Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/bkeZMAFvab_EcDIvia5n5W0XV-s.roa
File: bkeZMAFvab_EcDIvia5n5W0XV-s.roa (raw, json)
Hash identifier: pe80+1c4q02RevYp0REFt3U5te6h0fiOEGuO5G9lNJ4=
Subject key identifier: 6E:47:99:30:01:6F:69:BF:C4:70:32:2F:89:AE:67:E5:6D:17:57:EB
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 0401
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/bkeZMAFvab_EcDIvia5n5W0XV-s.roa
Signing time: Tue 20 Oct 2020 04:11:05 +0000
ROA not before: Tue 20 Oct 2020 04:11:05 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 64271
IP address blocks: 103.148.72.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1025 (0x401)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Oct 20 04:11:05 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=6E479930016F69BFC470322F89AE67E56D1757EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:25:bb:f2:e6:91:bd:c8:72:9d:17:fb:08:6d:
b7:a5:4f:df:a4:7f:d6:9a:b5:3e:b3:ea:9d:81:84:
fe:51:29:1a:3e:bb:f8:8b:99:0b:b4:ac:91:ed:66:
57:11:d1:6e:3e:6d:42:36:8c:c3:43:6c:eb:1f:81:
ff:8d:b3:53:b3:e6:7c:9a:05:f6:0f:f3:5a:c9:14:
f4:ce:96:75:21:7d:c6:15:d9:6f:28:77:f0:00:fd:
a3:e5:51:f1:91:f0:02:dc:c6:4e:89:70:0a:ef:89:
91:94:2c:3c:c0:6a:7c:b2:5e:59:05:dd:13:57:0b:
ea:9c:92:12:4a:d3:f9:ec:39:cd:c6:57:1f:9d:32:
f9:6e:ee:02:83:0e:41:64:f4:4f:90:14:53:b1:a1:
a8:83:42:4d:44:2a:e9:f6:51:a4:5b:a3:41:88:b6:
12:36:ec:dc:81:0b:d2:29:25:ab:a0:03:07:4a:b0:
2e:17:a5:b4:d0:4e:17:ed:fd:0f:26:23:a5:a5:de:
3e:d0:f5:af:af:f3:59:f8:5f:9a:1b:0f:38:23:de:
c3:26:cc:d0:7f:53:fc:11:7c:90:37:36:e5:b5:64:
86:4c:94:eb:36:c6:89:3e:d3:2b:0c:5c:cb:bb:b1:
00:8b:c8:ba:0e:ce:da:0d:d4:0f:30:62:19:bf:95:
3f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:47:99:30:01:6F:69:BF:C4:70:32:2F:89:AE:67:E5:6D:17:57:EB
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/bkeZMAFvab_EcDIvia5n5W0XV-s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.72.0/23
Signature Algorithm: sha256WithRSAEncryption
c1:72:08:60:a4:20:5a:3f:5c:cb:6e:43:83:be:96:af:fd:36:
1a:23:49:87:b6:4e:68:a2:e9:34:e7:50:a6:0d:e0:97:39:29:
ac:aa:0a:14:27:5f:3d:8d:68:4e:2f:15:cb:dc:7f:bb:d0:da:
f8:2e:73:50:32:2c:60:4b:45:8d:63:7e:67:f7:b4:4a:69:8b:
da:d3:8e:38:78:c4:07:81:6c:bc:29:90:0b:9c:18:2f:59:d4:
42:38:e8:c6:c6:32:04:98:79:04:27:5b:b7:9d:5b:52:c4:d0:
66:0b:70:49:d8:a3:71:de:40:4b:27:a1:a7:51:36:9e:aa:c4:
45:a5:1f:ee:41:c1:2d:c2:03:15:1d:e0:80:b7:5e:67:04:a8:
a1:94:9e:31:14:1a:8c:93:ef:77:d8:d3:73:1b:45:ea:fc:44:
93:4a:fe:20:2f:1c:12:4c:e6:53:43:71:d2:18:3f:40:c7:60:
e0:ae:4a:93:8b:00:8b:f2:ca:1e:0e:73:a6:3d:2d:5d:9e:b8:
2d:4f:a1:4e:3d:cd:3e:5b:f8:76:bb:f6:27:b4:c5:79:28:08:
02:e2:1a:b7:1b:59:aa:c2:86:5a:46:07:e4:5f:6f:83:70:ba:
f4:51:0a:af:34:ae:4d:a0:96:f9:a5:3d:33:76:3c:85:0e:26:
af:1c:6a:a7
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yMDEwMjAw
NDExMDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZFNDc5OTMwMDE2RjY5
QkZDNDcwMzIyRjg5QUU2N0U1NkQxNzU3RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuJbvy5pG9yHKdF/sIbbelT9+kf9aatT6z6p2BhP5RKRo+u/iL
mQu0rJHtZlcR0W4+bUI2jMNDbOsfgf+Ns1Oz5nyaBfYP81rJFPTOlnUhfcYV2W8o
d/AA/aPlUfGR8ALcxk6JcArviZGULDzAanyyXlkF3RNXC+qckhJK0/nsOc3GVx+d
Mvlu7gKDDkFk9E+QFFOxoaiDQk1EKun2UaRbo0GIthI27NyBC9IpJaugAwdKsC4X
pbTQThft/Q8mI6Wl3j7Q9a+v81n4X5obDzgj3sMmzNB/U/wRfJA3NuW1ZIZMlOs2
xok+0ysMXMu7sQCLyLoOztoN1A8wYhm/lT+rAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUbkeZMAFvab/EcDIvia5n5W0XV+swHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL2JrZVpNQUZ2YWJfRWNESXZpYTVuNVcw
WFYtcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEgwDQYJ
KoZIhvcNAQELBQADggEBAMFyCGCkIFo/XMtuQ4O+lq/9NhojSYe2Tmii6TTnUKYN
4Jc5KayqChQnXz2NaE4vFcvcf7vQ2vguc1AyLGBLRY1jfmf3tEppi9rTjjh4xAeB
bLwpkAucGC9Z1EI46MbGMgSYeQQnW7edW1LE0GYLcEnYo3HeQEsnoadRNp6qxEWl
H+5BwS3CAxUd4IC3XmcEqKGUnjEUGoyT73fY03MbRer8RJNK/iAvHBJM5lNDcdIY
P0DHYOCuSpOLAIvyyh4Oc6Y9LV2euC1PoU49zT5b+Ha79ie0xXkoCALiGrcbWarC
hlpGB+Rfb4NwuvRRCq80rk2glvmlPTN2PIUOJq8caqc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org