Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/Zd6m0ovIbBeAOhyXwzm8VrVsP6U.roa
File: Zd6m0ovIbBeAOhyXwzm8VrVsP6U.roa (raw, json)
Hash identifier: gRmffYlNUp6M4T4+qWGUckNE6cvSRloUoqESey0x+VM=
Subject key identifier: 65:DE:A6:D2:8B:C8:6C:17:80:3A:1C:97:C3:39:BC:56:B5:6C:3F:A5
Certificate issuer: /CN=EDC0457A140B2D436CE7FAE67D8491CFFC6E7F3E
Certificate serial: 09B1
Authority key identifier: ED:C0:45:7A:14:0B:2D:43:6C:E7:FA:E6:7D:84:91:CF:FC:6E:7F:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7cBFehQLLUNs5_rmfYSRz_xufz4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/Zd6m0ovIbBeAOhyXwzm8VrVsP6U.roa
Signing time: Wed 06 Jul 2022 02:03:09 +0000
ROA not before: Wed 06 Jul 2022 02:03:09 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131632
IP address blocks: 103.123.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2481 (0x9b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EDC0457A140B2D436CE7FAE67D8491CFFC6E7F3E
Validity
Not Before: Jul 6 02:03:09 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=65DEA6D28BC86C17803A1C97C339BC56B56C3FA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:aa:10:ac:19:aa:19:e0:fc:e7:98:ad:85:58:
b3:fb:ca:91:28:ba:cc:0a:98:20:d2:7e:06:13:63:
85:80:86:ed:6e:e2:da:25:09:dd:4a:6c:71:5b:0f:
b7:38:5b:98:96:ba:ac:83:04:46:f0:87:e2:15:c2:
a2:4f:71:9b:2f:50:17:c4:02:93:01:02:f0:e1:13:
73:70:a4:59:50:43:50:1e:5f:b9:aa:ad:6c:01:eb:
76:63:10:7f:13:39:de:9f:f8:06:d5:e5:dc:7a:8e:
7c:85:4b:32:6f:52:1a:8c:4a:cf:ef:5b:d7:ec:2f:
97:b8:23:12:40:98:62:fc:be:d5:ad:65:d1:5c:54:
43:76:df:e8:c9:a7:fc:aa:93:a3:0d:72:66:86:7f:
3a:9f:c4:98:23:91:4e:8d:f2:79:9b:28:4b:93:a9:
7e:54:5f:bf:83:1e:3d:c7:cb:75:a7:a4:89:f2:ba:
51:af:72:be:9a:eb:dd:78:ce:7a:53:f0:b0:f0:54:
15:f3:01:9c:b9:40:5e:fc:bc:fe:af:0b:05:77:00:
0a:50:46:f5:56:e1:75:80:17:a3:ab:3f:b5:25:0a:
21:c0:d8:5b:83:ba:7c:92:01:07:7d:74:e5:68:f6:
f8:02:4c:87:52:50:df:02:4f:b4:81:c9:d9:9c:c2:
84:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DE:A6:D2:8B:C8:6C:17:80:3A:1C:97:C3:39:BC:56:B5:6C:3F:A5
X509v3 Authority Key Identifier:
keyid:ED:C0:45:7A:14:0B:2D:43:6C:E7:FA:E6:7D:84:91:CF:FC:6E:7F:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/7cBFehQLLUNs5_rmfYSRz_xufz4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7cBFehQLLUNs5_rmfYSRz_xufz4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/Zd6m0ovIbBeAOhyXwzm8VrVsP6U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.2.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:6c:6a:b0:0a:f4:9b:9e:9d:63:f0:84:9a:c2:ed:0c:3d:a6:
