Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MCK/NpkU8FrpjLXtPK2Gbq5hwNC2Byk.roa
File: NpkU8FrpjLXtPK2Gbq5hwNC2Byk.roa (raw, json)
Hash identifier: 9HdjPsYi+uxxefW59d18aF3Y+I2b5hRYYtt5o+R/YVQ=
Subject key identifier: 36:99:14:F0:5A:E9:8C:B5:ED:3C:AD:86:6E:AE:61:C0:D0:B6:07:29
Certificate issuer: /CN=83CF8C19843BACDE6445D4BD4A1E66441B23F3E3
Certificate serial: 0578
Authority key identifier: 83:CF:8C:19:84:3B:AC:DE:64:45:D4:BD:4A:1E:66:44:1B:23:F3:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/NpkU8FrpjLXtPK2Gbq5hwNC2Byk.roa
Signing time: Sun 21 Nov 2021 16:41:24 +0000
ROA not before: Sun 21 Nov 2021 16:41:24 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131618
IP address blocks: 103.148.68.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1400 (0x578)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83CF8C19843BACDE6445D4BD4A1E66441B23F3E3
Validity
Not Before: Nov 21 16:41:24 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=369914F05AE98CB5ED3CAD866EAE61C0D0B60729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8b:fd:3c:8e:4e:63:02:b3:24:f1:66:f0:9f:
b3:e9:fd:39:89:e3:d5:11:a3:f5:96:e0:3e:da:cf:
ac:62:d5:10:7d:72:fd:fe:bf:3d:60:3a:ee:b7:46:
28:71:96:d5:6a:0e:46:3f:5d:32:3a:dd:c7:ab:d6:
f7:97:20:ab:86:f2:43:49:5f:b2:d6:87:13:dc:37:
f2:08:0b:74:a5:75:b5:a2:07:2e:22:22:c5:56:d6:
7b:80:a4:86:78:c4:52:d6:7c:26:a2:f4:fb:54:00:
94:e6:81:31:41:f5:06:0e:2a:5f:5b:d2:a5:fa:c8:
f7:5e:01:b6:c3:d9:2f:a5:8f:e9:47:c1:8e:c7:97:
6d:c3:47:13:bd:19:5c:e9:93:34:9f:24:e2:a9:ed:
cc:74:c2:7c:7e:ee:ac:35:b9:ba:10:0e:44:40:ad:
5e:70:42:a2:a4:84:d0:23:8b:80:a8:3e:1e:ec:a4:
72:d9:89:1d:b5:f7:ac:42:3d:90:d0:29:dd:b7:55:
44:20:57:85:70:78:36:46:50:3a:1e:12:bb:86:95:
03:ae:4e:27:b3:fe:9c:e9:26:ea:54:0f:7e:dd:e5:
9b:7e:ca:38:a8:bb:8f:e3:d6:56:54:a6:19:6e:55:
12:dd:5a:79:25:5f:a4:f9:cc:35:e1:bf:8e:91:1a:
cc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:99:14:F0:5A:E9:8C:B5:ED:3C:AD:86:6E:AE:61:C0:D0:B6:07:29
X509v3 Authority Key Identifier:
keyid:83:CF:8C:19:84:3B:AC:DE:64:45:D4:BD:4A:1E:66:44:1B:23:F3:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/NpkU8FrpjLXtPK2Gbq5hwNC2Byk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.68.0/23
Signature Algorithm: sha256WithRSAEncryption
46:28:1e:5c:33:56:c0:57:0a:d8:18:c8:2f:26:8b:33:05:c9:
28:79:c1:44:16:d5:68:ee:71:62:d1:53:06:7c:22:b6:77:f7:
b0:9d:dc:30:fe:74:d4:27:18:8a:95:89:d6:90:cd:9a:3d:e9:
c6:d1:9a:b8:c4:90:16:27:83:5c:83:2c:93:c9:09:31:b3:39:
23:e1:df:5f:f9:d8:98:80:25:ec:c3:f7:82:cf:59:73:49:88:
a3:44:98:f1:c0:a9:3e:82:f7:7e:d7:a4:45:13:a4:2c:be:16:
0a:8b:79:67:70:f4:68:f2:73:94:5f:f4:41:b8:d1:29:3c:be:
f9:90:ab:79:6d:9d:cb:46:10:b1:fe:71:3f:65:f9:aa:43:aa:
06:2e:45:be:fc:a3:df:7b:c0:08:79:98:ea:55:ee:dc:50:de:
3d:55:c7:27:04:57:39:05:75:58:b5:52:e7:fa:06:12:6a:79:
bd:11:19:1f:58:af:c0:21:ab:1e:49:2a:eb:c0:78:ae:01:e5:
43:89:8d:1c:ee:fc:3a:74:ad:ae:49:37:be:8d:8c:b1:00:4f:
bb:97:df:15:9b:d4:8e:4f:90:d1:3f:43:67:20:c5:5f:9e:80:
a6:7e:7f:c7:02:a2:8b:05:26:f0:a5:81:66:36:39:66:59:c2:
83:db:e2:3d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODND
RjhDMTk4NDNCQUNERTY0NDVENEJENEExRTY2NDQxQjIzRjNFMzAeFw0yMTExMjEx
NjQxMjRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM2OTkxNEYwNUFFOThD
QjVFRDNDQUQ4NjZFQUU2MUMwRDBCNjA3MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCei/08jk5jArMk8Wbwn7Pp/TmJ49URo/WW4D7az6xi1RB9cv3+
vz1gOu63RihxltVqDkY/XTI63cer1veXIKuG8kNJX7LWhxPcN/IIC3SldbWiBy4i
IsVW1nuApIZ4xFLWfCai9PtUAJTmgTFB9QYOKl9b0qX6yPdeAbbD2S+lj+lHwY7H
l23DRxO9GVzpkzSfJOKp7cx0wnx+7qw1uboQDkRArV5wQqKkhNAji4CoPh7spHLZ
iR2196xCPZDQKd23VUQgV4VweDZGUDoeEruGlQOuTiez/pzpJupUD37d5Zt+yjio
u4/j1lZUphluVRLdWnklX6T5zDXhv46RGszzAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUNpkU8FrpjLXtPK2Gbq5hwNC2BykwHwYDVR0jBBgwFoAUg8+MGYQ7rN5kRdS9
Sh5mRBsj8+MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUNLL2c4
LU1HWVE3ck41a1JkUzlTaDVtUkJzajgtTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZzgtTUdZUTdyTjVrUmRTOVNoNW1SQnNqOC1NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTUNLL05wa1U4RnJwakxYdFBLMkdicTVod05D
MkJ5ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEQwDQYJ
KoZIhvcNAQELBQADggEBAEYoHlwzVsBXCtgYyC8mizMFySh5wUQW1WjucWLRUwZ8
IrZ397Cd3DD+dNQnGIqVidaQzZo96cbRmrjEkBYng1yDLJPJCTGzOSPh31/52JiA
JezD94LPWXNJiKNEmPHAqT6C937XpEUTpCy+FgqLeWdw9Gjyc5Rf9EG40Sk8vvmQ
q3ltnctGELH+cT9l+apDqgYuRb78o997wAh5mOpV7txQ3j1VxycEVzkFdVi1Uuf6
BhJqeb0RGR9Yr8Ahqx5JKuvAeK4B5UOJjRzu/Dp0ra5JN76NjLEAT7uX3xWb1I5P
kNE/Q2cgxV+egKZ+f8cCoosFJvClgWY2OWZZwoPb4j0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org