Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/M2NIM/FCj0YwNiya9LUPfYLtOtxweWdlo.roa
File: FCj0YwNiya9LUPfYLtOtxweWdlo.roa (raw, json)
Hash identifier: BfmjRFgVZaESy3qGdtSTP62LDelkMFDszZ+CKSRaMn0=
Subject key identifier: 14:28:F4:63:03:62:C9:AF:4B:50:F7:D8:2E:D3:AD:C7:07:96:76:5A
Certificate issuer: /CN=07D3E73EC5EB3D704863889E221845B7695D409C
Certificate serial: 2D
Authority key identifier: 07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/FCj0YwNiya9LUPfYLtOtxweWdlo.roa
Signing time: Thu 02 May 2024 05:30:52 +0000
ROA not before: Thu 02 May 2024 05:30:52 +0000
ROA not after: Fri 28 Feb 2025 15:30:27 +0000
asID: 139358
IP address blocks: 157.20.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45 (0x2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07D3E73EC5EB3D704863889E221845B7695D409C
Validity
Not Before: May 2 05:30:52 2024 GMT
Not After : Feb 28 15:30:27 2025 GMT
Subject: CN=1428F4630362C9AF4B50F7D82ED3ADC70796765A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:99:10:fd:33:c5:5e:ca:eb:b4:dd:21:dc:f1:
9f:ae:01:8e:c9:19:fe:0e:83:d2:13:fa:c2:4c:b9:
69:ae:58:d1:70:b2:c0:98:c0:28:6b:f4:c1:71:54:
02:9f:4e:35:53:2e:03:04:4a:53:c3:79:f3:10:5d:
26:53:03:ee:04:ad:dc:2f:de:d1:b8:3e:46:93:13:
11:f8:69:12:0e:bc:a2:f1:61:81:84:8b:46:dd:0e:
02:4d:5a:56:e0:5c:bf:e5:4a:58:90:28:52:a5:48:
30:57:a3:d2:e4:e8:19:7b:66:11:34:03:10:9b:84:
2c:a9:66:59:c3:44:37:fa:1e:4d:36:99:8e:16:2c:
f3:ee:4f:a4:13:70:70:fa:ad:01:b0:7f:f1:bd:51:
a5:ab:d7:68:75:d9:74:b1:f7:b5:04:bb:85:4a:9e:
81:f0:57:83:04:1d:a2:fd:22:53:2e:fd:0a:fa:a5:
77:cc:e1:91:aa:a0:ae:9f:76:04:72:48:25:98:4b:
fc:85:57:5d:7f:b0:8a:7f:2f:00:70:6d:85:f8:a6:
6f:c9:ac:e5:a9:e5:a2:b2:e2:6f:7d:bc:5c:a2:a7:
55:1e:29:e8:e6:3c:f5:9f:b7:bb:f2:44:43:5e:4f:
26:f2:c8:cc:d9:bb:a3:5f:58:04:be:cb:49:cc:e7:
f6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:28:F4:63:03:62:C9:AF:4B:50:F7:D8:2E:D3:AD:C7:07:96:76:5A
X509v3 Authority Key Identifier:
keyid:07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/FCj0YwNiya9LUPfYLtOtxweWdlo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.135.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:1e:c7:74:71:65:d9:60:98:f2:28:3a:b8:0c:97:64:7f:20:
b9:6b:fc:d0:40:f2:4a:bc:ad:a3:3d:48:d4:53:cf:ea:75:80:
40:b2:08:24:a3:6e:f3:a4:e5:0f:a1:27:85:ce:d5:f5:6e:41:
86:a9:b5:b8:e1:81:94:e8:76:bd:a7:f2:dc:dd:b0:3c:8b:64:
d9:e4:32:a9:20:20:02:2c:8a:16:38:2c:10:7d:ec:ac:67:d9:
72:fc:9e:77:d2:11:b2:49:76:56:a9:71:49:c7:3a:28:0b:d2:
13:74:22:c5:e3:b5:ed:41:a4:31:1d:e2:06:de:3e:4e:d7:f2:
ca:09:40:3b:30:37:0a:28:c3:97:46:64:92:4e:2c:01:32:82:
f0:42:a8:fa:3b:5f:17:bb:d8:e4:8a:0b:40:34:ec:d2:54:ad:
25:77:31:3d:9a:96:98:05:33:63:4a:ea:cf:b8:2f:5a:f3:1e:
cd:c1:f4:d4:d8:ce:d4:e8:a1:9a:dd:8d:97:24:f7:26:a2:cf:
5d:26:52:b4:e0:28:30:ab:8c:e7:97:f6:37:e7:09:4e:b8:a8:
79:7a:e9:f0:dd:96:68:fa:99:42:e2:f6:6b:dd:80:7d:00:3d:
c2:a1:3d:25:23:8a:47:4f:54:56:4b:29:b0:37:39:c0:37:b6:
fd:16:53:90
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwN0Qz
RTczRUM1RUIzRDcwNDg2Mzg4OUUyMjE4NDVCNzY5NUQ0MDlDMB4XDTI0MDUwMjA1
MzA1MloXDTI1MDIyODE1MzAyN1owMzExMC8GA1UEAxMoMTQyOEY0NjMwMzYyQzlB
RjRCNTBGN0Q4MkVEM0FEQzcwNzk2NzY1QTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANWZEP0zxV7K67TdIdzxn64BjskZ/g6D0hP6wky5aa5Y0XCywJjA
KGv0wXFUAp9ONVMuAwRKU8N58xBdJlMD7gSt3C/e0bg+RpMTEfhpEg68ovFhgYSL
Rt0OAk1aVuBcv+VKWJAoUqVIMFej0uToGXtmETQDEJuELKlmWcNEN/oeTTaZjhYs
8+5PpBNwcPqtAbB/8b1RpavXaHXZdLH3tQS7hUqegfBXgwQdov0iUy79Cvqld8zh
kaqgrp92BHJIJZhL/IVXXX+win8vAHBthfimb8ms5anlorLib328XKKnVR4p6OY8
9Z+3u/JEQ15PJvLIzNm7o19YBL7LSczn9jcCAwEAAaOCAewwggHoMB0GA1UdDgQW
BBQUKPRjA2LJr0tQ99gu063HB5Z2WjAfBgNVHSMEGDAWgBQH0+c+xes9cEhjiJ4i
GEW3aV1AnDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NMk5JTS9C
OVBuUHNYclBYQklZNGllSWhoRnQybGRRSncuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0I5UG5Qc1hyUFhCSVk0aWVJaGhGdDJsZFFKdy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL00yTklNL0ZDajBZd05peWE5TFVQZllMdE90
eHdlV2Rsby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACdFIcw
DQYJKoZIhvcNAQELBQADggEBABsex3RxZdlgmPIoOrgMl2R/ILlr/NBA8kq8raM9
SNRTz+p1gECyCCSjbvOk5Q+hJ4XO1fVuQYaptbjhgZTodr2n8tzdsDyLZNnkMqkg
IAIsihY4LBB97Kxn2XL8nnfSEbJJdlapcUnHOigL0hN0IsXjte1BpDEd4gbePk7X
8soJQDswNwoow5dGZJJOLAEygvBCqPo7Xxe72OSKC0A07NJUrSV3MT2alpgFM2NK
6s+4L1rzHs3B9NTYztTooZrdjZck9yaiz10mUrTgKDCrjOeX9jfnCU64qHl66fDd
lmj6mULi9mvdgH0APcKhPSUjikdPVFZLKbA3OcA3tv0WU5A=
-----END CERTIFICATE-----
Generated at Mon Apr 14 07:55:58 2025 by rpki-client