Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NSS/OzJCyw3b4Jmms36NF03MPU4j9PU.roa
File: OzJCyw3b4Jmms36NF03MPU4j9PU.roa (raw, json)
Hash identifier: qEKLWHPwAcC6hBvJ6mHnOMWMc50c8OTbAR2AyDvC2Zg=
Subject key identifier: 3B:32:42:CB:0D:DB:E0:99:A6:B3:7E:8D:17:4D:CC:3D:4E:23:F4:F5
Certificate issuer: /CN=7957076E29BFC1648EFF71A398BAAC4A9E886820
Certificate serial: 0BC7
Authority key identifier: 79:57:07:6E:29:BF:C1:64:8E:FF:71:A3:98:BA:AC:4A:9E:88:68:20
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/eVcHbim_wWSO_3GjmLqsSp6IaCA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/OzJCyw3b4Jmms36NF03MPU4j9PU.roa
Signing time: Fri 24 May 2024 08:07:16 +0000
ROA not before: Fri 24 May 2024 08:07:16 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131626
IP address blocks: 103.118.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3015 (0xbc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7957076E29BFC1648EFF71A398BAAC4A9E886820
Validity
Not Before: May 24 08:07:16 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=3B3242CB0DDBE099A6B37E8D174DCC3D4E23F4F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dd:2b:c3:ad:a5:0d:59:34:6f:86:cd:b6:36:
d5:f9:31:c5:a2:db:86:39:90:7d:96:3f:3e:85:90:
79:ff:61:4a:1a:fd:77:69:4a:19:69:c2:54:e3:18:
67:c5:b5:b2:f4:80:3a:ac:f1:f6:fe:62:e2:54:fd:
a7:6d:05:b5:6f:2f:15:13:0f:04:69:a1:fd:f7:ec:
8e:e2:ca:ad:95:51:d9:d8:30:23:20:51:c5:44:62:
69:b3:7c:1e:a4:4f:8f:a4:a0:2c:67:f3:73:89:3f:
a0:cb:20:3e:ba:0d:58:ef:1b:d0:d7:bd:6d:85:34:
da:09:07:09:f6:c2:e3:64:17:fa:6c:3e:53:d9:21:
a4:2a:67:0e:98:ba:de:24:72:fb:9a:b5:c4:b2:db:
a7:5f:e3:df:a8:ac:bf:35:58:39:e5:01:f4:51:79:
d5:d2:ae:22:e2:2b:a1:0c:85:4c:5d:94:95:90:ca:
4e:87:77:40:4e:51:7c:ab:d1:dd:51:22:8a:a4:14:
fd:c4:72:15:e4:79:c7:3a:15:2f:38:ec:f6:fc:b4:
9e:6b:1d:3d:8c:dc:6c:bd:1c:f3:87:72:71:64:04:
e8:3f:7d:d7:56:37:d1:71:68:bf:ac:50:02:71:b0:
2c:62:01:b0:03:31:1f:15:9d:ef:d3:2f:75:58:c9:
c8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:32:42:CB:0D:DB:E0:99:A6:B3:7E:8D:17:4D:CC:3D:4E:23:F4:F5
X509v3 Authority Key Identifier:
keyid:79:57:07:6E:29:BF:C1:64:8E:FF:71:A3:98:BA:AC:4A:9E:88:68:20
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/eVcHbim_wWSO_3GjmLqsSp6IaCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/eVcHbim_wWSO_3GjmLqsSp6IaCA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/OzJCyw3b4Jmms36NF03MPU4j9PU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.24.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:02:aa:05:ba:80:55:8f:0b:25:4a:3b:94:e3:47:98:0c:bf:
