Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NARL/OjIhggD3QAknVvTdi4LFZ3RWX_o.roa
File: OjIhggD3QAknVvTdi4LFZ3RWX_o.roa (raw, json)
Hash identifier: YuKcDBFeCTLKUwaQ6CyHLpiX2Cw0Xj87Yn5/w8GP6TE=
Subject key identifier: 3A:32:21:82:00:F7:40:09:27:56:F4:DD:8B:82:C5:67:74:56:5F:FA
Certificate issuer: /CN=451EF9359A984F6A4CF91FE9004EAEB089A984C0
Certificate serial: 095C
Authority key identifier: 45:1E:F9:35:9A:98:4F:6A:4C:F9:1F:E9:00:4E:AE:B0:89:A9:84:C0
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RR75NZqYT2pM-R_pAE6usImphMA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/OjIhggD3QAknVvTdi4LFZ3RWX_o.roa
Signing time: Wed 29 Sep 2021 02:52:45 +0000
ROA not before: Wed 29 Sep 2021 02:52:45 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7539
IP address blocks: 203.145.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2396 (0x95c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=451EF9359A984F6A4CF91FE9004EAEB089A984C0
Validity
Not Before: Sep 29 02:52:45 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=3A32218200F740092756F4DD8B82C56774565FFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:53:4d:45:5e:b8:a7:9c:05:39:df:55:25:1e:
4e:f0:98:fd:7d:5c:a0:12:9e:f0:3c:7d:c7:4c:c4:
88:d6:c7:aa:d4:df:21:f4:4e:9d:3b:b2:32:ab:3e:
12:40:cc:39:9c:b0:7a:01:88:c6:a0:35:e9:d3:16:
dd:c3:1e:2c:98:7c:9e:d7:e5:d5:f9:5c:d0:44:35:
1a:a0:57:03:db:38:ba:e9:ab:3a:01:dc:bd:85:8c:
f6:13:1b:7b:7c:f8:fc:74:b9:ff:0c:60:54:4e:21:
d9:d8:52:d5:63:1e:53:ee:b7:13:11:75:59:80:88:
f5:d1:ea:21:f1:d7:2e:5f:1f:f9:1a:8d:85:66:8e:
03:3b:bf:5f:fb:46:65:0b:9e:5c:af:df:ad:9d:23:
ff:61:b5:77:8c:95:46:46:c2:4f:09:71:f9:bc:f1:
fa:94:7a:09:8f:33:f1:89:94:ec:46:2f:80:91:51:
43:11:00:a3:b9:1e:2b:00:7b:05:be:11:a0:36:5e:
6e:f9:75:44:9e:95:5d:81:e7:bc:fc:94:96:cd:45:
04:b3:9c:99:6c:1d:e9:b7:21:fd:a3:35:ef:0c:a7:
ca:ac:13:95:ff:13:b6:33:27:a0:e5:23:5d:ec:e0:
25:29:c0:23:35:54:3e:a3:b7:83:56:a9:3c:8c:db:
ea:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:32:21:82:00:F7:40:09:27:56:F4:DD:8B:82:C5:67:74:56:5F:FA
X509v3 Authority Key Identifier:
keyid:45:1E:F9:35:9A:98:4F:6A:4C:F9:1F:E9:00:4E:AE:B0:89:A9:84:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/RR75NZqYT2pM-R_pAE6usImphMA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RR75NZqYT2pM-R_pAE6usImphMA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/OjIhggD3QAknVvTdi4LFZ3RWX_o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.145.200.0/21
