Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/HaO9TGGGzVlJjemvJCtOW0alPoA.roa
File: HaO9TGGGzVlJjemvJCtOW0alPoA.roa (raw, json)
Hash identifier: ZBS8W9GbBGXW1oaCSOiN0gdghPQbTYnHH1bHja53v00=
Subject key identifier: 1D:A3:BD:4C:61:86:CD:59:49:8D:E9:AF:24:2B:4E:5B:46:A5:3E:80
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 0670
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/HaO9TGGGzVlJjemvJCtOW0alPoA.roa
Signing time: Thu 15 Sep 2022 02:49:34 +0000
ROA not before: Thu 15 Sep 2022 02:49:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131642
IP address blocks: 103.148.72.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1648 (0x670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Sep 15 02:49:34 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1DA3BD4C6186CD59498DE9AF242B4E5B46A53E80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2f:e0:b8:ff:44:7b:59:4d:1f:2d:ab:fc:f8:
03:bd:53:a8:87:f1:42:0d:1c:27:33:dc:0b:1a:6b:
54:0e:22:ae:eb:a4:48:1b:9f:75:20:c0:30:bd:3f:
3b:92:f9:5d:19:41:2c:24:37:f9:1e:60:af:4c:65:
8d:44:1a:a8:16:5e:f4:09:e2:39:5f:07:4b:44:69:
01:05:ec:e1:1f:3f:67:cf:ef:7e:b6:0d:0f:0a:9f:
9a:b9:10:2e:6c:be:2e:5f:bd:8a:49:62:76:98:fd:
de:e5:aa:c6:ea:61:ba:c5:98:8c:f1:ca:0c:8c:b1:
7b:a5:70:0f:91:3f:38:d6:9a:a0:a5:a7:7f:11:07:
61:bb:a5:b4:01:c4:f6:f5:10:a8:b7:83:75:1e:01:
02:a9:fd:db:18:97:d3:ba:8e:80:97:ab:35:eb:5d:
15:ae:7e:28:52:1b:f4:05:80:d0:26:44:82:c0:31:
a7:dd:7d:65:1e:f4:3c:32:54:0d:b9:41:05:df:c1:
ae:21:97:ec:75:99:0e:78:98:46:84:4d:3c:56:b5:
bc:55:68:76:60:82:b9:b6:1d:bd:46:19:72:f5:e8:
35:33:f9:98:4f:4b:2b:2d:c0:06:0d:1e:20:19:3b:
01:ac:2e:18:27:db:f4:24:19:da:9f:2f:55:10:b8:
8c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A3:BD:4C:61:86:CD:59:49:8D:E9:AF:24:2B:4E:5B:46:A5:3E:80
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/HaO9TGGGzVlJjemvJCtOW0alPoA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.72.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:88:e2:1f:52:14:4c:69:3c:25:f0:95:51:fd:83:9e:25:df:
f2:de:eb:31:6b:d0:bd:3b:7a:e9:56:ee:33:2d:0d:2a:f9:f9:
17:3f:d1:29:e8:82:95:3e:dd:16:a1:71:2c:fa:e0:d9:e8:d9:
31:73:89:3f:11:18:85:64:1a:96:eb:44:b0:e8:e5:40:73:ce:
0d:fe:87:a2:cc:c5:3c:1d:29:3f:40:4b:cc:e1:ff:8a:b0:4e:
aa:a5:7e:65:65:8f:cb:27:30:d4:8e:16:ec:3a:c7:33:8a:6a:
11:7c:a2:ad:4c:e4:63:4d:10:42:5a:7b:8e:23:24:04:2d:6d:
2d:54:b1:c5:57:d9:16:79:ab:db:65:e2:48:96:af:52:b1:13:
63:77:15:31:47:ac:54:0a:63:6e:f8:3e:3a:a7:41:0b:1f:b1:
af:d0:c7:2e:21:5f:89:32:67:29:d6:eb:b5:30:c3:bc:14:49:
df:84:45:78:b9:e3:51:28:3d:8e:77:c1:a4:e5:5c:52:92:a2:
4b:bb:a5:97:65:09:48:79:b9:ab:c6:ec:88:71:60:67:f6:2a:
72:33:67:63:f7:68:48:a7:41:69:ec:bb:c6:39:ff:eb:4b:8e:
85:d5:62:53:6a:f0:19:f8:c7:89:66:f0:dc:0c:93:d6:c9:62:
7c:f3:09:a0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yMjA5MTUw
MjQ5MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFEQTNCRDRDNjE4NkNE
NTk0OThERTlBRjI0MkI0RTVCNDZBNTNFODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAL+C4/0R7WU0fLav8+AO9U6iH8UINHCcz3Asaa1QOIq7rpEgb
n3UgwDC9PzuS+V0ZQSwkN/keYK9MZY1EGqgWXvQJ4jlfB0tEaQEF7OEfP2fP7362
DQ8Kn5q5EC5svi5fvYpJYnaY/d7lqsbqYbrFmIzxygyMsXulcA+RPzjWmqClp38R
B2G7pbQBxPb1EKi3g3UeAQKp/dsYl9O6joCXqzXrXRWufihSG/QFgNAmRILAMafd
fWUe9DwyVA25QQXfwa4hl+x1mQ54mEaETTxWtbxVaHZggrm2Hb1GGXL16DUz+ZhP
SystwAYNHiAZOwGsLhgn2/QkGdqfL1UQuIyvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUHaO9TGGGzVlJjemvJCtOW0alPoAwHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL0hhTzlUR0dHelZsSmplbXZKQ3RPVzBh
bFBvQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEgwDQYJ
KoZIhvcNAQELBQADggEBAKGI4h9SFExpPCXwlVH9g54l3/Le6zFr0L07eulW7jMt
DSr5+Rc/0SnogpU+3RahcSz64Nno2TFziT8RGIVkGpbrRLDo5UBzzg3+h6LMxTwd
KT9AS8zh/4qwTqqlfmVlj8snMNSOFuw6xzOKahF8oq1M5GNNEEJae44jJAQtbS1U
scVX2RZ5q9tl4kiWr1KxE2N3FTFHrFQKY274PjqnQQsfsa/Qxy4hX4kyZynW67Uw
w7wUSd+ERXi541EoPY53waTlXFKSoku7pZdlCUh5uavG7IhxYGf2KnIzZ2P3aEin
QWnsu8Y5/+tLjoXVYlNq8Bn4x4lm8NwMk9bJYnzzCaA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org