Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/M2NIM/wVSJemqXqih8hyQIBCnjOc3IVn0.roa
File: wVSJemqXqih8hyQIBCnjOc3IVn0.roa (raw, json)
Hash identifier: 5uZ/kWnqE2Lc3A6gVIh4etj9cmJ3OZzf08DHid5iE/o=
Subject key identifier: C1:54:89:7A:6A:97:AA:28:7C:87:24:08:04:29:E3:39:CD:C8:56:7D
Certificate issuer: /CN=07D3E73EC5EB3D704863889E221845B7695D409C
Certificate serial: 0B
Authority key identifier: 07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/wVSJemqXqih8hyQIBCnjOc3IVn0.roa
Signing time: Thu 14 Mar 2024 09:51:31 +0000
ROA not before: Thu 14 Mar 2024 09:51:31 +0000
ROA not after: Fri 28 Feb 2025 15:30:27 +0000
asID: 400618
IP address blocks: 157.20.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07D3E73EC5EB3D704863889E221845B7695D409C
Validity
Not Before: Mar 14 09:51:31 2024 GMT
Not After : Feb 28 15:30:27 2025 GMT
Subject: CN=C154897A6A97AA287C8724080429E339CDC8567D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:64:08:9b:d2:50:9b:29:1c:a4:d2:01:d1:87:
5a:df:b7:81:f1:72:82:ce:15:8f:eb:da:8f:b5:65:
3f:2a:ac:60:13:32:16:4f:b4:da:7a:aa:ed:fe:bb:
c6:4d:aa:3b:77:5d:30:dd:b9:a1:28:88:20:31:b7:
32:c4:0c:ae:16:8f:95:95:b7:ea:6e:a7:04:df:59:
e9:49:df:05:04:12:8e:fd:d9:ab:df:20:7e:38:73:
82:e6:18:ac:26:15:5b:c2:b6:4d:d2:11:b7:a1:c3:
03:5a:4c:7b:f9:71:a3:de:b9:53:79:7b:0e:c0:bd:
db:c3:cb:ee:97:3f:49:61:56:53:b5:c2:16:f7:d2:
95:60:d8:8a:86:a8:26:ae:31:69:6f:7e:84:76:33:
76:83:ac:97:a9:db:30:00:c0:2e:2e:9f:4e:3a:b8:
90:ff:19:17:32:0b:22:27:c3:8a:c6:f3:b9:80:1b:
60:80:74:f7:f4:67:eb:f7:9a:ef:65:61:ce:ff:ce:
5d:84:3e:88:d3:97:30:fa:95:92:4b:91:fc:b6:dd:
1c:c8:61:14:f8:a9:da:d5:66:ba:0c:ed:5c:9a:9f:
ee:b4:02:0a:85:6c:ee:29:45:0f:51:94:f2:02:d8:
db:26:76:84:5e:d3:78:a9:31:b7:cb:81:13:32:83:
b3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:54:89:7A:6A:97:AA:28:7C:87:24:08:04:29:E3:39:CD:C8:56:7D
X509v3 Authority Key Identifier:
keyid:07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/wVSJemqXqih8hyQIBCnjOc3IVn0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.134.0/24
Signature Algorithm: sha256WithRSAEncryption
33:05:65:4b:62:8a:55:d4:90:43:65:0e:7b:10:27:e8:55:4f:
51:f8:f1:a5:dc:e6:82:cf:86:7a:91:af:0d:c7:95:c6:39:4a:
3b:e9:7d:20:be:41:d6:06:70:06:59:d1:bf:93:58:d2:eb:1b:
9e:a7:24:dc:19:e5:7a:41:d5:b9:11:84:e2:c3:3a:ac:f0:dc:
16:35:d8:8b:e9:af:bf:64:20:51:f9:fc:79:00:3c:f5:74:86:
be:ee:af:4c:43:69:e7:54:62:9f:e3:45:f0:36:51:c9:43:74:
35:46:16:f1:09:12:35:d8:8c:63:c6:a4:fa:c1:78:24:9c:ee:
df:36:22:e5:e9:c9:e1:a0:5d:0d:4d:83:6d:e9:d5:dd:0f:56:
ee:2f:26:44:73:40:46:94:36:f1:7f:e8:b1:b9:c7:5c:e4:27:
55:08:03:1f:b8:9b:13:90:ca:3e:b6:cf:29:a5:81:75:45:66:
b2:6d:2f:f0:e7:b3:45:90:82:09:b9:76:a4:46:b9:49:0f:b5:
b7:0b:40:44:ca:a8:5f:da:03:ba:09:b0:bb:c1:57:c4:d7:16:
5f:2b:62:53:1b:a5:80:a1:9e:73:1e:f4:af:2a:57:93:a3:bc:
d5:36:3a:c6:aa:ea:f5:71:01:c8:c7:e0:b2:e3:bd:ee:c1:13:
23:c0:9b:77
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwN0Qz
RTczRUM1RUIzRDcwNDg2Mzg4OUUyMjE4NDVCNzY5NUQ0MDlDMB4XDTI0MDMxNDA5
NTEzMVoXDTI1MDIyODE1MzAyN1owMzExMC8GA1UEAxMoQzE1NDg5N0E2QTk3QUEy
ODdDODcyNDA4MDQyOUUzMzlDREM4NTY3RDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMhkCJvSUJspHKTSAdGHWt+3gfFygs4Vj+vaj7VlPyqsYBMyFk+0
2nqq7f67xk2qO3ddMN25oSiIIDG3MsQMrhaPlZW36m6nBN9Z6UnfBQQSjv3Zq98g
fjhzguYYrCYVW8K2TdIRt6HDA1pMe/lxo965U3l7DsC928PL7pc/SWFWU7XCFvfS
lWDYioaoJq4xaW9+hHYzdoOsl6nbMADALi6fTjq4kP8ZFzILIifDisbzuYAbYIB0
9/Rn6/ea72Vhzv/OXYQ+iNOXMPqVkkuR/LbdHMhhFPip2tVmugztXJqf7rQCCoVs
7ilFD1GU8gLY2yZ2hF7TeKkxt8uBEzKDsxMCAwEAAaOCAewwggHoMB0GA1UdDgQW
BBTBVIl6apeqKHyHJAgEKeM5zchWfTAfBgNVHSMEGDAWgBQH0+c+xes9cEhjiJ4i
GEW3aV1AnDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NMk5JTS9C
OVBuUHNYclBYQklZNGllSWhoRnQybGRRSncuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0I5UG5Qc1hyUFhCSVk0aWVJaGhGdDJsZFFKdy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL00yTklNL3dWU0plbXFYcWloOGh5UUlCQ25q
T2MzSVZuMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACdFIYw
DQYJKoZIhvcNAQELBQADggEBADMFZUtiilXUkENlDnsQJ+hVT1H48aXc5oLPhnqR
rw3HlcY5SjvpfSC+QdYGcAZZ0b+TWNLrG56nJNwZ5XpB1bkRhOLDOqzw3BY12Ivp
r79kIFH5/HkAPPV0hr7ur0xDaedUYp/jRfA2UclDdDVGFvEJEjXYjGPGpPrBeCSc
7t82IuXpyeGgXQ1Ng23p1d0PVu4vJkRzQEaUNvF/6LG5x1zkJ1UIAx+4mxOQyj62
zymlgXVFZrJtL/Dns0WQggm5dqRGuUkPtbcLQETKqF/aA7oJsLvBV8TXFl8rYlMb
pYChnnMe9K8qV5OjvNU2Osaq6vVxAcjH4LLjve7BEyPAm3c=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:10:09 2025 by rpki-client