Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/_WUMbHa3MCIbqN8Wn0xLCPA6b7c.roa
File: _WUMbHa3MCIbqN8Wn0xLCPA6b7c.roa (raw, json)
Hash identifier: 36+/pEfRmquqL7mouywo+0WsYZ2Pzz9IhDHUZVKXi0s=
Subject key identifier: FD:65:0C:6C:76:B7:30:22:1B:A8:DF:16:9F:4C:4B:08:F0:3A:6F:B7
Certificate issuer: /CN=B2C11A2BBD411878ED1B44D79F137D9689C86840
Certificate serial: 78
Authority key identifier: B2:C1:1A:2B:BD:41:18:78:ED:1B:44:D7:9F:13:7D:96:89:C8:68:40
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ssEaK71BGHjtG0TXnxN9lonIaEA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/_WUMbHa3MCIbqN8Wn0xLCPA6b7c.roa
Signing time: Wed 25 Oct 2023 12:01:24 +0000
ROA not before: Wed 25 Oct 2023 12:01:24 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131659
IP address blocks: 103.160.224.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B2C11A2BBD411878ED1B44D79F137D9689C86840
Validity
Not Before: Oct 25 12:01:24 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=FD650C6C76B730221BA8DF169F4C4B08F03A6FB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:59:83:b6:a8:85:62:d5:62:0d:58:af:b7:7b:
a2:84:2a:73:8e:b8:f1:5d:6a:16:5a:2f:a9:f8:de:
97:52:40:e0:f9:ab:91:97:cd:d5:ff:99:91:92:76:
16:95:37:ca:4a:33:c0:32:3c:b8:28:c0:d4:95:d6:
1a:0e:c9:c9:dc:3f:fa:3e:8a:a3:f3:54:37:a1:68:
e2:d0:7e:f4:0e:62:e4:2b:1f:e7:a4:2f:c1:ab:ee:
85:f5:34:ed:b5:6f:e2:5a:69:f8:4b:24:e4:92:41:
6b:fa:6f:0c:35:f2:4b:e1:6d:b0:a5:44:9a:2a:4b:
ca:56:76:5b:ba:c5:e1:2e:e4:d3:0d:a0:3c:9b:27:
dc:10:33:6e:c0:96:66:96:68:d3:25:0b:b6:3d:29:
df:df:85:02:54:88:55:f1:62:1b:03:8f:7f:7b:53:
dd:92:94:5d:6f:d0:70:51:60:c2:ff:45:54:a3:62:
06:ae:95:29:50:37:1d:f2:1e:33:2d:a7:b4:2c:ee:
53:26:63:41:60:b1:b0:74:45:37:51:4a:d3:b7:76:
01:a3:72:96:19:eb:07:01:e6:cf:2e:86:f1:20:0c:
55:d8:f9:92:fe:5e:00:03:8c:f0:88:67:58:a9:c1:
7f:93:d6:27:1a:ed:77:b4:36:b4:ed:6c:3e:59:a8:
25:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:65:0C:6C:76:B7:30:22:1B:A8:DF:16:9F:4C:4B:08:F0:3A:6F:B7
X509v3 Authority Key Identifier:
keyid:B2:C1:1A:2B:BD:41:18:78:ED:1B:44:D7:9F:13:7D:96:89:C8:68:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/ssEaK71BGHjtG0TXnxN9lonIaEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ssEaK71BGHjtG0TXnxN9lonIaEA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/_WUMbHa3MCIbqN8Wn0xLCPA6b7c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.224.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:cf:9e:df:78:aa:4a:7b:a6:60:ea:72:f9:af:7d:78:56:69:
3d:6f:5c:2b:5d:b5:a6:3e:b0:61:63:fd:ba:8f:69:ac:94:2a:
