Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKSMF/EJk6R69rIjrYlR9T9GM_5njExbA.roa
File: EJk6R69rIjrYlR9T9GM_5njExbA.roa (raw, json)
Hash identifier: d70Yiifr87dxGGnZPGyz1f+iuxWNEaEtI6yYZd8o+rY=
Subject key identifier: 10:99:3A:47:AF:6B:22:3A:D8:95:1F:53:F4:63:3F:E6:78:C4:C5:B0
Certificate issuer: /CN=FBCFA1880AC86CE4FB99F974E9953F3597DCDE0A
Certificate serial: 0A5D
Authority key identifier: FB:CF:A1:88:0A:C8:6C:E4:FB:99:F9:74:E9:95:3F:35:97:DC:DE:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/EJk6R69rIjrYlR9T9GM_5njExbA.roa
Signing time: Wed 29 Sep 2021 02:37:03 +0000
ROA not before: Wed 29 Sep 2021 02:37:03 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131645
IP address blocks: 103.142.42.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2653 (0xa5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FBCFA1880AC86CE4FB99F974E9953F3597DCDE0A
Validity
Not Before: Sep 29 02:37:03 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=10993A47AF6B223AD8951F53F4633FE678C4C5B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:91:97:a1:85:46:cc:6b:0e:9a:bf:e8:95:e6:
97:82:cd:20:2b:fa:d1:7c:5b:75:11:09:fb:e4:b6:
93:2f:5e:e1:c1:a3:63:7b:f9:55:c8:bd:ec:af:ed:
77:4c:45:47:b4:15:33:8f:36:9a:fc:20:9d:de:af:
54:fa:f0:06:ce:1f:7e:d8:e8:eb:68:91:e3:4a:a4:
bf:fb:d7:78:b3:20:aa:8f:1c:b9:c6:7c:cd:44:bf:
3d:e9:2c:12:44:29:01:4d:6c:cd:48:24:a7:cb:b6:
91:df:76:a5:f3:cc:65:04:4c:de:2b:30:af:cc:31:
07:01:53:65:36:22:fa:37:90:bd:60:e8:16:14:81:
91:81:fb:88:0b:fe:84:03:5d:d1:a1:37:1a:2d:e1:
63:ed:53:7f:2e:e3:9e:a8:52:1c:35:20:fe:f6:9e:
28:86:6b:ed:91:0a:46:0c:40:58:32:d1:ed:d4:95:
ac:19:a4:59:d0:9c:b0:24:da:9d:a3:b8:79:5b:3e:
d5:2d:83:0a:27:ba:b4:d9:bd:21:e0:40:c9:d8:79:
bf:36:4a:a6:2a:13:9a:9a:79:c8:53:0e:bf:7c:2b:
7e:cf:66:a7:94:40:77:4b:a7:6e:76:a1:52:e9:cd:
f4:2c:a3:f4:15:6c:45:cd:62:bf:de:0a:28:e3:c2:
ff:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:99:3A:47:AF:6B:22:3A:D8:95:1F:53:F4:63:3F:E6:78:C4:C5:B0
X509v3 Authority Key Identifier:
keyid:FB:CF:A1:88:0A:C8:6C:E4:FB:99:F9:74:E9:95:3F:35:97:DC:DE:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/-8-hiArIbOT7mfl06ZU_NZfc3go.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/EJk6R69rIjrYlR9T9GM_5njExbA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.142.42.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:c3:64:58:9a:5e:c6:cd:ff:4a:61:21:49:f2:c8:c9:ce:87:
49:fe:1f:3a:6c:ae:65:52:91:ac:25:b3:f9:e6:95:df:fe:31:
5e:cf:ec:da:8f:05:0b:cb:10:fa:7a:d2:45:82:e7:4d:e4:6a:
00:09:44:72:b6:01:dc:11:65:8f:29:60:89:b6:9e:6f:a8:9c:
09:ca:20:55:9f:fa:f5:5c:36:2b:29:83:0c:7d:df:4c:de:53:
e5:42:a0:84:27:4d:ae:b3:f5:87:b2:e9:a2:20:d1:6c:94:62:
73:54:49:92:3b:86:32:b8:58:fe:77:c7:83:32:33:49:5e:6c:
81:c2:71:ad:86:8c:6e:9c:97:e4:85:78:58:25:67:9b:f5:f7:
6e:71:21:97:2b:26:ba:5e:df:f3:72:d5:73:3a:a4:87:74:4e:
fa:fd:c9:34:f2:8d:d5:cc:5c:04:b5:00:ae:4b:33:bc:b9:00:
14:b1:18:77:84:da:b9:3f:b4:c6:ec:2f:6d:f3:a9:34:c5:01:
63:16:ca:64:bb:4f:24:f4:29:fb:33:c6:b9:13:1f:bf:1e:f9:
e8:24:38:b1:5a:be:44:bb:19:d5:fe:be:6a:54:08:4b:65:4e:
08:93:ae:90:1f:ff:48:d1:2b:44:42:6c:ba:8c:48:1a:24:2d:
32:88:34:f3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkJD
RkExODgwQUM4NkNFNEZCOTlGOTc0RTk5NTNGMzU5N0RDREUwQTAeFw0yMTA5Mjkw
MjM3MDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDEwOTkzQTQ3QUY2QjIy
M0FEODk1MUY1M0Y0NjMzRkU2NzhDNEM1QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZkZehhUbMaw6av+iV5peCzSAr+tF8W3URCfvktpMvXuHBo2N7
+VXIveyv7XdMRUe0FTOPNpr8IJ3er1T68AbOH37Y6OtokeNKpL/713izIKqPHLnG
fM1Evz3pLBJEKQFNbM1IJKfLtpHfdqXzzGUETN4rMK/MMQcBU2U2Ivo3kL1g6BYU
gZGB+4gL/oQDXdGhNxot4WPtU38u456oUhw1IP72niiGa+2RCkYMQFgy0e3UlawZ
pFnQnLAk2p2juHlbPtUtgwonurTZvSHgQMnYeb82SqYqE5qaechTDr98K37PZqeU
QHdLp252oVLpzfQso/QVbEXNYr/eCijjwv9RAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUEJk6R69rIjrYlR9T9GM/5njExbAwHwYDVR0jBBgwFoAU+8+hiArIbOT7mfl0
6ZU/NZfc3gowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tTTUYv
LTgtaGlBckliT1Q3bWZsMDZaVV9OWmZjM2dvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8tOC1oaUFySWJPVDdtZmwwNlpVX05aZmMzZ28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS1NNRi9FSms2UjY5cklqcllsUjlUOUdN
XzVuakV4YkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ44q
MA0GCSqGSIb3DQEBCwUAA4IBAQCnw2RYml7Gzf9KYSFJ8sjJzodJ/h86bK5lUpGs
JbP55pXf/jFez+zajwULyxD6etJFgudN5GoACURytgHcEWWPKWCJtp5vqJwJyiBV
n/r1XDYrKYMMfd9M3lPlQqCEJ02us/WHsumiINFslGJzVEmSO4YyuFj+d8eDMjNJ
XmyBwnGthoxunJfkhXhYJWeb9fducSGXKya6Xt/zctVzOqSHdE76/ck08o3VzFwE
tQCuSzO8uQAUsRh3hNq5P7TG7C9t86k0xQFjFspku08k9Cn7M8a5Ex+/HvnoJDix
Wr5EuxnV/r5qVAhLZU4Ik66QH/9I0StEQmy6jEgaJC0yiDTz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org