Signature Algorithm: sha256WithRSAEncryption
66:03:dd:ba:c8:bd:ea:5d:ba:8c:40:a1:7d:b0:b7:6b:1d:43:
5b:74:25:51:d9:d3:9d:47:94:9d:84:c4:e1:a9:8b:47:70:72:
08:d2:80:39:38:37:8b:e9:57:6c:72:4a:e0:8d:7d:54:55:9e:
b2:82:74:af:6b:30:fd:b6:27:21:b4:f4:87:4f:f1:8e:62:04:
15:59:1f:e8:d7:e1:e9:f0:2f:8d:07:a9:7b:14:e4:da:2f:f7:
21:f6:fa:68:9b:86:47:bf:49:aa:d3:78:72:27:f7:3a:bd:fc:
a3:a4:96:0c:bd:43:37:49:88:67:29:7d:5b:d8:d9:44:93:68:
92:0c:e3:12:be:25:f3:a2:d6:0d:96:54:03:62:5b:55:bd:65:
54:01:e6:de:67:f1:3a:a2:d7:5f:73:33:ac:fe:39:1f:ea:da:
af:c5:31:5d:a2:34:02:23:a3:15:6c:69:69:40:cd:53:63:a2:
d7:7a:0a:39:bd:ee:df:f6:54:53:7d:c4:9b:78:86:14:66:86:
2c:0e:c3:11:cd:86:20:b6:53:d0:41:e8:4a:65:01:90:54:66:
89:ea:72:0c:c7:e5:83:12:85:84:5b:3e:17:f8:ad:fd:6b:bf:
a3:e5:1f:b2:df:f9:1f:ee:0d:4f:2d:5a:86:94:ab:cd:78:c7:
98:69:7a:53
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCVwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDUx
RUY5MzU5QTk4NEY2QTRDRjkxRkU5MDA0RUFFQjA4OUE5ODRDMDAeFw0yMTA5Mjkw
MjUyNDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDNBMzIyMTgyMDBGNzQw
MDkyNzU2RjRERDhCODJDNTY3NzQ1NjVGRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWU01FXrinnAU531UlHk7wmP19XKASnvA8fcdMxIjWx6rU3yH0
Tp07sjKrPhJAzDmcsHoBiMagNenTFt3DHiyYfJ7X5dX5XNBENRqgVwPbOLrpqzoB
3L2FjPYTG3t8+Px0uf8MYFROIdnYUtVjHlPutxMRdVmAiPXR6iHx1y5fH/kajYVm
jgM7v1/7RmULnlyv362dI/9htXeMlUZGwk8Jcfm88fqUegmPM/GJlOxGL4CRUUMR
AKO5HisAewW+EaA2Xm75dUSelV2B57z8lJbNRQSznJlsHem3If2jNe8Mp8qsE5X/
E7YzJ6DlI13s4CUpwCM1VD6jt4NWqTyM2+otAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOjIhggD3QAknVvTdi4LFZ3RWX/owHwYDVR0jBBgwFoAURR75NZqYT2pM+R/p
AE6usImphMAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkFSTC9S
Ujc1TlpxWVQycE0tUl9wQUU2dXNJbXBoTUEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1JSNzVOWnFZVDJwTS1SX3BBRTZ1c0ltcGhNQS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05BUkwvT2pJaGdnRDNRQWtuVnZUZGk0TEZa
M1JXWF9vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8uRyDAN
BgkqhkiG9w0BAQsFAAOCAQEAZgPdusi96l26jEChfbC3ax1DW3QlUdnTnUeUnYTE
4amLR3ByCNKAOTg3i+lXbHJK4I19VFWesoJ0r2sw/bYnIbT0h0/xjmIEFVkf6Nfh
6fAvjQepexTk2i/3Ifb6aJuGR79JqtN4cif3Or38o6SWDL1DN0mIZyl9W9jZRJNo
kgzjEr4l86LWDZZUA2JbVb1lVAHm3mfxOqLXX3MzrP45H+rar8UxXaI0AiOjFWxp
aUDNU2Oi13oKOb3u3/ZUU33Em3iGFGaGLA7DEc2GILZT0EHoSmUBkFRmiepyDMfl
gxKFhFs+F/it/Wu/o+Ufst/5H+4NTy1ahpSrzXjHmGl6Uw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:57 2023 by rpki-client on console-ams.rpki-client.org