Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/h2fZOpJKN6kpTjqElVWSP5njUrw.roa
File: h2fZOpJKN6kpTjqElVWSP5njUrw.roa (raw, json)
Hash identifier: y/7Iuo2AAnC/OKPsTqr+dVNqP+i+IByoM5SMu5xbVYg=
Subject key identifier: 87:67:D9:3A:92:4A:37:A9:29:4E:3A:84:95:55:92:3F:99:E3:52:BC
Certificate issuer: /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial: 010F
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/h2fZOpJKN6kpTjqElVWSP5njUrw.roa
Signing time: Thu 15 Sep 2022 02:41:58 +0000
ROA not before: Thu 15 Sep 2022 02:41:58 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 396998
IP address blocks: 103.172.126.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 271 (0x10f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Validity
Not Before: Sep 15 02:41:58 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=8767D93A924A37A9294E3A849555923F99E352BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:99:95:f7:ca:6c:7f:80:cf:b9:92:31:dd:87:
0e:09:8c:d4:a3:8d:5c:69:53:b3:4c:5e:08:0c:d1:
04:df:8a:f3:d8:3e:96:36:01:a7:e7:5c:8a:01:1d:
2a:66:9b:dd:08:c2:0b:3b:9d:32:fe:84:0b:8d:83:
a0:51:81:3b:0d:32:2c:f8:20:b8:16:3e:30:d7:94:
73:08:18:ab:23:f1:05:53:02:70:db:2b:5e:8a:21:
9e:8b:2f:7b:56:d3:04:55:06:1e:01:68:2b:b0:29:
80:3c:df:02:66:b8:8e:0c:d7:19:36:88:6c:17:2c:
2d:2d:46:cb:a7:5e:53:2a:79:a1:2d:1d:0e:09:a1:
9e:3b:a4:2b:38:cd:48:ae:8c:05:10:85:31:8a:38:
f2:e0:5e:38:70:9a:5e:45:8c:77:59:7b:5c:13:3e:
8a:bf:3e:0f:23:d1:99:18:c1:a8:8c:ed:69:d5:6f:
bd:fc:cb:31:63:d0:e5:a6:20:ed:7d:86:2b:2b:36:
1e:a1:0a:81:a3:84:b9:db:54:a0:07:6f:45:e1:dd:
78:da:b3:cb:fd:5e:cd:31:06:e4:e9:84:10:14:33:
65:50:7d:b5:5d:24:d6:ab:0c:5c:4e:70:ae:2f:cb:
27:8f:4b:9b:02:a0:88:e8:eb:0d:b9:a6:24:92:fb:
18:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:67:D9:3A:92:4A:37:A9:29:4E:3A:84:95:55:92:3F:99:E3:52:BC
X509v3 Authority Key Identifier:
keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/h2fZOpJKN6kpTjqElVWSP5njUrw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.126.0/23
Signature Algorithm: sha256WithRSAEncryption
27:d9:d6:78:52:c4:59:b8:fd:8c:34:76:6e:c7:6e:e3:da:2e:
bc:6d:bc:50:af:26:f9:9c:a3:9b:13:79:a1:02:1a:e5:cb:0c:
b4:0a:9f:bd:d6:75:9a:6a:5e:27:5c:be:a8:60:b1:69:f4:0a:
4b:c0:75:03:ee:d8:c4:54:7d:82:05:47:23:16:36:78:06:7f:
ae:4a:a3:6a:f4:74:15:79:f9:20:cd:b8:0d:e2:17:7b:3e:e6:
0b:7b:44:89:19:8c:a1:de:c1:02:90:49:8d:58:1d:70:b9:26:
7d:4e:8e:01:af:bc:a2:f3:57:71:76:91:9b:a3:74:d7:fb:6b:
7d:4a:22:cd:f8:48:c0:04:23:61:b5:7c:3a:5b:16:59:11:9e:
ef:38:08:35:df:21:03:cc:71:19:c2:15:95:ec:7f:c5:36:a1:
05:63:65:76:5d:23:ba:33:7d:3b:9c:00:cc:92:52:34:b6:f1:
b8:80:d1:70:cb:87:9e:bb:02:df:09:2d:11:5f:cd:f8:0a:c9:
18:a5:85:8d:c9:56:e4:43:66:ef:72:bc:f2:43:b0:68:b5:43:
b8:10:72:43:7e:d4:26:01:c7:f0:96:c1:7e:b3:b9:14:c6:0b:
18:c5:62:d1:4f:e0:f1:54:71:e5:12:75:23:50:8a:47:fe:68:
03:55:1d:cd
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICAQ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yMjA5MTUw
MjQxNThaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg3NjdEOTNBOTI0QTM3
QTkyOTRFM0E4NDk1NTU5MjNGOTlFMzUyQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtmZX3ymx/gM+5kjHdhw4JjNSjjVxpU7NMXggM0QTfivPYPpY2
AafnXIoBHSpmm90Iwgs7nTL+hAuNg6BRgTsNMiz4ILgWPjDXlHMIGKsj8QVTAnDb
K16KIZ6LL3tW0wRVBh4BaCuwKYA83wJmuI4M1xk2iGwXLC0tRsunXlMqeaEtHQ4J
oZ47pCs4zUiujAUQhTGKOPLgXjhwml5FjHdZe1wTPoq/Pg8j0ZkYwaiM7WnVb738
yzFj0OWmIO19hisrNh6hCoGjhLnbVKAHb0Xh3Xjas8v9Xs0xBuTphBAUM2VQfbVd
JNarDFxOcK4vyyePS5sCoIjo6w25piSS+xgFAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUh2fZOpJKN6kpTjqElVWSP5njUrwwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC9oMmZaT3BKS042a3BU
anFFbFZXU1A1bmpVcncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ6x+MA0GCSqGSIb3DQEBCwUAA4IBAQAn2dZ4UsRZuP2MNHZux27j2i68bbxQ
ryb5nKObE3mhAhrlywy0Cp+91nWaal4nXL6oYLFp9ApLwHUD7tjEVH2CBUcjFjZ4
Bn+uSqNq9HQVefkgzbgN4hd7PuYLe0SJGYyh3sECkEmNWB1wuSZ9To4Br7yi81dx
dpGbo3TX+2t9SiLN+EjABCNhtXw6WxZZEZ7vOAg13yEDzHEZwhWV7H/FNqEFY2V2
XSO6M307nADMklI0tvG4gNFwy4eeuwLfCS0RX834CskYpYWNyVbkQ2bvcrzyQ7Bo
tUO4EHJDftQmAcfwlsF+s7kUxgsYxWLRT+DxVHHlEnUjUIpH/mgDVR3N
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:11 2024 by rpki-client on console-ams.rpki-client.org