Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MCK/GkfjG4RVRfNzX7O3ZRVg-mopNFI.roa
File: GkfjG4RVRfNzX7O3ZRVg-mopNFI.roa (raw, json)
Hash identifier: 9oxpgS5mboPHykhNijCtC/vnJeCQaou3XKyT5z8Il9A=
Subject key identifier: 1A:47:E3:1B:84:55:45:F3:73:5F:B3:B7:65:15:60:FA:6A:29:34:52
Certificate issuer: /CN=83CF8C19843BACDE6445D4BD4A1E66441B23F3E3
Certificate serial: 04B3
Authority key identifier: 83:CF:8C:19:84:3B:AC:DE:64:45:D4:BD:4A:1E:66:44:1B:23:F3:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/GkfjG4RVRfNzX7O3ZRVg-mopNFI.roa
Signing time: Sun 07 Feb 2021 13:03:59 +0000
ROA not before: Sun 07 Feb 2021 13:03:59 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131618
IP address blocks: 103.148.68.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1203 (0x4b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83CF8C19843BACDE6445D4BD4A1E66441B23F3E3
Validity
Not Before: Feb 7 13:03:59 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1A47E31B845545F3735FB3B7651560FA6A293452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bb:cf:d2:b8:ae:b3:d2:84:4c:b6:55:dd:34:
31:9c:5e:e2:0b:cb:44:74:b0:ec:8d:c9:1c:83:bd:
8b:3e:a5:a7:d8:c6:4e:13:c7:65:9a:6e:53:c7:2b:
8b:56:ad:ed:51:19:6b:3e:ba:24:fe:58:b9:c8:84:
d8:74:dc:27:e6:9d:94:93:66:b7:d5:94:ab:fa:5e:
ff:21:8e:9f:34:cd:c9:ae:c8:6d:c5:3e:d7:a1:49:
6f:31:ca:a2:2c:77:4c:f6:35:0f:5b:bf:64:4a:6b:
ef:05:d8:6e:f9:77:99:22:c2:37:08:9f:bb:0d:72:
25:65:5a:09:89:7b:3d:34:33:0f:74:82:8c:26:c1:
5b:4d:85:e1:c0:91:cf:f2:47:bd:92:ed:64:1b:1d:
c1:05:d7:37:6a:00:ca:e8:98:91:ca:cb:62:90:42:
b0:28:5c:9c:f7:28:6b:ba:53:93:ce:b7:67:fb:74:
66:b7:1d:c8:4d:c2:42:74:d8:ce:5f:aa:46:52:d3:
06:89:58:74:1a:63:85:f0:95:b9:0d:57:65:7a:c8:
52:1d:20:8d:9a:91:f2:6a:38:53:03:fe:08:d6:09:
f4:91:73:7a:60:23:9a:9c:a1:e8:db:9b:3c:ad:08:
f9:da:28:3e:33:1f:0e:93:5d:35:54:0c:11:12:e7:
e9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:47:E3:1B:84:55:45:F3:73:5F:B3:B7:65:15:60:FA:6A:29:34:52
X509v3 Authority Key Identifier:
keyid:83:CF:8C:19:84:3B:AC:DE:64:45:D4:BD:4A:1E:66:44:1B:23:F3:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/GkfjG4RVRfNzX7O3ZRVg-mopNFI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.68.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:76:52:0b:73:6e:37:59:11:56:c9:55:b4:87:f9:aa:05:ed:
ee:aa:f0:74:54:b4:0a:02:b4:03:76:6d:05:29:c0:67:04:40:
eb:9d:9a:39:0d:ac:be:b7:35:26:07:e0:92:8e:ae:bd:07:45:
bc:01:f5:08:c4:b4:6a:4b:1c:bd:f9:62:ed:59:29:19:e3:3d:
d9:f3:18:aa:e8:98:4a:ee:99:2d:91:e4:4e:67:85:d7:8c:da:
db:69:7f:ef:35:f0:0b:12:2d:f7:21:c5:1d:4b:2e:e7:4a:71:
f9:92:64:7c:d3:83:f9:bc:2f:29:b9:25:b9:d6:21:8c:76:28:
30:55:42:3b:8a:67:41:23:1b:38:31:20:4f:80:83:2f:87:56:
54:3a:e4:43:23:0d:37:ec:3b:88:fd:67:c6:68:b1:b9:a2:dd:
5d:34:39:3f:a7:e1:17:a3:b1:44:e5:23:73:ce:e2:d8:e0:34:
1f:b2:ba:1a:13:22:35:5d:d9:ab:44:fa:97:15:71:20:bc:b4:
39:6f:4c:71:43:d2:c1:3f:ef:8d:3b:ef:fd:70:c1:8e:45:6c:
bf:76:3a:2b:84:8b:c0:81:fc:a7:32:bf:e6:03:f3:76:71:cd:
20:34:f8:ba:5c:d5:91:54:5c:1b:e6:d1:54:5c:b7:8c:5f:a9:
7f:49:2e:47
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBLMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODND
RjhDMTk4NDNCQUNERTY0NDVENEJENEExRTY2NDQxQjIzRjNFMzAeFw0yMTAyMDcx
MzAzNTlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFBNDdFMzFCODQ1NTQ1
RjM3MzVGQjNCNzY1MTU2MEZBNkEyOTM0NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0u8/SuK6z0oRMtlXdNDGcXuILy0R0sOyNyRyDvYs+pafYxk4T
x2WablPHK4tWre1RGWs+uiT+WLnIhNh03CfmnZSTZrfVlKv6Xv8hjp80zcmuyG3F
PtehSW8xyqIsd0z2NQ9bv2RKa+8F2G75d5kiwjcIn7sNciVlWgmJez00Mw90gowm
wVtNheHAkc/yR72S7WQbHcEF1zdqAMromJHKy2KQQrAoXJz3KGu6U5POt2f7dGa3
HchNwkJ02M5fqkZS0waJWHQaY4XwlbkNV2V6yFIdII2akfJqOFMD/gjWCfSRc3pg
I5qcoejbmzytCPnaKD4zHw6TXTVUDBES5+nvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUGkfjG4RVRfNzX7O3ZRVg+mopNFIwHwYDVR0jBBgwFoAUg8+MGYQ7rN5kRdS9
Sh5mRBsj8+MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUNLL2c4
LU1HWVE3ck41a1JkUzlTaDVtUkJzajgtTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZzgtTUdZUTdyTjVrUmRTOVNoNW1SQnNqOC1NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTUNLL0drZmpHNFJWUmZOelg3TzNaUlZnLW1v
cE5GSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEQwDQYJ
KoZIhvcNAQELBQADggEBAKZ2UgtzbjdZEVbJVbSH+aoF7e6q8HRUtAoCtAN2bQUp
wGcEQOudmjkNrL63NSYH4JKOrr0HRbwB9QjEtGpLHL35Yu1ZKRnjPdnzGKromEru
mS2R5E5nhdeM2ttpf+818AsSLfchxR1LLudKcfmSZHzTg/m8Lym5JbnWIYx2KDBV
QjuKZ0EjGzgxIE+Agy+HVlQ65EMjDTfsO4j9Z8Zosbmi3V00OT+n4RejsUTlI3PO
4tjgNB+yuhoTIjVd2atE+pcVcSC8tDlvTHFD0sE/74077/1wwY5FbL92OiuEi8CB
/Kcyv+YD83ZxzSA0+Lpc1ZFUXBvm0VRct4xfqX9JLkc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org