Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKCO/ShkB7Zrt6nCfchhqt5euFjv7HZU.roa
File: ShkB7Zrt6nCfchhqt5euFjv7HZU.roa (raw, json)
Hash identifier: bgKxY6dnn93RdRv7uvsM62fhZfSKDaTGi/rvTnxdVw8=
Subject key identifier: 4A:19:01:ED:9A:ED:EA:70:9F:72:18:6A:B7:97:AE:16:3B:FB:1D:95
Certificate issuer: /CN=828BD19EFA8EBE59EF407BB7FAB6898F754C7EC1
Certificate serial: 0C3D
Authority key identifier: 82:8B:D1:9E:FA:8E:BE:59:EF:40:7B:B7:FA:B6:89:8F:75:4C:7E:C1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/govRnvqOvlnvQHu3-raJj3VMfsE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKCO/ShkB7Zrt6nCfchhqt5euFjv7HZU.roa
Signing time: Sun 07 Feb 2021 11:54:43 +0000
ROA not before: Sun 07 Feb 2021 11:54:43 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131645
IP address blocks: 103.134.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3133 (0xc3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=828BD19EFA8EBE59EF407BB7FAB6898F754C7EC1
Validity
Not Before: Feb 7 11:54:43 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=4A1901ED9AEDEA709F72186AB797AE163BFB1D95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1a:4d:03:2d:f2:e0:39:57:00:39:63:bd:65:
22:99:75:3b:fa:b7:33:17:1c:e4:3a:2a:45:1b:de:
a0:73:e3:0f:5d:26:64:b0:44:62:51:e1:90:5f:fa:
4a:08:e6:91:f0:89:48:2c:1e:d5:03:49:0b:cb:4a:
38:d6:b0:5d:10:5d:5b:1f:66:48:43:b3:78:21:2e:
4b:3a:34:13:84:15:24:40:bf:35:f6:f0:3a:fc:9f:
28:b3:e7:4e:68:79:56:42:cf:de:af:0d:a6:f3:14:
a7:5b:0d:cc:1d:d1:64:70:ac:81:7c:51:ee:f9:e9:
89:fd:ee:7a:42:8d:ef:84:13:e4:23:89:ad:a1:d3:
12:9a:fc:e7:3f:1f:04:25:70:4c:03:c8:c2:a6:aa:
35:27:b7:78:c7:1f:b4:a4:92:7b:cd:b3:d6:f8:fd:
2a:9e:14:ca:49:48:8b:ee:0e:9a:f6:dd:f3:fa:9a:
ae:a1:54:ad:46:58:ac:be:d6:99:3f:82:03:c0:e9:
69:04:02:9b:a9:72:53:60:f2:91:bb:e1:b4:00:f3:
ec:93:18:c3:41:51:4e:22:3c:56:3a:cd:50:36:33:
40:f6:b5:ba:19:95:ae:01:bb:49:7c:86:2e:9c:11:
c0:19:36:4a:e6:aa:03:16:dd:0c:8c:f5:f3:3a:62:
59:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:19:01:ED:9A:ED:EA:70:9F:72:18:6A:B7:97:AE:16:3B:FB:1D:95
X509v3 Authority Key Identifier:
keyid:82:8B:D1:9E:FA:8E:BE:59:EF:40:7B:B7:FA:B6:89:8F:75:4C:7E:C1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKCO/govRnvqOvlnvQHu3-raJj3VMfsE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/govRnvqOvlnvQHu3-raJj3VMfsE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKCO/ShkB7Zrt6nCfchhqt5euFjv7HZU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.120.0/22
