Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PIXNET/IlzeePVFRuQFG1JDqVIAlUzbfKU.roa
File: IlzeePVFRuQFG1JDqVIAlUzbfKU.roa (raw, json)
Hash identifier: 1zEPtba72A7fHO1pEDMRZ1DMOvYIaYXb5CTs6GlGMY0=
Subject key identifier: 22:5C:DE:78:F5:45:46:E4:05:1B:52:43:A9:52:00:95:4C:DB:7C:A5
Certificate issuer: /CN=CDF44277BA96FC60729008649C09B0AEA07033E8
Certificate serial: 09F5
Authority key identifier: CD:F4:42:77:BA:96:FC:60:72:90:08:64:9C:09:B0:AE:A0:70:33:E8
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zfRCd7qW_GBykAhknAmwrqBwM-g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/IlzeePVFRuQFG1JDqVIAlUzbfKU.roa
Signing time: Thu 15 Sep 2022 02:41:33 +0000
ROA not before: Thu 15 Sep 2022 02:41:33 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9924
IP address blocks: 103.23.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2549 (0x9f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDF44277BA96FC60729008649C09B0AEA07033E8
Validity
Not Before: Sep 15 02:41:33 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=225CDE78F54546E4051B5243A95200954CDB7CA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:aa:d1:c1:64:a3:49:cc:2a:56:19:ed:d1:55:
9c:cf:35:18:48:03:9b:c9:e5:31:46:71:56:8c:f4:
ab:55:b0:f1:a1:aa:d6:67:06:5d:87:e8:a9:0b:98:
80:4d:fb:12:17:a5:61:d6:0d:9e:e4:f9:88:dd:fe:
44:d8:8b:47:16:4f:e4:fd:b9:4e:b7:a3:1b:17:04:
96:35:a4:48:02:98:e7:cf:ce:cc:a5:a3:9f:e7:be:
7c:05:d3:e7:16:26:f3:94:8c:89:78:1c:61:b5:96:
9c:80:0c:75:25:fc:aa:dd:c1:83:7d:5a:db:6e:fd:
ad:03:cd:24:0b:6e:4e:8f:43:78:f6:13:17:34:79:
b4:bf:e5:2f:cc:44:6b:72:eb:31:f0:db:3c:11:0f:
15:9b:c4:db:fb:1d:aa:97:54:b3:52:bb:94:d9:59:
63:e8:94:98:02:e8:22:70:38:6b:50:0f:92:8e:5b:
7b:57:8a:ee:13:7f:97:ac:f3:3c:a1:68:08:09:88:
a4:60:09:dc:c0:2d:0e:c7:9c:a2:ce:c2:0d:1d:c3:
70:bc:0d:7b:52:a5:ef:57:f8:9c:68:be:2b:ea:16:
f1:9c:b7:cb:ea:ca:80:38:d5:98:fb:c9:3f:84:10:
09:12:f4:c6:13:2d:74:94:b6:fa:a2:96:ab:58:85:
4e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5C:DE:78:F5:45:46:E4:05:1B:52:43:A9:52:00:95:4C:DB:7C:A5
X509v3 Authority Key Identifier:
keyid:CD:F4:42:77:BA:96:FC:60:72:90:08:64:9C:09:B0:AE:A0:70:33:E8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/zfRCd7qW_GBykAhknAmwrqBwM-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zfRCd7qW_GBykAhknAmwrqBwM-g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/IlzeePVFRuQFG1JDqVIAlUzbfKU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.108.0/22
