Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/U5bvzjh-NpGRzGFLAN1HO3zhOYI.roa
File: U5bvzjh-NpGRzGFLAN1HO3zhOYI.roa (raw, json)
Hash identifier: UG+J7EuGa0DrK0fbIbHMThKsfyBlBH0YWavz/MKu1nU=
Subject key identifier: 53:96:EF:CE:38:7E:36:91:91:CC:61:4B:00:DD:47:3B:7C:E1:39:82
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 0670
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/U5bvzjh-NpGRzGFLAN1HO3zhOYI.roa
Signing time: Thu 15 Sep 2022 02:49:34 +0000
ROA not before: Thu 15 Sep 2022 02:49:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38042
IP address blocks: 103.148.72.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1648 (0x670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Sep 15 02:49:34 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5396EFCE387E369191CC614B00DD473B7CE13982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b2:fb:8a:cb:77:0a:78:ad:13:2d:79:ea:60:
fa:9c:b3:ea:47:a1:bc:5d:ee:b1:82:cb:13:34:80:
30:72:5e:03:08:57:9d:af:b0:ef:5e:48:93:8e:1c:
33:5e:38:95:08:5e:f3:64:5e:ba:ed:0c:55:3f:78:
ae:fe:23:fa:de:3c:05:e4:e2:30:ea:88:db:a1:0d:
da:3c:c3:af:0c:5e:84:1b:e0:05:af:7e:18:c9:d9:
f1:26:6f:f1:64:7c:4e:14:df:f0:4f:1a:e4:73:e5:
df:38:a9:de:52:8a:ff:8c:3c:e6:25:0f:f3:1f:ed:
67:d7:35:d0:b4:54:0d:25:2c:0c:e9:0d:54:f3:49:
51:2e:36:2a:6c:32:e9:f9:e2:9b:a8:36:79:6b:bc:
41:d2:dc:60:65:1e:2c:9e:34:1e:67:a7:ea:b7:64:
37:98:eb:54:d9:c5:7d:87:f4:69:98:87:77:af:11:
7a:0f:62:76:94:00:d7:6f:d5:a3:9f:27:8d:c3:4c:
66:4d:1f:93:1c:b3:92:f0:2a:40:75:25:9a:c1:17:
2a:8a:c4:cf:67:b5:1f:fe:51:59:ac:2f:62:33:5e:
42:55:92:0f:77:83:de:ed:15:0f:28:41:db:6c:87:
29:6d:6f:9b:48:27:44:8c:55:ba:07:be:3a:a9:b5:
21:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:96:EF:CE:38:7E:36:91:91:CC:61:4B:00:DD:47:3B:7C:E1:39:82
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/U5bvzjh-NpGRzGFLAN1HO3zhOYI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.72.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:9e:7c:19:dc:24:ac:c6:85:ab:e2:1a:6c:2d:d9:b3:72:d1:
d6:cf:a6:52:16:e7:0f:0a:c3:0f:ce:09:b4:0b:47:f3:47:f9:
54:e6:a9:9c:6c:c1:e8:8c:22:92:60:a3:b7:23:8a:a2:58:98:
86:90:f1:5b:bc:fc:b6:3c:3c:45:3b:64:d9:8c:24:3d:01:de:
16:4e:bd:b4:99:b9:7f:a6:65:bd:21:13:e3:2a:20:44:41:e0:
de:45:31:b5:e9:16:0c:6e:96:ce:8f:46:d7:1b:70:c3:75:dc:
eb:f5:48:e6:98:f7:5a:e4:30:f9:74:21:ca:91:c3:a2:98:d5:
ac:ea:4b:59:d0:36:91:d1:22:f6:99:6f:49:a9:0d:2b:1f:5f:
82:e4:7b:fb:54:75:29:5b:36:2b:3b:f1:a8:6a:52:16:b0:ea:
87:41:05:02:d5:1a:ab:a8:99:4b:40:af:eb:2f:1c:3a:c7:da:
a3:04:ed:40:a6:2a:4b:3b:c5:bc:8d:25:c9:a8:0e:6e:ce:16:
e9:0b:43:d7:5e:67:ae:28:ba:1d:c9:8b:69:07:e6:98:cb:76:
96:44:a9:f9:a2:ac:9c:67:48:fa:23:34:56:87:64:31:c0:d7:
47:3f:4d:9f:8a:4d:c4:a3:8a:94:b0:cf:ad:85:63:4e:e6:a7:
c1:56:a9:e0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yMjA5MTUw
MjQ5MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDUzOTZFRkNFMzg3RTM2
OTE5MUNDNjE0QjAwREQ0NzNCN0NFMTM5ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfsvuKy3cKeK0TLXnqYPqcs+pHobxd7rGCyxM0gDByXgMIV52v
sO9eSJOOHDNeOJUIXvNkXrrtDFU/eK7+I/rePAXk4jDqiNuhDdo8w68MXoQb4AWv
fhjJ2fEmb/FkfE4U3/BPGuRz5d84qd5Siv+MPOYlD/Mf7WfXNdC0VA0lLAzpDVTz
SVEuNipsMun54puoNnlrvEHS3GBlHiyeNB5np+q3ZDeY61TZxX2H9GmYh3evEXoP
YnaUANdv1aOfJ43DTGZNH5Mcs5LwKkB1JZrBFyqKxM9ntR/+UVmsL2IzXkJVkg93
g97tFQ8oQdtshyltb5tIJ0SMVboHvjqptSHpAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUU5bvzjh+NpGRzGFLAN1HO3zhOYIwHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL1U1YnZ6amgtTnBHUnpHRkxBTjFITzN6
aE9ZSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEgwDQYJ
KoZIhvcNAQELBQADggEBAHyefBncJKzGhaviGmwt2bNy0dbPplIW5w8Kww/OCbQL
R/NH+VTmqZxsweiMIpJgo7cjiqJYmIaQ8Vu8/LY8PEU7ZNmMJD0B3hZOvbSZuX+m
Zb0hE+MqIERB4N5FMbXpFgxuls6PRtcbcMN13Ov1SOaY91rkMPl0IcqRw6KY1azq
S1nQNpHRIvaZb0mpDSsfX4Lke/tUdSlbNis78ahqUhaw6odBBQLVGquomUtAr+sv
HDrH2qME7UCmKks7xbyNJcmoDm7OFukLQ9deZ64ouh3Ji2kH5pjLdpZEqfmirJxn
SPojNFaHZDHA10c/TZ+KTcSjipSwz62FY07mp8FWqeA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org