Signature Algorithm: sha256WithRSAEncryption
12:07:8d:19:f5:59:44:e3:23:d3:af:7a:71:67:51:ac:03:ae:
85:c0:8d:95:fd:2b:c3:d9:85:60:58:23:2f:04:2b:4e:19:94:
f9:e4:49:cd:44:e9:cf:d5:af:cf:9f:7c:1b:dd:71:17:18:f2:
65:0c:7c:a0:e0:04:cd:f4:9b:0d:32:23:96:0b:ac:3c:09:d9:
68:fb:f8:d1:b6:a8:64:4a:51:92:8a:fa:f0:b6:9a:fc:ca:1a:
7e:58:d8:ad:61:6b:e3:6c:6b:76:3b:bc:14:68:b8:07:44:76:
49:1d:e3:6e:f8:ba:29:ad:a2:81:8c:62:4c:2e:fb:fe:72:65:
ee:3b:ad:8f:78:aa:8b:32:73:67:47:bf:d3:fd:cc:3c:9e:e3:
d8:5f:7f:fd:8c:3a:8c:3c:79:79:44:30:93:c8:0e:41:07:64:
95:f9:cf:41:18:c2:f7:9d:d6:76:25:12:f8:7d:5d:6e:90:02:
73:b3:f7:d1:be:fa:5e:89:1d:52:db:34:d3:6d:5f:05:93:1a:
9d:0a:46:89:c2:94:7c:a5:1f:eb:0e:70:38:7a:de:43:bb:b1:
20:cd:be:e8:d2:13:cf:bf:c5:b2:7e:39:aa:97:58:36:68:eb:
e4:c8:ba:3b:ec:ea:e6:38:7d:82:65:3f:0e:db:2e:fb:0a:fb:
80:5e:07:18
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDD0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODI4
QkQxOUVGQThFQkU1OUVGNDA3QkI3RkFCNjg5OEY3NTRDN0VDMTAeFw0yMTAyMDcx
MTU0NDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDRBMTkwMUVEOUFFREVB
NzA5RjcyMTg2QUI3OTdBRTE2M0JGQjFEOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXGk0DLfLgOVcAOWO9ZSKZdTv6tzMXHOQ6KkUb3qBz4w9dJmSw
RGJR4ZBf+koI5pHwiUgsHtUDSQvLSjjWsF0QXVsfZkhDs3ghLks6NBOEFSRAvzX2
8Dr8nyiz505oeVZCz96vDabzFKdbDcwd0WRwrIF8Ue756Yn97npCje+EE+Qjia2h
0xKa/Oc/HwQlcEwDyMKmqjUnt3jHH7SkknvNs9b4/SqeFMpJSIvuDpr23fP6mq6h
VK1GWKy+1pk/ggPA6WkEApupclNg8pG74bQA8+yTGMNBUU4iPFY6zVA2M0D2tboZ
la4Bu0l8hi6cEcAZNkrmqgMW3QyM9fM6Yll1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUShkB7Zrt6nCfchhqt5euFjv7HZUwHwYDVR0jBBgwFoAUgovRnvqOvlnvQHu3
+raJj3VMfsEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tDTy9n
b3ZSbnZxT3ZsbnZRSHUzLXJhSmozVk1mc0UuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2dvdlJudnFPdmxudlFIdTMtcmFKajNWTWZzRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0tLQ08vU2hrQjdacnQ2bkNmY2hocXQ1ZXVG
anY3SFpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmeGeDAN
BgkqhkiG9w0BAQsFAAOCAQEAEgeNGfVZROMj0696cWdRrAOuhcCNlf0rw9mFYFgj
LwQrThmU+eRJzUTpz9Wvz598G91xFxjyZQx8oOAEzfSbDTIjlgusPAnZaPv40bao
ZEpRkor68Laa/MoafljYrWFr42xrdju8FGi4B0R2SR3jbvi6Ka2igYxiTC77/nJl
7jutj3iqizJzZ0e/0/3MPJ7j2F9//Yw6jDx5eUQwk8gOQQdklfnPQRjC953WdiUS
+H1dbpACc7P30b76XokdUts0021fBZManQpGicKUfKUf6w5wOHreQ7uxIM2+6NIT
z7/Fsn45qpdYNmjr5Mi6O+zq5jh9gmU/Dtsu+wr7gF4HGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org