Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PIXNET/flXk3tJCXLcC8st0U5gI1RNc24I.roa
File: flXk3tJCXLcC8st0U5gI1RNc24I.roa (raw, json)
Hash identifier: RbFoqglvVxMuknqQgYPym2TsgJ0qXupusw11XV8aA8s=
Subject key identifier: 7E:55:E4:DE:D2:42:5C:B7:02:F2:CB:74:53:98:08:D5:13:5C:DB:82
Certificate issuer: /CN=CDF44277BA96FC60729008649C09B0AEA07033E8
Certificate serial: 086D
Authority key identifier: CD:F4:42:77:BA:96:FC:60:72:90:08:64:9C:09:B0:AE:A0:70:33:E8
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zfRCd7qW_GBykAhknAmwrqBwM-g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/flXk3tJCXLcC8st0U5gI1RNc24I.roa
Signing time: Sun 07 Feb 2021 13:07:33 +0000
ROA not before: Sun 07 Feb 2021 13:07:33 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.23.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2157 (0x86d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDF44277BA96FC60729008649C09B0AEA07033E8
Validity
Not Before: Feb 7 13:07:33 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=7E55E4DED2425CB702F2CB74539808D5135CDB82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:49:c9:ae:cb:c8:75:3f:3f:94:1f:90:b9:06:
7b:11:c2:f0:5a:d0:8c:08:db:c7:bf:f4:e0:94:39:
cd:fd:bb:39:df:18:9e:18:0e:cf:ee:1c:85:e9:a0:
cf:ab:71:75:32:96:51:50:04:6c:c2:09:c7:3f:a7:
0e:9c:f2:3a:03:0a:f2:6d:8f:1f:46:dd:22:f1:00:
b5:95:02:74:48:ca:72:6f:17:4d:5b:5f:3c:7e:4b:
2a:5f:13:42:f4:8f:2b:b8:27:9d:ba:6f:78:4e:c2:
dc:92:a8:be:22:17:fa:1b:d4:1a:bd:ef:26:91:23:
2c:3a:bd:d4:70:73:ac:8c:b6:fb:3b:fd:21:96:96:
bf:cf:af:6f:16:f1:0c:01:37:d4:34:06:0b:8a:05:
6c:57:13:10:b6:51:c8:63:71:64:67:ac:c4:c1:a6:
21:ee:85:87:f8:39:cc:91:25:e6:d8:7d:db:e6:bd:
f0:5e:1c:88:0e:5f:9a:7a:4e:64:a1:a5:cb:bf:8f:
8a:59:34:f2:e9:be:85:ff:57:dc:a8:e8:f5:31:6d:
f7:3e:63:20:36:9c:a5:88:ce:16:fa:ab:87:db:91:
68:3c:d1:a7:b0:3e:64:b9:0d:a3:18:3f:7d:69:e3:
98:51:ba:e3:20:44:80:ec:3d:85:c3:7c:2b:56:81:
64:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:55:E4:DE:D2:42:5C:B7:02:F2:CB:74:53:98:08:D5:13:5C:DB:82
X509v3 Authority Key Identifier:
keyid:CD:F4:42:77:BA:96:FC:60:72:90:08:64:9C:09:B0:AE:A0:70:33:E8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/zfRCd7qW_GBykAhknAmwrqBwM-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zfRCd7qW_GBykAhknAmwrqBwM-g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/flXk3tJCXLcC8st0U5gI1RNc24I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.108.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:6b:fe:a3:02:55:f3:96:aa:83:58:d9:93:17:cb:cc:01:a6:
6b:e8:87:c0:df:eb:6f:6b:28:94:59:fa:a2:8e:f2:0d:af:4e:
72:bb:b5:73:46:53:30:77:9f:cf:f6:fd:78:cc:a7:d2:8c:98:
75:1b:38:62:7e:d5:4c:68:f1:54:79:d6:4a:d2:ad:e3:40:bc:
66:8b:50:e3:17:9f:ec:1e:c5:f8:91:88:97:88:7b:8c:e0:d5:
2e:23:81:1d:2f:4a:e9:51:d1:0d:f9:c7:75:92:32:ac:5f:c2:
08:04:a9:c9:99:29:b9:5e:81:56:58:93:b0:3e:61:f1:9d:2f:
6c:59:e7:30:b2:93:20:f7:ec:34:4b:d9:0a:2c:54:7b:56:32:
a2:5c:0f:38:1b:1a:c7:82:2e:dc:03:70:cd:aa:ef:c5:9e:e6:
94:8e:61:15:83:21:83:f8:4a:4c:fe:85:32:3a:e2:2d:dd:a2:
29:84:65:82:3c:fe:5f:2d:1b:30:53:56:b2:37:ce:54:17:9f:
d5:5e:03:d4:61:e4:a2:1e:06:9b:e6:e1:b7:3a:8f:43:09:5d:
31:22:e9:a3:04:e6:81:8a:5c:32:2c:b1:2f:ef:53:be:73:06:
82:ba:2b:4d:ee:e0:44:d5:2a:20:c1:a9:17:e7:e6:36:df:9f:
d4:4f:80:a1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RG
NDQyNzdCQTk2RkM2MDcyOTAwODY0OUMwOUIwQUVBMDcwMzNFODAeFw0yMTAyMDcx
MzA3MzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDdFNTVFNERFRDI0MjVD
QjcwMkYyQ0I3NDUzOTgwOEQ1MTM1Q0RCODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCScmuy8h1Pz+UH5C5BnsRwvBa0IwI28e/9OCUOc39uznfGJ4Y
Ds/uHIXpoM+rcXUyllFQBGzCCcc/pw6c8joDCvJtjx9G3SLxALWVAnRIynJvF01b
Xzx+SypfE0L0jyu4J526b3hOwtySqL4iF/ob1Bq97yaRIyw6vdRwc6yMtvs7/SGW
lr/Pr28W8QwBN9Q0BguKBWxXExC2UchjcWRnrMTBpiHuhYf4OcyRJebYfdvmvfBe
HIgOX5p6TmShpcu/j4pZNPLpvoX/V9yo6PUxbfc+YyA2nKWIzhb6q4fbkWg80aew
PmS5DaMYP31p45hRuuMgRIDsPYXDfCtWgWSRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUflXk3tJCXLcC8st0U5gI1RNc24IwHwYDVR0jBBgwFoAUzfRCd7qW/GBykAhk
nAmwrqBwM+gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElYTkVU
L3pmUkNkN3FXX0dCeWtBaGtuQW13cnFCd00tZy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvemZSQ2Q3cVdfR0J5a0Foa25BbXdycUJ3TS1nLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElYTkVUL2ZsWGszdEpDWExjQzhzdDBV
NWdJMVJOYzI0SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn
F2wwDQYJKoZIhvcNAQELBQADggEBACxr/qMCVfOWqoNY2ZMXy8wBpmvoh8Df629r
KJRZ+qKO8g2vTnK7tXNGUzB3n8/2/XjMp9KMmHUbOGJ+1Uxo8VR51krSreNAvGaL
UOMXn+wexfiRiJeIe4zg1S4jgR0vSulR0Q35x3WSMqxfwggEqcmZKblegVZYk7A+
YfGdL2xZ5zCykyD37DRL2QosVHtWMqJcDzgbGseCLtwDcM2q78We5pSOYRWDIYP4
Skz+hTI64i3doimEZYI8/l8tGzBTVrI3zlQXn9VeA9Rh5KIeBpvm4bc6j0MJXTEi
6aME5oGKXDIssS/vU75zBoK6K03u4ETVKiDBqRfn5jbfn9RPgKE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org