Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/Cq_PkSzPYTcbd0xMCVEqgvOxeuk.roa
File: Cq_PkSzPYTcbd0xMCVEqgvOxeuk.roa (raw, json)
Hash identifier: BRPPuK8hM7jX8/sCEkVv8cCvY2foU08rlD0EhqKunGA=
Subject key identifier: 0A:AF:CF:91:2C:CF:61:37:1B:77:4C:4C:09:51:2A:82:F3:B1:7A:E9
Certificate issuer: /CN=EDC0457A140B2D436CE7FAE67D8491CFFC6E7F3E
Certificate serial: 097C
Authority key identifier: ED:C0:45:7A:14:0B:2D:43:6C:E7:FA:E6:7D:84:91:CF:FC:6E:7F:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7cBFehQLLUNs5_rmfYSRz_xufz4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/Cq_PkSzPYTcbd0xMCVEqgvOxeuk.roa
Signing time: Tue 03 May 2022 07:46:19 +0000
ROA not before: Tue 03 May 2022 07:46:19 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9676
IP address blocks: 103.123.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2428 (0x97c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EDC0457A140B2D436CE7FAE67D8491CFFC6E7F3E
Validity
Not Before: May 3 07:46:19 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=0AAFCF912CCF61371B774C4C09512A82F3B17AE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e0:79:03:af:55:df:c4:75:35:9e:bd:4b:83:
2c:a5:1c:16:71:9a:7c:88:a6:cb:f2:2a:88:22:62:
dc:6e:b6:19:c2:12:e0:5b:3d:a4:87:59:7f:a1:1a:
f5:eb:9d:35:14:ed:5e:04:6f:f5:d7:79:73:d4:a2:
ed:a4:e0:11:f6:85:ad:c8:70:ab:e5:95:f8:27:5b:
a1:d8:c5:22:d0:21:49:9e:e6:8c:b7:f5:12:91:d9:
8c:7d:21:a2:1d:b0:fe:a5:a8:50:d7:8b:07:01:d5:
92:a7:c5:e4:54:35:04:58:e0:09:96:c1:61:e3:d4:
dd:56:e7:df:31:3e:0e:1c:0f:61:b8:ba:c2:24:72:
a1:fc:4b:cb:a5:74:6b:0e:fa:3b:19:71:e3:53:43:
56:ed:f3:ca:92:73:ed:f9:ed:e5:c8:1c:f9:2a:c0:
a0:7e:ce:a7:3c:5e:f9:3d:51:45:e8:bf:d1:66:d6:
44:32:3e:01:1a:ce:0d:bb:25:c0:9f:ac:9f:e6:17:
5d:83:50:ee:bd:00:12:20:fd:a1:c2:0f:f9:01:68:
4f:2c:fe:41:11:e4:39:2d:40:b9:42:00:d2:c5:47:
5c:e0:26:58:18:02:f9:83:a8:c2:20:d1:af:b3:79:
4c:05:e7:83:06:7a:68:6f:4a:1a:04:9c:b1:b6:4e:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AF:CF:91:2C:CF:61:37:1B:77:4C:4C:09:51:2A:82:F3:B1:7A:E9
X509v3 Authority Key Identifier:
keyid:ED:C0:45:7A:14:0B:2D:43:6C:E7:FA:E6:7D:84:91:CF:FC:6E:7F:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/7cBFehQLLUNs5_rmfYSRz_xufz4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7cBFehQLLUNs5_rmfYSRz_xufz4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/Cq_PkSzPYTcbd0xMCVEqgvOxeuk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.2.0/24
Signature Algorithm: sha256WithRSAEncryption
