Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCREE/l_1nTe-n2Y5a4lkXuR3tEIEDN_A.roa
File: l_1nTe-n2Y5a4lkXuR3tEIEDN_A.roa (raw, json)
Hash identifier: MUWFVVdQhxG4dM1tr8PQ4tbxr5du0t32yuLoHSdB0Uo=
Subject key identifier: 97:FD:67:4D:EF:A7:D9:8E:5A:E2:59:17:B9:1D:ED:10:81:03:37:F0
Certificate issuer: /CN=3B49B87A3FF389634C7D090D76DAEAA96FEEFD90
Certificate serial: 0951
Authority key identifier: 3B:49:B8:7A:3F:F3:89:63:4C:7D:09:0D:76:DA:EA:A9:6F:EE:FD:90
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/l_1nTe-n2Y5a4lkXuR3tEIEDN_A.roa
Signing time: Wed 29 Sep 2021 02:41:50 +0000
ROA not before: Wed 29 Sep 2021 02:41:50 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18183
IP address blocks: 202.5.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2385 (0x951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3B49B87A3FF389634C7D090D76DAEAA96FEEFD90
Validity
Not Before: Sep 29 02:41:50 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=97FD674DEFA7D98E5AE25917B91DED10810337F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:7d:4d:80:72:73:7a:23:8e:23:29:ba:4f:5b:
07:56:4b:82:0e:02:c5:3c:14:56:1b:5d:e4:f5:4d:
cc:b0:63:44:06:53:be:d2:37:e6:37:e2:d3:23:d8:
3a:cc:a8:d5:68:65:13:d7:65:da:2a:94:41:fa:d8:
d1:8c:3d:76:6a:11:fe:e3:eb:11:fc:82:ab:e9:17:
a0:46:cc:54:bf:d0:7b:32:ca:bc:8a:07:50:34:dc:
f8:2a:e7:a2:4e:52:7d:16:49:95:83:93:a4:11:93:
6d:24:6b:93:9e:71:79:91:8b:ba:6b:59:09:8f:b4:
29:fc:42:ea:e5:d7:7e:0b:2f:f7:b8:56:95:b4:be:
7d:2b:9e:17:df:a5:b6:22:09:56:75:46:1d:1f:68:
f0:0f:44:f7:39:f4:8e:0a:56:26:f3:55:8b:06:d7:
56:65:87:8a:79:86:66:bb:ba:55:8c:c4:1f:ed:b2:
78:74:78:ff:1c:33:2b:85:7d:af:16:6b:39:ed:ee:
f1:af:0c:39:a7:39:10:ef:b6:38:bb:76:53:f7:ca:
98:ef:31:e0:6b:a0:0e:01:5c:df:ee:90:01:bd:84:
7a:b5:36:c3:cb:d3:9b:4b:51:8f:a7:3d:c1:01:5e:
24:9a:81:a3:39:a9:3d:07:e5:e7:20:77:ed:b4:c4:
19:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:FD:67:4D:EF:A7:D9:8E:5A:E2:59:17:B9:1D:ED:10:81:03:37:F0
X509v3 Authority Key Identifier:
keyid:3B:49:B8:7A:3F:F3:89:63:4C:7D:09:0D:76:DA:EA:A9:6F:EE:FD:90
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/l_1nTe-n2Y5a4lkXuR3tEIEDN_A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.5.12.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:d1:2a:b4:55:0a:7c:d8:e2:c8:0c:06:7b:61:a2:4b:74:62:
97:6f:a4:13:44:70:35:61:27:a9:d8:ca:4d:19:22:c0:16:4b:
91:45:63:73:2e:52:d9:ef:e5:28:b1:9f:0a:3f:ac:8a:cf:86:
81:d0:5a:d8:7a:88:b2:9f:5e:b1:92:ca:63:36:3a:c3:a1:96:
c0:3b:53:77:d5:c1:1f:b1:8d:34:9f:42:52:46:6a:34:c4:10:
04:ac:9c:9c:c4:a9:bb:32:e3:04:59:79:bc:14:ef:a2:cd:12:
70:e0:75:f1:7c:56:5b:df:90:91:64:ad:71:93:81:8e:2f:f3:
71:27:17:d3:f3:ec:82:7b:42:89:f0:d1:a3:e4:ea:66:df:7d:
01:89:df:ed:b1:af:2e:ea:fa:a8:2b:b3:a0:78:5d:88:21:a1:
da:b0:7e:69:fe:2c:87:f6:8c:e1:44:98:58:0b:a6:1a:94:b6:
2a:22:26:68:95:bc:58:22:0d:2f:da:2c:8f:e2:17:74:54:9b:
70:50:16:c5:93:7e:4d:70:cf:65:01:8e:ee:e2:53:b5:8e:9f:
65:82:50:91:82:f0:99:54:cc:d5:79:b2:d9:e2:79:3d:fb:f3:
39:54:13:fe:95:c5:1c:e0:72:25:bb:62:0f:dc:b4:55:54:ff:
28:e1:2b:4d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0I0
OUI4N0EzRkYzODk2MzRDN0QwOTBENzZEQUVBQTk2RkVFRkQ5MDAeFw0yMTA5Mjkw
MjQxNTBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk3RkQ2NzRERUZBN0Q5
OEU1QUUyNTkxN0I5MURFRDEwODEwMzM3RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDifU2AcnN6I44jKbpPWwdWS4IOAsU8FFYbXeT1TcywY0QGU77S
N+Y34tMj2DrMqNVoZRPXZdoqlEH62NGMPXZqEf7j6xH8gqvpF6BGzFS/0HsyyryK
B1A03Pgq56JOUn0WSZWDk6QRk20ka5OecXmRi7prWQmPtCn8Qurl134LL/e4VpW0
vn0rnhffpbYiCVZ1Rh0faPAPRPc59I4KVibzVYsG11Zlh4p5hma7ulWMxB/tsnh0
eP8cMyuFfa8Waznt7vGvDDmnORDvtji7dlP3ypjvMeBroA4BXN/ukAG9hHq1NsPL
05tLUY+nPcEBXiSagaM5qT0H5ecgd+20xBl5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUl/1nTe+n2Y5a4lkXuR3tEIEDN/AwHwYDVR0jBBgwFoAUO0m4ej/ziWNMfQkN
dtrqqW/u/ZAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNSRUUv
TzBtNGVqX3ppV05NZlFrTmR0cnFxV191X1pBLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PMG00ZWpfemlXTk1mUWtOZHRycXFXX3VfWkEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ1JFRS9sXzFuVGUtbjJZNWE0bGtYdVIz
dEVJRUROX0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCygUM
MA0GCSqGSIb3DQEBCwUAA4IBAQAM0Sq0VQp82OLIDAZ7YaJLdGKXb6QTRHA1YSep
2MpNGSLAFkuRRWNzLlLZ7+UosZ8KP6yKz4aB0FrYeoiyn16xkspjNjrDoZbAO1N3
1cEfsY00n0JSRmo0xBAErJycxKm7MuMEWXm8FO+izRJw4HXxfFZb35CRZK1xk4GO
L/NxJxfT8+yCe0KJ8NGj5Opm330Bid/tsa8u6vqoK7OgeF2IIaHasH5p/iyH9ozh
RJhYC6YalLYqIiZolbxYIg0v2iyP4hd0VJtwUBbFk35NcM9lAY7u4lO1jp9lglCR
gvCZVMzVebLZ4nk9+/M5VBP+lcUc4HIlu2IP3LRVVP8o4StN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org