Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LEOLCY/eHq7XQIM4XeYXGP6-MdRfLJXIpQ.roa
File: eHq7XQIM4XeYXGP6-MdRfLJXIpQ.roa (raw, json)
Hash identifier: 1WSjjpv8oxzZ7NFvQjeLeeQ73q3z/EpfPrLdfHzzNFs=
Subject key identifier: 78:7A:BB:5D:02:0C:E1:77:98:5C:63:FA:F8:C7:51:7C:B2:57:22:94
Certificate issuer: /CN=3D685193B8FAF2537E5A1385E03D19FE89742A8B
Certificate serial: 0A67
Authority key identifier: 3D:68:51:93:B8:FA:F2:53:7E:5A:13:85:E0:3D:19:FE:89:74:2A:8B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PWhRk7j68lN-WhOF4D0Z_ol0Kos.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LEOLCY/eHq7XQIM4XeYXGP6-MdRfLJXIpQ.roa
Signing time: Thu 20 Apr 2023 02:52:27 +0000
ROA not before: Thu 20 Apr 2023 02:52:27 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9304
IP address blocks: 103.17.240.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2663 (0xa67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3D685193B8FAF2537E5A1385E03D19FE89742A8B
Validity
Not Before: Apr 20 02:52:27 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=787ABB5D020CE177985C63FAF8C7517CB2572294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2c:26:84:3f:77:50:a3:63:e5:69:a7:ab:c3:
c8:49:3b:72:fd:0d:3d:b1:60:bc:40:19:e6:f8:cc:
16:5e:70:8e:ee:40:22:13:ff:bf:3c:08:95:2d:49:
22:dc:20:72:f1:89:0b:e0:6d:e5:bf:f6:1f:ad:36:
09:49:b0:9a:6b:00:54:de:83:9c:74:a3:5b:7e:96:
e1:66:75:69:31:2a:a0:20:a2:dd:7d:2b:9f:ac:9a:
91:9e:5b:17:3a:b1:9c:0d:12:e8:92:34:34:3f:0a:
ff:42:5a:ea:92:a4:9c:21:42:8f:e8:6b:2e:74:bf:
f6:ee:85:f0:73:df:32:a7:f2:cd:71:96:46:0a:2b:
f2:1e:fc:33:9e:14:ad:b0:87:f0:9b:4b:72:d6:9d:
60:5a:81:70:eb:a2:18:6a:d0:4c:24:73:38:e6:d2:
99:28:14:61:80:b9:11:03:12:ad:6e:ed:50:62:75:
29:d9:91:6c:3b:ad:a8:f3:82:87:26:a9:97:86:59:
67:d6:a2:c0:97:ea:44:6b:9e:73:41:38:e5:7c:c7:
6f:24:f1:2b:0a:ac:ef:c5:e2:17:26:9f:0b:63:e7:
23:9c:b7:55:98:b2:4b:c4:68:1d:a1:6c:5d:07:18:
6f:bc:44:b0:98:f8:90:5d:9f:e6:a2:92:ad:5c:4c:
55:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:7A:BB:5D:02:0C:E1:77:98:5C:63:FA:F8:C7:51:7C:B2:57:22:94
X509v3 Authority Key Identifier:
keyid:3D:68:51:93:B8:FA:F2:53:7E:5A:13:85:E0:3D:19:FE:89:74:2A:8B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LEOLCY/PWhRk7j68lN-WhOF4D0Z_ol0Kos.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PWhRk7j68lN-WhOF4D0Z_ol0Kos.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LEOLCY/eHq7XQIM4XeYXGP6-MdRfLJXIpQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.240.0/22