Signature Algorithm: sha256WithRSAEncryption
41:10:19:bd:34:a0:65:54:09:02:19:61:d7:f9:f5:f0:13:14:
19:6f:be:9d:ad:72:41:8f:22:bd:9e:0a:50:ed:f0:ac:4a:a3:
f5:ba:3a:40:ab:66:d7:dc:9c:34:b6:67:d7:c6:16:24:12:f3:
ec:ae:d2:8a:4f:c2:66:20:41:46:69:d4:d5:a1:c0:af:e8:2c:
7c:c2:61:b7:e4:fe:12:79:73:a3:e6:e8:6a:06:e4:d7:c6:49:
ea:bf:95:47:39:dd:b0:4d:f4:7c:3a:35:e4:4f:5c:41:b0:c0:
1d:38:14:15:e5:94:b0:b1:e6:17:2c:b2:38:95:55:aa:2e:e1:
f8:f0:94:d3:77:1d:7f:32:f9:fb:4e:10:7f:3d:ca:8e:52:10:
f2:cd:a6:2e:b8:6c:eb:5a:46:9f:95:55:28:6f:85:17:29:63:
ea:dd:11:d1:32:ca:45:cf:dc:ec:b4:db:19:52:93:0a:75:81:
d9:05:1a:48:98:6c:d1:e6:64:bc:85:45:65:75:d3:61:dd:cc:
e7:fd:e0:5e:9d:3c:1b:89:7d:53:54:55:e7:bd:16:56:27:86:
2e:c2:bd:81:3e:a5:18:cf:0d:a3:0b:9c:45:df:df:35:f1:f5:
77:dc:e5:55:0b:ec:8f:41:90:a6:57:77:7c:f0:64:c9:d4:db:
cd:03:c3:5d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCfUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RG
NDQyNzdCQTk2RkM2MDcyOTAwODY0OUMwOUIwQUVBMDcwMzNFODAeFw0yMjA5MTUw
MjQxMzNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIyNUNERTc4RjU0NTQ2
RTQwNTFCNTI0M0E5NTIwMDk1NENEQjdDQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9qtHBZKNJzCpWGe3RVZzPNRhIA5vJ5TFGcVaM9KtVsPGhqtZn
Bl2H6KkLmIBN+xIXpWHWDZ7k+Yjd/kTYi0cWT+T9uU63oxsXBJY1pEgCmOfPzsyl
o5/nvnwF0+cWJvOUjIl4HGG1lpyADHUl/KrdwYN9Wttu/a0DzSQLbk6PQ3j2Exc0
ebS/5S/MRGty6zHw2zwRDxWbxNv7HaqXVLNSu5TZWWPolJgC6CJwOGtQD5KOW3tX
iu4Tf5es8zyhaAgJiKRgCdzALQ7HnKLOwg0dw3C8DXtSpe9X+JxovivqFvGct8vq
yoA41Zj7yT+EEAkS9MYTLXSUtvqilqtYhU4RAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIlzeePVFRuQFG1JDqVIAlUzbfKUwHwYDVR0jBBgwFoAUzfRCd7qW/GBykAhk
nAmwrqBwM+gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElYTkVU
L3pmUkNkN3FXX0dCeWtBaGtuQW13cnFCd00tZy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvemZSQ2Q3cVdfR0J5a0Foa25BbXdycUJ3TS1nLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElYTkVUL0lsemVlUFZGUnVRRkcxSkRx
VklBbFV6YmZLVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn
F2wwDQYJKoZIhvcNAQELBQADggEBAEEQGb00oGVUCQIZYdf59fATFBlvvp2tckGP
Ir2eClDt8KxKo/W6OkCrZtfcnDS2Z9fGFiQS8+yu0opPwmYgQUZp1NWhwK/oLHzC
Ybfk/hJ5c6Pm6GoG5NfGSeq/lUc53bBN9Hw6NeRPXEGwwB04FBXllLCx5hcssjiV
Vaou4fjwlNN3HX8y+ftOEH89yo5SEPLNpi64bOtaRp+VVShvhRcpY+rdEdEyykXP
3Oy02xlSkwp1gdkFGkiYbNHmZLyFRWV102HdzOf94F6dPBuJfVNUVee9FlYnhi7C
vYE+pRjPDaMLnEXf3zXx9Xfc5VUL7I9BkKZXd3zwZMnU280Dw10=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org