Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/nZDrgEk9-Qcskd2V3zx2BgGg-2A.roa
File: nZDrgEk9-Qcskd2V3zx2BgGg-2A.roa (raw, json)
Hash identifier: SjKw4wJ7MZ8NWmeiJeK+eZvp/ZfrdcLgsx+/aKFJy8s=
Subject key identifier: 9D:90:EB:80:49:3D:F9:07:2C:91:DD:95:DF:3C:76:06:01:A0:FB:60
Certificate issuer: /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial: 0216
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/nZDrgEk9-Qcskd2V3zx2BgGg-2A.roa
Signing time: Fri 01 Sep 2023 09:19:33 +0000
ROA not before: Fri 01 Sep 2023 09:19:33 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 396998
IP address blocks: 103.172.126.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 534 (0x216)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Validity
Not Before: Sep 1 09:19:33 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9D90EB80493DF9072C91DD95DF3C760601A0FB60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1d:76:70:a9:c9:67:ee:69:4d:b3:b9:16:e8:
eb:dd:26:bc:21:2b:06:74:68:32:d5:51:27:6d:4e:
2c:ff:e0:86:39:dd:f4:fa:28:d4:f0:64:b9:7e:3d:
7c:96:72:e5:bb:f5:30:4e:89:16:d4:cf:91:8c:0f:
89:06:09:e5:4d:73:ba:d3:53:97:cd:23:42:ea:ce:
8d:89:ff:7c:0f:82:04:43:21:d1:a7:04:e7:2c:b9:
a5:ef:9c:b4:83:95:71:81:d5:6c:b7:e1:6a:14:58:
10:b8:40:26:ae:bd:65:c9:5b:11:1a:2d:f0:ac:87:
0d:8b:20:71:37:ab:ba:ca:e1:40:36:2d:3f:11:bd:
ea:ea:3c:1f:0d:2c:48:bd:38:14:d4:bc:7a:ed:01:
e4:16:d6:a5:52:5c:ac:4a:53:7e:0c:15:a2:bc:05:
71:68:b0:a9:df:ea:f2:09:b3:4f:32:6e:41:f5:a0:
6b:eb:37:d8:cb:07:71:75:01:db:2a:22:aa:5d:ce:
56:f9:f0:1a:01:e4:0c:96:69:b1:29:44:71:41:01:
68:ea:ec:b7:46:37:89:00:ce:e9:c8:c6:a6:e8:c3:
b2:17:d2:be:c1:b9:ef:d6:2f:81:d7:25:72:18:88:
a7:3c:09:6b:0a:db:8e:4e:db:ec:eb:7d:0f:5d:ba:
41:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:90:EB:80:49:3D:F9:07:2C:91:DD:95:DF:3C:76:06:01:A0:FB:60
X509v3 Authority Key Identifier:
keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/nZDrgEk9-Qcskd2V3zx2BgGg-2A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.126.0/23
Signature Algorithm: sha256WithRSAEncryption
83:7c:3e:d6:03:0c:88:f9:99:2a:6f:6a:d9:31:42:2b:54:1e:
f4:f8:ad:cf:97:e9:86:cc:a3:cf:8f:8a:b0:ae:23:43:b9:81:
aa:38:16:aa:cf:a8:eb:31:4e:1c:c9:46:84:2d:70:d3:4a:4b:
4b:d3:2a:dc:64:b4:30:b0:72:96:12:cf:a9:d3:1b:a1:09:6f:
ab:70:4b:34:ab:85:04:76:93:54:14:12:85:5f:ef:75:9f:7e:
3a:54:d8:84:e9:f9:33:74:43:e5:7f:0e:58:5a:48:ea:34:63:
ce:d6:36:11:28:2b:3c:ef:21:d5:04:35:62:7e:72:c7:50:7e:
74:dd:d8:47:52:eb:18:08:c8:4d:cd:cb:3f:87:a4:78:46:d0:
23:55:f4:07:79:bd:3e:5e:d1:5c:ee:12:12:8a:99:18:d0:58:
fa:9b:0a:26:c0:ed:a5:a2:d3:78:a8:e5:13:d8:bc:90:c2:0e:
42:0b:86:b0:ac:65:7e:37:25:3c:de:96:71:42:08:af:d9:37:
8d:e6:24:8e:24:7e:17:74:eb:7c:68:19:e0:58:15:ab:af:84:
c9:8f:51:1e:ff:ae:d4:54:a1:dc:a1:f7:31:f6:f4:d1:98:0b:
a2:07:20:f2:bf:56:b7:b6:11:bd:22:65:b5:af:e4:f8:ce:85:
63:20:b9:f8
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICAhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yMzA5MDEw
OTE5MzNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlEOTBFQjgwNDkzREY5
MDcyQzkxREQ5NURGM0M3NjA2MDFBMEZCNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsHXZwqcln7mlNs7kW6OvdJrwhKwZ0aDLVUSdtTiz/4IY53fT6
KNTwZLl+PXyWcuW79TBOiRbUz5GMD4kGCeVNc7rTU5fNI0Lqzo2J/3wPggRDIdGn
BOcsuaXvnLSDlXGB1Wy34WoUWBC4QCauvWXJWxEaLfCshw2LIHE3q7rK4UA2LT8R
verqPB8NLEi9OBTUvHrtAeQW1qVSXKxKU34MFaK8BXFosKnf6vIJs08ybkH1oGvr
N9jLB3F1AdsqIqpdzlb58BoB5AyWabEpRHFBAWjq7LdGN4kAzunIxqbow7IX0r7B
ue/WL4HXJXIYiKc8CWsK245O2+zrfQ9dukFFAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUnZDrgEk9+Qcskd2V3zx2BgGg+2AwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC9uWkRyZ0VrOS1RY3Nr
ZDJWM3p4MkJnR2ctMkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ6x+MA0GCSqGSIb3DQEBCwUAA4IBAQCDfD7WAwyI+Zkqb2rZMUIrVB70+K3P
l+mGzKPPj4qwriNDuYGqOBaqz6jrMU4cyUaELXDTSktL0yrcZLQwsHKWEs+p0xuh
CW+rcEs0q4UEdpNUFBKFX+91n346VNiE6fkzdEPlfw5YWkjqNGPO1jYRKCs87yHV
BDVifnLHUH503dhHUusYCMhNzcs/h6R4RtAjVfQHeb0+XtFc7hISipkY0Fj6mwom
wO2lotN4qOUT2LyQwg5CC4awrGV+NyU83pZxQgiv2TeN5iSOJH4XdOt8aBngWBWr
r4TJj1Ee/67UVKHcofcx9vTRmAuiByDyv1a3thG9ImW1r+T4zoVjILn4
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:15:24 2025 by rpki-client