Signature Algorithm: sha256WithRSAEncryption
74:06:6f:6e:7b:7b:03:ca:b6:7e:49:c0:60:b3:69:33:63:d2:
29:53:5a:7f:f7:3a:71:5b:36:c8:ec:42:58:3d:2b:a0:8e:75:
81:d1:b3:a0:6b:db:06:85:0b:d7:28:27:6b:fe:f3:4d:ca:a2:
0d:75:b7:a3:19:22:e6:ff:e1:a2:fe:ed:d7:1e:ec:ed:67:4e:
5d:bc:1b:92:de:71:4d:3b:f0:ad:7d:0c:0a:ae:b0:33:1b:6b:
cd:71:8f:47:ba:28:14:e3:7e:b6:af:33:eb:2f:47:a7:c6:c5:
b3:6e:e5:58:a3:27:40:20:e6:ac:ea:10:f3:84:e8:c7:90:c5:
62:77:f0:cd:d4:41:40:06:ff:3a:36:4a:5b:da:99:75:a2:46:
15:1f:c7:13:66:0d:65:96:b9:00:18:5a:61:f3:29:ea:14:d9:
a8:86:7d:44:9c:88:04:e4:bc:bc:ab:9c:12:f2:af:ba:2f:1e:
fa:0f:98:a4:8c:01:dc:fe:cb:14:2d:f0:89:e3:c2:2b:1a:f0:
ee:45:c0:a9:a2:05:dd:59:c8:4c:ba:ff:16:00:0f:30:dd:90:
f0:4c:29:49:1d:64:23:7b:5c:c1:34:2b:b4:fc:de:52:8c:53:
bb:60:7d:13:c5:22:49:4c:6a:9a:75:a8:bf:f8:6d:a8:eb:76:
f2:31:43:80
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0Q2
ODUxOTNCOEZBRjI1MzdFNUExMzg1RTAzRDE5RkU4OTc0MkE4QjAeFw0yMzA0MjAw
MjUyMjdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDc4N0FCQjVEMDIwQ0Ux
Nzc5ODVDNjNGQUY4Qzc1MTdDQjI1NzIyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+LCaEP3dQo2Plaaerw8hJO3L9DT2xYLxAGeb4zBZecI7uQCIT
/788CJUtSSLcIHLxiQvgbeW/9h+tNglJsJprAFTeg5x0o1t+luFmdWkxKqAgot19
K5+smpGeWxc6sZwNEuiSNDQ/Cv9CWuqSpJwhQo/oay50v/buhfBz3zKn8s1xlkYK
K/Ie/DOeFK2wh/CbS3LWnWBagXDrohhq0Ewkczjm0pkoFGGAuREDEq1u7VBidSnZ
kWw7rajzgocmqZeGWWfWosCX6kRrnnNBOOV8x28k8SsKrO/F4hcmnwtj5yOct1WY
skvEaB2hbF0HGG+8RLCY+JBdn+aikq1cTFU7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUeHq7XQIM4XeYXGP6+MdRfLJXIpQwHwYDVR0jBBgwFoAUPWhRk7j68lN+WhOF
4D0Z/ol0KoswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVPTENZ
L1BXaFJrN2o2OGxOLVdoT0Y0RDBaX29sMEtvcy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvUFdoUms3ajY4bE4tV2hPRjREMFpfb2wwS29zLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVPTENZL2VIcTdYUUlNNFhlWVhHUDYt
TWRSZkxKWElwUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn
EfAwDQYJKoZIhvcNAQELBQADggEBAHQGb257ewPKtn5JwGCzaTNj0ilTWn/3OnFb
NsjsQlg9K6COdYHRs6Br2waFC9coJ2v+803Kog11t6MZIub/4aL+7dce7O1nTl28
G5LecU078K19DAqusDMba81xj0e6KBTjfravM+svR6fGxbNu5VijJ0Ag5qzqEPOE
6MeQxWJ38M3UQUAG/zo2SlvamXWiRhUfxxNmDWWWuQAYWmHzKeoU2aiGfUSciATk
vLyrnBLyr7ovHvoPmKSMAdz+yxQt8Injwisa8O5FwKmiBd1ZyEy6/xYADzDdkPBM
KUkdZCN7XME0K7T83lKMU7tgfRPFIklMapp1qL/4bajrdvIxQ4A=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:56 2025 by rpki-client