Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCDTV/QaEEKoG3nKif3RevXd3bEBet_gs.roa
File: QaEEKoG3nKif3RevXd3bEBet_gs.roa (raw, json)
Hash identifier: 2Qi7KZATrM5pLXw+rgpMalnLKKabcviBdN3NHIqgWtk=
Subject key identifier: 41:A1:04:2A:81:B7:9C:A8:9F:DD:17:AF:5D:DD:DB:10:17:AD:FE:0B
Certificate issuer: /CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Certificate serial: 0B26
Authority key identifier: 4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/QaEEKoG3nKif3RevXd3bEBet_gs.roa
Signing time: Fri 01 Sep 2023 09:23:33 +0000
ROA not before: Fri 01 Sep 2023 09:23:33 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131597
IP address blocks: 103.196.172.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2854 (0xb26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Validity
Not Before: Sep 1 09:23:33 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=41A1042A81B79CA89FDD17AF5DDDDB1017ADFE0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c3:8b:f7:75:94:dc:68:4c:25:2f:65:8f:68:
25:4a:ba:40:de:e9:15:99:8e:66:ed:95:ca:cf:47:
bd:9a:45:c3:2b:b4:d8:8f:1f:f3:21:d0:a3:60:26:
24:76:c6:23:2d:05:5a:01:09:56:be:07:b5:aa:19:
a8:3a:1b:74:de:eb:f6:5c:84:da:38:f1:93:af:eb:
58:2a:1c:f5:d4:6f:84:4e:a0:45:ef:9c:f4:94:5d:
ce:f9:38:fc:2e:f0:da:d6:b6:39:47:7c:51:50:67:
83:25:c9:02:b0:ed:20:4c:c8:92:f5:94:52:a0:ef:
3d:72:36:61:6d:8d:eb:aa:d8:eb:04:3e:ae:34:dc:
c3:6f:50:67:ea:0f:be:c2:e0:1b:34:43:44:c9:23:
9b:fe:0c:27:5f:55:d0:66:d5:ee:c8:90:6b:0a:25:
e1:c7:b0:cc:b9:85:a6:b9:f3:a4:2c:00:87:94:4d:
b7:e9:f0:b1:73:31:2e:97:9e:45:e0:44:a1:d1:a7:
4e:2b:ad:5a:8f:cc:99:bf:29:07:b3:26:3d:79:07:
af:b6:8f:ac:74:c6:0e:92:cd:0c:6c:2a:74:12:9e:
7a:82:30:55:15:0b:e8:ae:a1:33:34:e1:e4:f2:e1:
ea:7e:35:2a:13:16:2e:68:a2:c2:e5:71:61:8b:8e:
c0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A1:04:2A:81:B7:9C:A8:9F:DD:17:AF:5D:DD:DB:10:17:AD:FE:0B
X509v3 Authority Key Identifier:
keyid:4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/QaEEKoG3nKif3RevXd3bEBet_gs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.196.172.0/22
Signature Algorithm: sha256WithRSAEncryption
44:0c:f9:28:77:21:47:a4:07:44:b1:01:b6:fd:67:a6:f9:78:
06:e9:1f:76:d8:2f:31:08:9d:d2:50:5a:23:ea:c4:d1:62:a2:
46:e9:06:d1:c3:e8:3b:71:fe:8e:09:ad:f1:cb:f7:e1:0e:1b:
77:88:0d:55:27:d9:97:34:e4:ac:be:88:a6:2b:37:dc:bf:2f:
f9:99:f5:29:f0:90:4f:0a:dd:ea:e2:b4:4a:9f:4c:fd:80:d2:
32:a3:60:b3:e6:94:4b:93:33:7c:3e:9c:c5:7f:f3:24:eb:d7:
b4:10:51:21:7a:4b:84:33:68:3b:1b:e3:f3:d9:23:3a:81:d9:
59:4d:1c:f1:9b:da:fc:cf:35:d0:3d:dd:24:42:19:d2:44:30:
da:83:10:6f:e7:b0:9f:56:9f:75:8a:e3:35:af:76:a0:c6:f7:
6e:9a:17:72:ec:44:b9:32:c8:b2:9c:d2:14:22:6b:4d:47:c9:
1b:11:2c:f1:03:9b:12:e9:ac:3f:6f:38:3b:35:bf:a5:b5:af:
1d:b2:15:7b:b0:7f:7e:d3:ae:fb:8e:c5:a5:98:c7:d7:92:27:
3e:a2:57:cd:d3:dc:40:05:f4:25:b0:fe:3c:0c:d6:4b:d4:05:
ab:31:69:6d:ec:d7:b4:a5:e7:0d:63:17:a5:00:18:22:b4:7f:
ef:e0:c4:ba
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEI4
MUJCMzFGQTUyOTJDODAyNUI4MjhGODAyNzIyREUwRDVFQURFMzAeFw0yMzA5MDEw
OTIzMzNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDQxQTEwNDJBODFCNzlD
QTg5RkREMTdBRjVEREREQjEwMTdBREZFMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQw4v3dZTcaEwlL2WPaCVKukDe6RWZjmbtlcrPR72aRcMrtNiP
H/Mh0KNgJiR2xiMtBVoBCVa+B7WqGag6G3Te6/ZchNo48ZOv61gqHPXUb4ROoEXv
nPSUXc75OPwu8NrWtjlHfFFQZ4MlyQKw7SBMyJL1lFKg7z1yNmFtjeuq2OsEPq40
3MNvUGfqD77C4Bs0Q0TJI5v+DCdfVdBm1e7IkGsKJeHHsMy5haa586QsAIeUTbfp
8LFzMS6XnkXgRKHRp04rrVqPzJm/KQezJj15B6+2j6x0xg6SzQxsKnQSnnqCMFUV
C+iuoTM04eTy4ep+NSoTFi5oosLlcWGLjsAlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUQaEEKoG3nKif3RevXd3bEBet/gswHwYDVR0jBBgwFoAUS4G7MfpSksgCW4KP
gCci3g1ereMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNEVFYv
UzRHN01mcFNrc2dDVzRLUGdDY2kzZzFlcmVNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9TNEc3TWZwU2tzZ0NXNEtQZ0NjaTNnMWVyZU0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0RUVi9RYUVFS29HM25LaWYzUmV2WGQz
YkVCZXRfZ3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ8Ss
MA0GCSqGSIb3DQEBCwUAA4IBAQBEDPkodyFHpAdEsQG2/Wem+XgG6R922C8xCJ3S
UFoj6sTRYqJG6QbRw+g7cf6OCa3xy/fhDht3iA1VJ9mXNOSsvoimKzfcvy/5mfUp
8JBPCt3q4rRKn0z9gNIyo2Cz5pRLkzN8PpzFf/Mk69e0EFEhekuEM2g7G+Pz2SM6
gdlZTRzxm9r8zzXQPd0kQhnSRDDagxBv57CfVp91iuM1r3agxvdumhdy7ES5Msiy
nNIUImtNR8kbESzxA5sS6aw/bzg7Nb+lta8dshV7sH9+0677jsWlmMfXkic+olfN
09xABfQlsP48DNZL1AWrMWlt7Ne0pecNYxelABgitH/v4MS6
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:35 2025 by rpki-client