Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/c7iyWnHKyxKtDCbezhafB2i8qAQ.roa
File: c7iyWnHKyxKtDCbezhafB2i8qAQ.roa (raw, json)
Hash identifier: r7+HcdkGAlhXWGx5mwcIxlWKew6kDBOdFVgkooFC2ho=
Subject key identifier: 73:B8:B2:5A:71:CA:CB:12:AD:0C:26:DE:CE:16:9F:07:68:BC:A8:04
Certificate issuer: /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial: 01AF
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/c7iyWnHKyxKtDCbezhafB2i8qAQ.roa
Signing time: Thu 20 Apr 2023 17:44:30 +0000
ROA not before: Thu 20 Apr 2023 17:44:30 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 396998
IP address blocks: 103.172.126.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 431 (0x1af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Validity
Not Before: Apr 20 17:44:30 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=73B8B25A71CACB12AD0C26DECE169F0768BCA804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:51:79:ff:28:9d:d3:c5:1e:89:65:20:2c:c0:
4f:20:96:b6:2b:a7:99:3b:24:ac:67:33:56:6c:33:
9b:b1:0a:93:96:8b:2a:cc:01:ab:46:62:ba:6e:eb:
92:59:cf:08:ff:30:c8:87:bc:b3:3a:df:2c:12:c8:
e7:35:ea:6a:b8:96:f3:81:ad:9d:eb:28:aa:64:70:
1f:83:86:f4:03:d9:72:53:a2:f2:89:ce:3f:80:34:
b5:cf:fa:88:60:a6:04:10:53:28:de:2a:39:c8:6a:
8a:38:52:74:b3:e9:ca:13:6c:db:d9:24:84:8a:7b:
f8:1c:36:ba:b2:17:46:ce:34:27:7a:86:57:46:3f:
76:c8:f8:74:38:3f:8a:c2:bd:28:ab:f2:d8:9e:38:
a6:df:47:db:52:28:09:84:4f:22:fa:16:f8:70:14:
86:98:fa:81:6c:de:10:6d:1f:09:b1:c6:17:32:5f:
da:61:b9:07:fd:55:3e:32:5a:78:1d:96:89:00:35:
97:47:a8:39:e7:9b:63:b6:0a:66:4c:b4:91:1e:13:
75:b2:f2:15:4f:8e:49:04:56:52:97:9a:5a:f6:20:
48:9c:50:27:fd:10:38:a0:bb:35:8d:fc:4e:8f:2d:
1a:fe:f0:4b:73:b9:a4:5e:35:57:60:70:8c:c7:2d:
9f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B8:B2:5A:71:CA:CB:12:AD:0C:26:DE:CE:16:9F:07:68:BC:A8:04
X509v3 Authority Key Identifier:
keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/c7iyWnHKyxKtDCbezhafB2i8qAQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.126.0/23
Signature Algorithm: sha256WithRSAEncryption
73:44:21:f4:82:0f:43:0d:28:58:a1:64:bc:4b:1f:ac:df:29:
2c:5a:b0:4e:08:1a:ab:f9:99:69:1f:8a:41:fc:22:80:c3:80:
94:bd:6d:53:6f:ab:66:42:bf:69:77:5a:69:c3:92:dc:e6:76:
24:9d:fc:20:2f:21:13:a0:e6:1f:db:6f:a2:fc:95:97:10:bd:
ce:b8:dc:14:36:ad:76:81:52:00:b1:52:85:82:ff:63:66:14:
39:06:e2:72:ce:3d:93:a1:6c:1e:fe:b2:ed:de:9f:b8:84:62:
a7:a8:f4:42:b1:64:89:63:e3:e1:69:79:d1:31:09:14:1f:e5:
24:9d:5d:18:31:cd:d6:c0:b9:79:d4:e3:dd:36:48:f1:84:85:
ec:c2:69:0c:74:82:16:28:3c:a1:cf:19:c0:b6:42:6d:87:f1:
39:c5:07:e6:95:35:88:d5:a9:46:a5:bd:8b:b1:e9:f8:d7:bb:
64:f0:e0:67:ee:b9:85:56:61:c8:49:a1:45:37:0c:b1:fb:33:
8e:e7:d9:85:0b:a9:9c:bf:ca:ba:a9:75:91:f5:00:f4:66:fa:
05:63:65:4e:77:63:34:68:39:9a:15:41:8d:8a:16:92:b6:18:
18:9f:3e:5a:0b:cd:d0:c8:1a:fd:1d:36:9c:77:05:3d:41:6a:
89:25:fc:0e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICAa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yMzA0MjAx
NzQ0MzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDczQjhCMjVBNzFDQUNC
MTJBRDBDMjZERUNFMTY5RjA3NjhCQ0E4MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/UXn/KJ3TxR6JZSAswE8glrYrp5k7JKxnM1ZsM5uxCpOWiyrM
AatGYrpu65JZzwj/MMiHvLM63ywSyOc16mq4lvOBrZ3rKKpkcB+DhvQD2XJTovKJ
zj+ANLXP+ohgpgQQUyjeKjnIaoo4UnSz6coTbNvZJISKe/gcNrqyF0bONCd6hldG
P3bI+HQ4P4rCvSir8tieOKbfR9tSKAmETyL6FvhwFIaY+oFs3hBtHwmxxhcyX9ph
uQf9VT4yWngdlokANZdHqDnnm2O2CmZMtJEeE3Wy8hVPjkkEVlKXmlr2IEicUCf9
EDiguzWN/E6PLRr+8EtzuaReNVdgcIzHLZ/JAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUc7iyWnHKyxKtDCbezhafB2i8qAQwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC9jN2l5V25IS3l4S3RE
Q2JlemhhZkIyaThxQVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ6x+MA0GCSqGSIb3DQEBCwUAA4IBAQBzRCH0gg9DDShYoWS8Sx+s3yksWrBO
CBqr+ZlpH4pB/CKAw4CUvW1Tb6tmQr9pd1ppw5Lc5nYknfwgLyEToOYf22+i/JWX
EL3OuNwUNq12gVIAsVKFgv9jZhQ5BuJyzj2ToWwe/rLt3p+4hGKnqPRCsWSJY+Ph
aXnRMQkUH+UknV0YMc3WwLl51OPdNkjxhIXswmkMdIIWKDyhzxnAtkJth/E5xQfm
lTWI1alGpb2Lsen417tk8OBn7rmFVmHISaFFNwyx+zOO59mFC6mcv8q6qXWR9QD0
ZvoFY2VOd2M0aDmaFUGNihaSthgYnz5aC83QyBr9HTacdwU9QWqJJfwO
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:11 2024 by rpki-client on console-ams.rpki-client.org