Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/szcsuonIPNRRlpMDfLxB7wT1liE.roa
File: szcsuonIPNRRlpMDfLxB7wT1liE.roa (raw, json)
Hash identifier: PW23YWtu7z6uW8ZQPB72mBtaOCTT3jrX5POMeCC1dKw=
Subject key identifier: B3:37:2C:BA:89:C8:3C:D4:51:96:93:03:7C:BC:41:EF:04:F5:96:21
Certificate issuer: /CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2
Certificate serial: 557D
Authority key identifier: B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/szcsuonIPNRRlpMDfLxB7wT1liE.roa
Signing time: Sun 07 Feb 2021 13:15:50 +0000
ROA not before: Sun 07 Feb 2021 13:15:50 +0000
ROA not after: Tue 23 Nov 2021 09:15:57 +0000
asID: 38851
IP address blocks: 43.227.24.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21885 (0x557d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2
Validity
Not Before: Feb 7 13:15:50 2021 GMT
Not After : Nov 23 09:15:57 2021 GMT
Subject: CN=B3372CBA89C83CD4519693037CBC41EF04F59621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fa:4f:0b:66:82:ef:1a:71:a9:ff:12:a2:05:
0d:b1:7c:45:c8:0f:1c:16:de:52:ac:13:1c:66:9b:
68:f3:32:66:53:47:36:57:43:fd:49:61:59:4f:e8:
66:c9:8e:a7:19:73:78:d4:90:4a:05:ce:5a:74:b8:
da:65:e9:9e:fc:2d:24:9b:22:65:2a:2a:56:c5:b2:
52:d0:40:fb:aa:96:6f:be:b4:29:97:6e:4a:2e:ad:
d4:dc:47:15:c0:18:cc:e6:c5:ce:55:49:d6:0b:b3:
42:a9:10:24:47:0d:6e:9e:e3:e2:da:87:bc:0a:92:
8b:70:87:95:ed:ce:a7:56:f9:85:58:3c:0d:4c:ee:
bc:6f:c4:f3:df:42:49:dd:ab:d2:59:92:bd:e0:00:
bd:73:c8:65:6f:34:5b:74:ee:6e:a3:cd:52:58:e9:
e1:e5:a6:07:0f:8c:ac:1e:cb:33:73:bd:12:42:84:
e4:94:6f:51:49:e1:62:ec:ed:25:19:58:09:43:af:
aa:48:02:44:7e:cc:1e:92:07:15:31:d8:ef:7f:a5:
7e:c3:2e:a7:af:1e:95:97:50:97:eb:69:5b:2b:64:
00:bd:eb:c2:5e:de:b5:13:66:59:46:11:18:76:c0:
c5:cf:96:df:6e:5b:a4:7a:bf:92:d1:da:f5:2c:45:
a1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:37:2C:BA:89:C8:3C:D4:51:96:93:03:7C:BC:41:EF:04:F5:96:21
X509v3 Authority Key Identifier:
keyid:B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/szcsuonIPNRRlpMDfLxB7wT1liE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.24.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:1d:63:73:31:98:d4:ea:b4:14:c9:f5:bb:5a:f1:1a:cc:e7:
2e:11:a9:20:a9:bb:d3:3f:6d:39:59:de:85:af:9b:b6:35:32:
70:b8:a5:b9:fa:c2:a9:fe:be:e9:a8:5c:55:d1:20:16:a2:23:
19:d8:37:24:22:1b:da:dc:a6:8a:d7:dd:0a:0b:f6:96:72:5b:
e4:28:10:39:4c:f0:86:0c:ec:1e:8d:93:21:c9:96:cf:bd:ba:
e0:a7:ff:ee:ad:29:32:6b:50:dd:94:19:52:1e:db:fc:db:a3:
b9:18:75:6f:b0:81:0e:4d:1f:fe:76:d1:61:df:7f:9a:61:3d:
dc:95:f1:10:83:44:8f:9d:26:88:00:47:d7:c1:72:0f:1f:7f:
4e:ab:06:fd:00:22:97:55:72:74:76:ff:8d:72:47:b1:65:98:
f0:b6:e2:05:95:77:07:19:26:1f:7e:ad:da:6d:13:94:f4:6a:
4f:5a:ec:8a:cc:8d:17:38:eb:ad:01:43:85:30:f0:30:45:03:
80:44:bc:4e:0b:83:1a:6c:42:a3:c1:d7:f0:36:1c:e4:c1:39:
24:27:18:6e:f2:6f:65:5f:44:7d:e2:1a:04:e3:33:63:c7:e7:
fa:fe:dc:ac:6d:27:a6:13:ff:64:a6:97:a1:d0:76:66:df:c5:
a1:65:ea:07
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjQz
MjBGRDc4REZCNkE0RDFDOTIzMjJGNzk0OTY2Qjg1MjVERkREMjAeFw0yMTAyMDcx
MzE1NTBaFw0yMTExMjMwOTE1NTdaMDMxMTAvBgNVBAMTKEIzMzcyQ0JBODlDODND
RDQ1MTk2OTMwMzdDQkM0MUVGMDRGNTk2MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI+k8LZoLvGnGp/xKiBQ2xfEXIDxwW3lKsExxmm2jzMmZTRzZX
Q/1JYVlP6GbJjqcZc3jUkEoFzlp0uNpl6Z78LSSbImUqKlbFslLQQPuqlm++tCmX
bkourdTcRxXAGMzmxc5VSdYLs0KpECRHDW6e4+Lah7wKkotwh5XtzqdW+YVYPA1M
7rxvxPPfQkndq9JZkr3gAL1zyGVvNFt07m6jzVJY6eHlpgcPjKweyzNzvRJChOSU
b1FJ4WLs7SUZWAlDr6pIAkR+zB6SBxUx2O9/pX7DLqevHpWXUJfraVsrZAC968Je
3rUTZllGERh2wMXPlt9uW6R6v5LR2vUsRaG3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUszcsuonIPNRRlpMDfLxB7wT1liEwHwYDVR0jBBgwFoAUtDIP1437ak0ckjIv
eUlmuFJd/dIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlRDQ0FU
Vi90RElQMTQzN2FrMGNrakl2ZVVsbXVGSmRfZEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3RESVAxNDM3YWswY2tqSXZlVWxtdUZKZF9kSS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05UQ0NBVFYvc3pjc3VvbklQTlJSbHBN
RGZMeEI3d1QxbGlFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ASvjGDANBgkqhkiG9w0BAQsFAAOCAQEAXh1jczGY1Oq0FMn1u1rxGsznLhGpIKm7
0z9tOVneha+btjUycLilufrCqf6+6ahcVdEgFqIjGdg3JCIb2tymitfdCgv2lnJb
5CgQOUzwhgzsHo2TIcmWz7264Kf/7q0pMmtQ3ZQZUh7b/NujuRh1b7CBDk0f/nbR
Yd9/mmE93JXxEINEj50miABH18FyDx9/TqsG/QAil1VydHb/jXJHsWWY8LbiBZV3
BxkmH36t2m0TlPRqT1rsisyNFzjrrQFDhTDwMEUDgES8TguDGmxCo8HX8DYc5ME5
JCcYbvJvZV9EfeIaBOMzY8fn+v7crG0nphP/ZKaXodB2Zt/FoWXqBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org