0e:22:a8:4c:c4:35:3d:b0:8d:80:30:0a:55:4e:06:28:9b:19:
6d:bc:8f:9c:98:61:a6:d2:fc:82:8a:65:b4:1d:09:7e:aa:d0:
a7:55:ac:9c:c3:07:65:b9:91:ed:41:ac:cd:d1:46:d8:5e:69:
86:47:46:6e:c9:45:b9:67:f3:ed:0a:a7:e3:44:7a:8d:c6:4d:
92:b4:d6:44:5b:34:79:f5:d6:60:28:54:97:7c:70:0b:0a:2d:
81:09:cf:58:d2:79:d3:b9:e6:4b:c3:73:e6:bf:63:ba:c4:73:
4b:e7:53:4c:97:86:2b:a9:ce:5b:e7:38:c3:53:78:fd:89:e9:
21:c4:2e:a0:d8:95:ef:14:ec:10:55:0e:4d:8c:79:a7:6d:03:
af:3c:0a:bc:fa:16:e7:ee:df:97:f9:2d:98:28:29:df:5d:2d:
95:a6:9a:29:dc:cf:b7:00:00:3d:49:fe:60:9d:4d:f8:87:df:
d4:48:95:7d:2c:84:6e:9d:15:72:09:a4:f4:b2:c0:95:47:06:
b9:41:ff:f4:c0:ac:db:e7:c6:c5:67:34:fa:bf:81:c7:90:82:
d6:49:57:8c:7f:7e:2d:1c:ce:bf:e0:9a:4b:ab:d3:32:88:07:
df:a7:6c:02
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCbEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRURD
MDQ1N0ExNDBCMkQ0MzZDRTdGQUU2N0Q4NDkxQ0ZGQzZFN0YzRTAeFw0yMjA3MDYw
MjAzMDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY1REVBNkQyOEJDODZD
MTc4MDNBMUM5N0MzMzlCQzU2QjU2QzNGQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaqhCsGaoZ4PznmK2FWLP7ypEouswKmCDSfgYTY4WAhu1u4tol
Cd1KbHFbD7c4W5iWuqyDBEbwh+IVwqJPcZsvUBfEApMBAvDhE3NwpFlQQ1AeX7mq
rWwB63ZjEH8TOd6f+AbV5dx6jnyFSzJvUhqMSs/vW9fsL5e4IxJAmGL8vtWtZdFc
VEN23+jJp/yqk6MNcmaGfzqfxJgjkU6N8nmbKEuTqX5UX7+DHj3Hy3WnpInyulGv
cr6a6914znpT8LDwVBXzAZy5QF78vP6vCwV3AApQRvVW4XWAF6OrP7UlCiHA2FuD
unySAQd9dOVo9vgCTIdSUN8CT7SBydmcwoTtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZd6m0ovIbBeAOhyXwzm8VrVsP6UwHwYDVR0jBBgwFoAU7cBFehQLLUNs5/rm
fYSRz/xufz4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVUU1dJ
Ti83Y0JGZWhRTExVTnM1X3JtZllTUnpfeHVmejQuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzdjQkZlaFFMTFVOczVfcm1mWVNSel94dWZ6NC5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0xFVFNXSU4vWmQ2bTBvdkliQmVBT2h5
WHd6bThWclZzUDZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGd7AjANBgkqhkiG9w0BAQsFAAOCAQEAv2xqsAr0m56dY/CEmsLtDD2mDiKoTMQ1
PbCNgDAKVU4GKJsZbbyPnJhhptL8gopltB0JfqrQp1WsnMMHZbmR7UGszdFG2F5p
hkdGbslFuWfz7Qqn40R6jcZNkrTWRFs0efXWYChUl3xwCwotgQnPWNJ507nmS8Nz
5r9jusRzS+dTTJeGK6nOW+c4w1N4/YnpIcQuoNiV7xTsEFUOTYx5p20DrzwKvPoW
5+7fl/ktmCgp310tlaaaKdzPtwAAPUn+YJ1N+Iff1EiVfSyEbp0Vcgmk9LLAlUcG
uUH/9MCs2+fGxWc0+r+Bx5CC1klXjH9+LRzOv+CaS6vTMogH36dsAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org