Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCDTV/jFfG0Rr74zBZcgQPgMYfzBiq_o4.roa
File: jFfG0Rr74zBZcgQPgMYfzBiq_o4.roa (raw, json)
Hash identifier: cjBhvdDmRpTBq+LnZrmJhnY2j29fk61yZVmmqC02tCY=
Subject key identifier: 8C:57:C6:D1:1A:FB:E3:30:59:72:04:0F:80:C6:1F:CC:18:AA:FE:8E
Certificate issuer: /CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Certificate serial: 0B25
Authority key identifier: 4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/jFfG0Rr74zBZcgQPgMYfzBiq_o4.roa
Signing time: Fri 01 Sep 2023 09:23:32 +0000
ROA not before: Fri 01 Sep 2023 09:23:32 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131597
IP address blocks: 202.123.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2853 (0xb25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Validity
Not Before: Sep 1 09:23:32 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8C57C6D11AFBE3305972040F80C61FCC18AAFE8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6d:f8:1a:14:4d:ff:34:2f:49:c5:5f:d5:6b:
a0:98:6d:c5:a3:0c:80:54:d4:ff:db:81:99:30:e8:
32:e3:89:1b:84:af:75:59:83:17:d5:d0:c0:b6:95:
31:eb:8c:9f:15:09:b0:5b:11:33:71:ca:3e:ac:02:
8d:a7:53:b9:7f:a5:49:e3:51:7f:58:bd:a6:03:44:
00:30:1c:34:d1:d7:f6:c5:04:75:aa:c0:35:b4:c9:
6e:16:ec:91:4b:88:6b:37:2a:cf:65:ef:26:54:89:
da:01:17:ab:25:22:a0:9c:b2:54:22:3c:7c:a7:a4:
cf:18:63:3a:5a:62:27:d3:eb:00:61:a1:1f:4c:2a:
0b:93:39:9c:f4:7a:3e:d3:aa:59:70:40:50:96:fc:
57:af:a5:81:ae:76:97:ab:e1:91:6b:15:45:ac:07:
5a:f3:59:16:e2:23:5e:70:19:c3:94:7d:15:fd:6e:
79:d9:6f:6b:8c:03:c1:1b:0f:72:d0:06:5a:45:ad:
12:9f:ee:99:09:95:9f:e8:0f:1d:77:b1:fb:20:98:
ae:fc:f8:6b:32:98:9d:bf:47:f9:52:f9:30:77:7b:
98:46:d6:da:7b:6e:03:1b:6e:8a:da:ee:89:39:19:
27:b5:17:77:63:48:9a:40:c0:1c:c2:07:45:19:f9:
e2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:57:C6:D1:1A:FB:E3:30:59:72:04:0F:80:C6:1F:CC:18:AA:FE:8E
X509v3 Authority Key Identifier:
keyid:4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/jFfG0Rr74zBZcgQPgMYfzBiq_o4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.123.124.0/22
Signature Algorithm: sha256WithRSAEncryption
31:60:c9:e7:fd:16:57:de:3a:41:90:09:3e:16:11:f1:3c:f9:
52:55:f6:8f:29:12:c2:10:b7:a8:2b:64:65:ac:6f:3b:03:06:
fc:97:b9:b2:6f:3b:2f:e0:31:ca:13:32:eb:7e:4f:dc:b4:23:
81:e6:8d:99:14:e0:89:88:2b:d6:08:5b:13:51:e4:81:7c:fe:
3f:ec:3b:d3:25:70:e3:48:87:a9:86:ef:91:97:6a:96:aa:f8:
a1:be:6d:53:5d:1f:09:2f:96:5f:92:67:fb:84:0e:33:54:74:
9b:a5:58:8d:64:26:64:cc:9c:5d:df:ed:8b:22:18:0f:87:14:
45:ca:48:e9:85:47:31:2d:6a:86:1d:d9:22:ab:54:22:0b:7a:
e5:31:33:b0:85:31:95:70:e0:26:8d:9d:41:85:15:e2:b6:b0:
bc:0b:db:c1:12:8b:56:a6:5b:a2:3d:48:b3:12:a6:0a:4b:c9:
4b:71:9c:e0:00:d6:a8:8a:47:c9:44:9f:22:54:0b:ae:0b:8b:
d4:94:0c:a8:a2:37:e6:b4:61:74:d3:57:0e:d5:74:d3:62:3e:
38:09:61:8f:de:85:1e:11:53:c1:71:05:65:ae:26:9b:a2:16:
23:f9:1d:20:7c:0e:f8:93:cb:ba:24:20:8c:59:da:ce:fd:ee:
ee:f0:ef:d0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCyUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEI4
MUJCMzFGQTUyOTJDODAyNUI4MjhGODAyNzIyREUwRDVFQURFMzAeFw0yMzA5MDEw
OTIzMzJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDhDNTdDNkQxMUFGQkUz
MzA1OTcyMDQwRjgwQzYxRkNDMThBQUZFOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYbfgaFE3/NC9JxV/Va6CYbcWjDIBU1P/bgZkw6DLjiRuEr3VZ
gxfV0MC2lTHrjJ8VCbBbETNxyj6sAo2nU7l/pUnjUX9YvaYDRAAwHDTR1/bFBHWq
wDW0yW4W7JFLiGs3Ks9l7yZUidoBF6slIqCcslQiPHynpM8YYzpaYifT6wBhoR9M
KguTOZz0ej7TqllwQFCW/FevpYGudper4ZFrFUWsB1rzWRbiI15wGcOUfRX9bnnZ
b2uMA8EbD3LQBlpFrRKf7pkJlZ/oDx13sfsgmK78+GsymJ2/R/lS+TB3e5hG1tp7
bgMbbora7ok5GSe1F3djSJpAwBzCB0UZ+eKJAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUjFfG0Rr74zBZcgQPgMYfzBiq/o4wHwYDVR0jBBgwFoAUS4G7MfpSksgCW4KP
gCci3g1ereMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNEVFYv
UzRHN01mcFNrc2dDVzRLUGdDY2kzZzFlcmVNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9TNEc3TWZwU2tzZ0NXNEtQZ0NjaTNnMWVyZU0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0RUVi9qRmZHMFJyNzR6QlpjZ1FQZ01Z
ZnpCaXFfbzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCynt8
MA0GCSqGSIb3DQEBCwUAA4IBAQAxYMnn/RZX3jpBkAk+FhHxPPlSVfaPKRLCELeo
K2RlrG87Awb8l7mybzsv4DHKEzLrfk/ctCOB5o2ZFOCJiCvWCFsTUeSBfP4/7DvT
JXDjSIephu+Rl2qWqvihvm1TXR8JL5Zfkmf7hA4zVHSbpViNZCZkzJxd3+2LIhgP
hxRFykjphUcxLWqGHdkiq1QiC3rlMTOwhTGVcOAmjZ1BhRXitrC8C9vBEotWplui
PUizEqYKS8lLcZzgANaoikfJRJ8iVAuuC4vUlAyoojfmtGF001cO1XTTYj44CWGP
3oUeEVPBcQVlriabohYj+R0gfA74k8u6JCCMWdrO/e7u8O/Q
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:31:05 2025 by rpki-client