn8m8Dj1RDvl3I35KMsi5DuKRaOHxXZxeJt5Gh35YZ7GZbwX9IOLE/ERMNrp
k7ZmHrhlSuMIpzFJIwzse8v3sGg7Y3dz4JvcuRLtrQKAYMFBlK8VoL/5Mp7q44BD
w+1Lz/DgnaMSFIM6Fco2PorzVgCiOammzC/UPAtO8qr9rWhzu3X7wwJgkBit5dHN
6tk39MnC2WF8CWWyFJ3guZqHQR5dL53EK5+4A3SzWLmhFwc8xAk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org