27:81:fd:ba:ef:0d:41:c5:3f:ad:03:ee:e0:da:ab:38:4a:93:
30:fe:42:57:4f:68:13:d7:1e:da:a0:75:76:30:f1:5b:35:f0:
7b:e2:a8:4b:0e:4f:be:4b:67:ba:26:28:63:9b:e1:2e:14:56:
c4:b8:c6:4b:a6:5c:5a:bd:59:27:d4:7b:7b:d8:a6:f4:97:e2:
f2:e5:f7:fc:72:fe:f0:29:7c:43:69:05:32:ed:ab:14:cf:91:
64:96:4f:3a:22:b8:21:ce:89:a8:19:9a:87:7d:b7:2d:7c:b5:
92:ed:5f:bc:62:20:24:c4:52:d7:31:b5:fd:6d:22:3e:a9:f0:
f4:c2:69:0f:26:ef:2e:b8:ea:16:73:41:a0:69:0b:ee:c5:10:
2e:d1:e7:c3:af:fc:55:01:f2:30:78:c6:fa:d0:54:e8:84:47:
52:09:73:a2:98:e3:3f:fc:94:fb:9e:e7:db:ca:39:6a:4f:bd:
20:59:35:0a:62:65:10:63:2e:1a:7b:4d:3b:03:7d:4c:13:6d:
99:de:80:e8:6e:78:b6:b6:be:37:5f:64:ce:8b:e3:e3:ee:76:
2c:7d:d2:d4:79:93:46:e4:9a:1c:c3:82:06:e3:70:2e:7b:42:
b6:db:95:c5
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC8cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzk1
NzA3NkUyOUJGQzE2NDhFRkY3MUEzOThCQUFDNEE5RTg4NjgyMDAeFw0yNDA1MjQw
ODA3MTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNCMzI0MkNCMEREQkUw
OTlBNkIzN0U4RDE3NERDQzNENEUyM0Y0RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC03SvDraUNWTRvhs22NtX5McWi24Y5kH2WPz6FkHn/YUoa/Xdp
ShlpwlTjGGfFtbL0gDqs8fb+YuJU/adtBbVvLxUTDwRpof337I7iyq2VUdnYMCMg
UcVEYmmzfB6kT4+koCxn83OJP6DLID66DVjvG9DXvW2FNNoJBwn2wuNkF/psPlPZ
IaQqZw6Yut4kcvuatcSy26df49+orL81WDnlAfRRedXSriLiK6EMhUxdlJWQyk6H
d0BOUXyr0d1RIoqkFP3EchXkecc6FS847Pb8tJ5rHT2M3Gy9HPOHcnFkBOg/fddW
N9FxaL+sUAJxsCxiAbADMR8Vne/TL3VYycgTAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUOzJCyw3b4Jmms36NF03MPU4j9PUwHwYDVR0jBBgwFoAUeVcHbim/wWSO/3Gj
mLqsSp6IaCAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlNTL2VW
Y0hiaW1fd1dTT18zR2ptTHFzU3A2SWFDQS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZVZjSGJpbV93V1NPXzNHam1McXNTcDZJYUNBLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTlNTL096SkN5dzNiNEptbXMzNk5GMDNNUFU0
ajlQVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJndhgwDQYJ
KoZIhvcNAQELBQADggEBAKwCqgW6gFWPCyVKO5TjR5gMvyeB/brvDUHFP60D7uDa
qzhKkzD+QldPaBPXHtqgdXYw8Vs18HviqEsOT75LZ7omKGOb4S4UVsS4xkumXFq9
WSfUe3vYpvSX4vLl9/xy/vApfENpBTLtqxTPkWSWTzoiuCHOiagZmod9ty18tZLt
X7xiICTEUtcxtf1tIj6p8PTCaQ8m7y646hZzQaBpC+7FEC7R58Ov/FUB8jB4xvrQ
VOiER1IJc6KY4z/8lPue59vKOWpPvSBZNQpiZRBjLhp7TTsDfUwTbZnegOhueLa2
vjdfZM6L4+Pudix90tR5k0bkmhzDggbjcC57QrbblcU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:25 2025 by rpki-client