Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/dRETm5khCr2YzPFGat2LMSqniS4.roa
File: dRETm5khCr2YzPFGat2LMSqniS4.roa (raw, json)
Hash identifier: uufqCaIo6qAqC8eyTnzib28bx1NQ26M5cLV9+6+SM6w=
Subject key identifier: 75:11:13:9B:99:21:0A:BD:98:CC:F1:46:6A:DD:8B:31:2A:A7:89:2E
Certificate issuer: /CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2
Certificate serial: 5644
Authority key identifier: B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/dRETm5khCr2YzPFGat2LMSqniS4.roa
Signing time: Tue 09 Nov 2021 09:18:34 +0000
ROA not before: Tue 09 Nov 2021 09:18:34 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38851
IP address blocks: 43.227.24.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22084 (0x5644)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2
Validity
Not Before: Nov 9 09:18:34 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=7511139B99210ABD98CCF1466ADD8B312AA7892E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d0:d6:c5:1a:bd:55:01:11:d5:18:96:21:65:
80:e6:2e:30:e1:08:f5:80:9a:9b:19:5a:0e:72:3d:
22:d3:6c:fc:a9:9c:36:30:07:c0:77:ae:3f:e7:44:
52:51:5e:97:11:3c:41:32:e8:49:56:f9:80:52:e4:
b7:6e:70:86:1d:13:fa:f7:85:5a:27:ae:3d:89:08:
b3:16:ec:d0:0d:28:2f:a5:fe:f7:fc:bc:31:40:98:
f1:19:0c:11:12:80:9c:37:47:95:e3:b2:e9:41:54:
2d:4b:09:6b:c2:0a:40:03:80:79:7a:e1:ed:d2:2c:
48:e3:64:c0:6a:f7:59:3f:2d:0f:2e:69:e0:1e:47:
9f:dc:19:f2:89:0e:53:b2:3b:dd:cf:8c:c2:79:f7:
54:48:0f:49:58:8a:c7:f2:21:ca:53:1d:bb:76:7f:
69:62:5f:1f:39:17:e9:dc:9f:46:98:59:9e:7e:6b:
d6:e1:c6:37:5e:9d:75:a4:cb:f5:98:24:10:0b:5a:
ce:bd:8c:ee:fc:97:75:80:b4:20:20:b5:29:17:8e:
62:a7:30:c1:ff:7a:16:4a:d1:03:93:f4:28:71:1c:
c5:ab:af:14:41:97:7f:cc:41:4a:df:f5:16:51:03:
5d:b3:2b:69:f4:f0:9d:50:a4:55:dc:06:de:d7:75:
b6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:11:13:9B:99:21:0A:BD:98:CC:F1:46:6A:DD:8B:31:2A:A7:89:2E
X509v3 Authority Key Identifier:
keyid:B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/dRETm5khCr2YzPFGat2LMSqniS4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.24.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:69:2c:02:fa:4c:1d:98:5f:e1:13:cd:b4:4f:f6:a9:3f:cf:
f3:26:0f:66:92:7a:91:82:18:07:1f:53:30:b7:6e:e1:4a:7f:
b5:a3:7f:3e:9d:e9:27:33:b0:6b:87:b0:99:4c:f2:21:37:54:
09:21:62:1d:05:e1:82:b2:d6:67:24:f9:95:a1:32:3f:14:a3:
9d:8c:58:c8:de:4d:d6:57:0a:38:50:c7:31:e7:f9:03:db:d9:
6a:9b:62:d4:f2:63:77:02:ac:43:3e:54:1c:30:6d:bd:89:54:
90:50:ad:c2:46:3b:9d:07:44:2c:ca:3b:00:e8:d2:66:18:01:
b3:9d:24:0b:7b:cd:db:ba:cb:2d:20:f8:87:5e:c0:31:9d:2f:
f6:79:ca:d4:5f:52:63:1a:1e:cf:f5:aa:74:aa:09:dc:29:d7:
43:d4:44:35:94:b2:c6:99:75:01:b2:4a:f0:78:ef:e3:42:39:
75:7f:5e:9e:0b:3f:28:05:18:32:af:bc:98:0b:c3:cc:b4:60:
6a:c6:89:ed:f0:a3:62:c9:33:c7:0a:93:c9:46:79:0c:17:9e:
2b:d5:75:b2:26:97:a6:44:56:ca:e0:98:95:e4:4e:3a:0c:7b:
7d:1c:33:bc:bc:30:53:6d:1e:cf:95:37:45:0d:67:09:5a:02:
59:f0:73:ca
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjQz
MjBGRDc4REZCNkE0RDFDOTIzMjJGNzk0OTY2Qjg1MjVERkREMjAeFw0yMTExMDkw
OTE4MzRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDc1MTExMzlCOTkyMTBB
QkQ5OENDRjE0NjZBREQ4QjMxMkFBNzg5MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU0NbFGr1VARHVGJYhZYDmLjDhCPWAmpsZWg5yPSLTbPypnDYw
B8B3rj/nRFJRXpcRPEEy6ElW+YBS5LducIYdE/r3hVonrj2JCLMW7NANKC+l/vf8
vDFAmPEZDBESgJw3R5XjsulBVC1LCWvCCkADgHl64e3SLEjjZMBq91k/LQ8uaeAe
R5/cGfKJDlOyO93PjMJ591RID0lYisfyIcpTHbt2f2liXx85F+ncn0aYWZ5+a9bh
xjdenXWky/WYJBALWs69jO78l3WAtCAgtSkXjmKnMMH/ehZK0QOT9ChxHMWrrxRB
l3/MQUrf9RZRA12zK2n08J1QpFXcBt7XdbYRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdRETm5khCr2YzPFGat2LMSqniS4wHwYDVR0jBBgwFoAUtDIP1437ak0ckjIv
eUlmuFJd/dIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlRDQ0FU
Vi90RElQMTQzN2FrMGNrakl2ZVVsbXVGSmRfZEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3RESVAxNDM3YWswY2tqSXZlVWxtdUZKZF9kSS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05UQ0NBVFYvZFJFVG01a2hDcjJZelBG
R2F0MkxNU3FuaVM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AivjGDANBgkqhkiG9w0BAQsFAAOCAQEAmmksAvpMHZhf4RPNtE/2qT/P8yYPZpJ6
kYIYBx9TMLdu4Up/taN/Pp3pJzOwa4ewmUzyITdUCSFiHQXhgrLWZyT5laEyPxSj
nYxYyN5N1lcKOFDHMef5A9vZapti1PJjdwKsQz5UHDBtvYlUkFCtwkY7nQdELMo7
AOjSZhgBs50kC3vN27rLLSD4h17AMZ0v9nnK1F9SYxoez/WqdKoJ3CnXQ9RENZSy
xpl1AbJK8Hjv40I5dX9engs/KAUYMq+8mAvDzLRgasaJ7fCjYskzxwqTyUZ5DBee
K9V1siaXpkRWyuCYleROOgx7fRwzvLwwU20ez5U3RQ1nCVoCWfBzyg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:01 2023 by rpki-client on console-ams.rpki-client.org