37:d9:a4:9a:7b:e0:d6:91:d6:49:bb:69:4d:d2:62:9f:06:fc:
2e:25:d6:cf:67:77:6e:82:60:1a:8d:60:17:5c:b9:1d:e7:da:
c6:51:e9:aa:d3:50:84:25:6d:31:7c:d5:30:65:2c:28:c0:d7:
4f:6c:38:ea:56:f6:bf:55:d7:69:59:08:fa:ee:8b:90:41:8d:
25:02:cc:65:8b:71:3a:dc:7c:f9:b4:4d:56:be:a8:cd:ea:52:
2d:ca:d0:8d:e3:da:d9:f3:34:16:5f:5b:2b:97:3a:3b:6a:bd:
96:98:b8:1a:5d:87:de:43:0f:37:61:d7:2f:af:34:59:23:a1:
04:62:72:d4:d9:d3:f7:68:ec:75:42:6b:60:f2:e2:cc:e8:e9:
dd:6e:ae:55:a6:98:9d:22:a1:33:bc:31:a9:a5:7d:8d:a5:4b:
34:9f:de:8a:ae:6a:7c:0b:2e:ed:f7:9f:13:c8:1e:ec:08:f1:
de:28:59:6b:cf:9b:41:f4:f9:bd:36:50:45:d7:d9:af:06:81:
c6:e4:59:de:ee:5c:95:d3:ae:fb:b5:99:47:67:08:cd:4d:c2:
44:ca:03:58:c1:3f:00:ad:14:ea:b1:e4:38:45:18:29:96:80:
a3:dd:cf:1e:25:e1:73:96:ba:e3:29:d3:b5:08:6b:ba:bd:98:
a6:6e:4e:5f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCXwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRURD
MDQ1N0ExNDBCMkQ0MzZDRTdGQUU2N0Q4NDkxQ0ZGQzZFN0YzRTAeFw0yMjA1MDMw
NzQ2MTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDBBQUZDRjkxMkNDRjYx
MzcxQjc3NEM0QzA5NTEyQTgyRjNCMTdBRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC24HkDr1XfxHU1nr1LgyylHBZxmnyIpsvyKogiYtxuthnCEuBb
PaSHWX+hGvXrnTUU7V4Eb/XXeXPUou2k4BH2ha3IcKvllfgnW6HYxSLQIUme5oy3
9RKR2Yx9IaIdsP6lqFDXiwcB1ZKnxeRUNQRY4AmWwWHj1N1W598xPg4cD2G4usIk
cqH8S8uldGsO+jsZceNTQ1bt88qSc+357eXIHPkqwKB+zqc8Xvk9UUXov9Fm1kQy
PgEazg27JcCfrJ/mF12DUO69ABIg/aHCD/kBaE8s/kER5DktQLlCANLFR1zgJlgY
AvmDqMIg0a+zeUwF54MGemhvShoEnLG2TjABAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCq/PkSzPYTcbd0xMCVEqgvOxeukwHwYDVR0jBBgwFoAU7cBFehQLLUNs5/rm
fYSRz/xufz4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVUU1dJ
Ti83Y0JGZWhRTExVTnM1X3JtZllTUnpfeHVmejQuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzdjQkZlaFFMTFVOczVfcm1mWVNSel94dWZ6NC5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0xFVFNXSU4vQ3FfUGtTelBZVGNiZDB4
TUNWRXFndk94ZXVrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGd7AjANBgkqhkiG9w0BAQsFAAOCAQEAN9mkmnvg1pHWSbtpTdJinwb8LiXWz2d3
boJgGo1gF1y5HefaxlHpqtNQhCVtMXzVMGUsKMDXT2w46lb2v1XXaVkI+u6LkEGN
JQLMZYtxOtx8+bRNVr6ozepSLcrQjePa2fM0Fl9bK5c6O2q9lpi4Gl2H3kMPN2HX
L680WSOhBGJy1NnT92jsdUJrYPLizOjp3W6uVaaYnSKhM7wxqaV9jaVLNJ/eiq5q
fAsu7fefE8ge7Ajx3ihZa8+bQfT5vTZQRdfZrwaBxuRZ3u5cldOu+7WZR2cIzU3C
RMoDWME/AK0U6rHkOEUYKZaAo93PHiXhc5a64ynTtQhrur2Ypm5OXw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:57 2023 by rpki-client on console-ams.rpki-client.org