Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NKBNET/xtnfTOOTaOoi7MA0tdoPB6o9cUs.roa
File: xtnfTOOTaOoi7MA0tdoPB6o9cUs.roa (raw, json)
Hash identifier: dRcvxN44vSx+Q58eCT10aemxi2IEKKirljUClFlIyyc=
Subject key identifier: C6:D9:DF:4C:E3:93:68:EA:22:EC:C0:34:B5:DA:0F:07:AA:3D:71:4B
Certificate issuer: /CN=8051F2ECEFC242E9AF9F1E454A4FB796591B8DAB
Certificate serial: 0F80
Authority key identifier: 80:51:F2:EC:EF:C2:42:E9:AF:9F:1E:45:4A:4F:B7:96:59:1B:8D:AB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gFHy7O_CQumvnx5FSk-3llkbjas.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/xtnfTOOTaOoi7MA0tdoPB6o9cUs.roa
Signing time: Sun 07 Feb 2021 11:50:05 +0000
ROA not before: Sun 07 Feb 2021 11:50:05 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9922
IP address blocks: 103.130.48.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3968 (0xf80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8051F2ECEFC242E9AF9F1E454A4FB796591B8DAB
Validity
Not Before: Feb 7 11:50:05 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C6D9DF4CE39368EA22ECC034B5DA0F07AA3D714B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0f:24:85:d3:3f:2e:a6:0e:eb:50:12:b6:b0:
2f:73:a8:9e:ab:f1:ed:d1:6a:51:5a:df:03:b0:4d:
ad:da:69:db:66:12:02:ac:bb:61:2b:64:4f:1d:64:
92:c7:f5:b1:29:81:48:a9:d1:8d:a9:f8:81:bf:02:
56:05:17:3f:09:02:4c:c0:f7:bb:35:4f:8e:ed:cf:
b1:94:6c:2a:bb:4d:17:3d:eb:b3:6e:e3:5c:f0:ea:
34:81:f2:47:a2:f7:a2:8e:09:9d:42:f3:d7:1e:12:
8d:9b:a6:bb:d3:89:8c:25:70:23:2b:37:a9:98:65:
39:7f:19:62:61:a5:cd:4e:dc:65:c4:15:a1:34:0b:
86:a9:94:63:64:c5:ca:d4:f4:70:30:a6:b9:1a:8e:
98:fe:1a:ba:67:b3:58:f3:37:00:30:cb:d9:ad:c8:
05:63:68:04:a0:9f:c4:a3:f8:d3:aa:6e:eb:af:dd:
0c:2f:67:6d:b7:eb:8e:ce:66:2c:7b:22:26:96:fe:
45:9c:59:a1:29:97:77:ab:74:9b:25:44:d9:2f:a9:
c5:20:da:24:e9:00:ac:4c:1b:63:6d:f7:81:83:e3:
fd:72:e3:97:6a:52:17:84:1e:2f:01:7e:e5:92:1e:
a0:99:d2:79:84:52:4b:96:64:82:4f:5a:00:34:7d:
e1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D9:DF:4C:E3:93:68:EA:22:EC:C0:34:B5:DA:0F:07:AA:3D:71:4B
X509v3 Authority Key Identifier:
keyid:80:51:F2:EC:EF:C2:42:E9:AF:9F:1E:45:4A:4F:B7:96:59:1B:8D:AB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/gFHy7O_CQumvnx5FSk-3llkbjas.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gFHy7O_CQumvnx5FSk-3llkbjas.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/xtnfTOOTaOoi7MA0tdoPB6o9cUs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.48.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:84:6e:5f:39:15:79:7a:69:5c:a6:7e:d3:50:df:87:35:08:
79:75:6d:ae:ff:69:23:81:6a:74:56:59:14:02:c5:cb:e4:95:
2d:6b:67:65:e4:2b:dd:bd:a1:92:d7:4a:4f:7b:d0:2c:4e:d7:
bd:5f:c6:05:2e:8a:da:b2:3d:1c:af:fa:a4:40:3f:8f:a3:64:
fd:c8:16:3f:1e:47:eb:15:7d:6f:f3:88:90:96:33:f4:59:e7:
f0:55:1a:69:6d:2c:99:63:df:9a:54:74:0b:cc:22:9f:43:7e:
31:a1:87:87:95:69:20:a8:6f:4d:e0:53:ab:56:21:9a:bc:41:
bb:3d:92:0e:85:b2:bd:f1:bd:d6:27:16:bd:fc:23:a6:75:d2:
fc:76:07:b5:80:6e:bc:0a:bb:20:da:4f:ff:4a:c8:38:a1:25:
e8:3d:df:06:16:f7:9f:83:d9:78:fc:16:6d:e8:95:f4:3b:e3:
9c:63:b7:f2:2e:37:2e:f1:2d:91:6c:69:1e:40:93:cc:b4:2d:
af:46:de:09:6f:0d:06:50:95:6d:73:b7:80:01:09:c1:aa:a0:
97:e2:4b:cc:af:97:3c:3c:be:22:73:f3:19:0d:3d:69:0b:4a:
82:50:8c:29:fe:fc:50:bb:c1:62:10:0b:41:e7:0c:c1:35:bc:
23:f4:b8:a7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICD4AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODA1
MUYyRUNFRkMyNDJFOUFGOUYxRTQ1NEE0RkI3OTY1OTFCOERBQjAeFw0yMTAyMDcx
MTUwMDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM2RDlERjRDRTM5MzY4
RUEyMkVDQzAzNEI1REEwRjA3QUEzRDcxNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUDySF0z8upg7rUBK2sC9zqJ6r8e3RalFa3wOwTa3aadtmEgKs
u2ErZE8dZJLH9bEpgUip0Y2p+IG/AlYFFz8JAkzA97s1T47tz7GUbCq7TRc967Nu
41zw6jSB8kei96KOCZ1C89ceEo2bprvTiYwlcCMrN6mYZTl/GWJhpc1O3GXEFaE0
C4aplGNkxcrU9HAwprkajpj+Grpns1jzNwAwy9mtyAVjaASgn8Sj+NOqbuuv3Qwv
Z223647OZix7IiaW/kWcWaEpl3erdJslRNkvqcUg2iTpAKxMG2Nt94GD4/1y45dq
UheEHi8BfuWSHqCZ0nmEUkuWZIJPWgA0feEFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxtnfTOOTaOoi7MA0tdoPB6o9cUswHwYDVR0jBBgwFoAUgFHy7O/CQumvnx5F
Sk+3llkbjaswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTktCTkVU
L2dGSHk3T19DUXVtdm54NUZTay0zbGxrYmphcy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvZ0ZIeTdPX0NRdW12bng1RlNrLTNsbGtiamFzLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvTktCTkVUL3h0bmZUT09UYU9vaTdNQTB0
ZG9QQjZvOWNVcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn
gjAwDQYJKoZIhvcNAQELBQADggEBAG+Ebl85FXl6aVymftNQ34c1CHl1ba7/aSOB
anRWWRQCxcvklS1rZ2XkK929oZLXSk970CxO171fxgUuitqyPRyv+qRAP4+jZP3I
Fj8eR+sVfW/ziJCWM/RZ5/BVGmltLJlj35pUdAvMIp9DfjGhh4eVaSCob03gU6tW
IZq8Qbs9kg6Fsr3xvdYnFr38I6Z10vx2B7WAbrwKuyDaT/9KyDihJeg93wYW95+D
2Xj8Fm3olfQ745xjt/IuNy7xLZFsaR5Ak8y0La9G3glvDQZQlW1zt4ABCcGqoJfi
S8yvlzw8viJz8xkNPWkLSoJQjCn+/FC7wWIQC0HnDME1vCP0uKc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:16 2024 by rpki-client on console-ams.rpki-client.org