5b:e1:c1:08:e8:c2:cc:98:da:1f:c1:49:20:72:bb:a3:ef:de:
de:57:1f:8f:56:cd:cb:84:f6:10:74:b8:a1:c4:37:02:3b:1b:
b6:36:a5:09:9e:09:66:d2:31:70:a8:29:2f:7d:55:f9:27:b1:
20:d4:ab:0e:fc:40:96:02:ba:65:65:99:9b:dd:15:e9:22:19:
82:67:c6:28:a3:b0:44:20:f5:99:1a:b2:bc:b2:74:2d:9b:38:
12:59:ae:78:38:55:5e:f3:20:20:4d:50:2e:db:79:c0:b2:6a:
80:94:74:fb:a9:c4:44:b8:0c:4c:53:fb:b7:a6:8c:59:74:d9:
79:b9:78:bb:f7:09:6b:a9:02:fb:75:5c:7c:45:ae:4c:19:cb:
c2:3b:f0:45:e8:5d:cf:15:5f:c3:87:eb:7f:2d:d3:a9:e7:69:
7b:6f:50:07:72:af:f7:42:b2:1c:b0:69:30:24:82:d6:9c:d9:
b2:a5:98:bc:ce:a3:33:0d:dd:d9:bb:16:cf:4e:33:9d:af:84:
78:fb:60:67:5c:7f:1c:22:6f:4d:3e:10:49:f5:6c:de:a9:b5:
6a:50:51:4c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIBeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCMkMx
MUEyQkJENDExODc4RUQxQjQ0RDc5RjEzN0Q5Njg5Qzg2ODQwMB4XDTIzMTAyNTEy
MDEyNFoXDTI0MDgzMTAzMTA1M1owMzExMC8GA1UEAxMoRkQ2NTBDNkM3NkI3MzAy
MjFCQThERjE2OUY0QzRCMDhGMDNBNkZCNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALdZg7aohWLVYg1Yr7d7ooQqc4648V1qFlovqfjel1JA4PmrkZfN
1f+ZkZJ2FpU3ykozwDI8uCjA1JXWGg7Jydw/+j6Ko/NUN6Fo4tB+9A5i5Csf56Qv
wavuhfU07bVv4lpp+Esk5JJBa/pvDDXyS+FtsKVEmipLylZ2W7rF4S7k0w2gPJsn
3BAzbsCWZpZo0yULtj0p39+FAlSIVfFiGwOPf3tT3ZKUXW/QcFFgwv9FVKNiBq6V
KVA3HfIeMy2ntCzuUyZjQWCxsHRFN1FK07d2AaNylhnrBwHmzy6G8SAMVdj5kv5e
AAOM8IhnWKnBf5PWJxrtd7Q2tO1sPlmoJW0CAwEAAaOCAfIwggHuMB0GA1UdDgQW
BBT9ZQxsdrcwIhuo3xafTEsI8DpvtzAfBgNVHSMEGDAWgBSywRorvUEYeO0bRNef
E32WichoQDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GA1UdHwRXMFUwU6BR
oE+GTXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ORVRHVUFS
RC9zc0VhSzcxQkdIanRHMFRYbnhOOWxvbklhRUEuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3NzRWFLNzFCR0hqdEcwVFhueE45bG9uSWFFQS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGeBggrBgEFBQcBCwSBkTCBjjBZBggrBgEFBQcwC4ZNcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05FVEdVQVJEL19XVU1iSGEzTUNJYnFO
OFduMHhMQ1BBNmI3Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25p
Yy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFnoOAwDQYJKoZIhvcNAQELBQADggEBAKfPnt94qkp7pmDqcvmvfXhWaT1vXCtd
taY+sGFj/bqPaayUKlvhwQjowsyY2h/BSSByu6Pv3t5XH49WzcuE9hB0uKHENwI7
G7Y2pQmeCWbSMXCoKS99VfknsSDUqw78QJYCumVlmZvdFekiGYJnxiijsEQg9Zka
sryydC2bOBJZrng4VV7zICBNUC7becCyaoCUdPupxES4DExT+7emjFl02Xm5eLv3
CWupAvt1XHxFrkwZy8I78EXoXc8VX8OH638t06nnaXtvUAdyr/dCshywaTAkgtac
2bKlmLzOozMN3dm7Fs9OM52vhHj7YGdcfxwib00+EEn1bN6ptWpQUUw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:49:52 2025 by rpki-client