Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PQS/XTfA8dlSu44Jj7DAzEfD3t7LnvY.roa
File: XTfA8dlSu44Jj7DAzEfD3t7LnvY.roa (raw, json)
Hash identifier: uj34mitGriCtLES7w9+wwLutq9YBgiG0gosEW7a1wVQ=
Subject key identifier: 5D:37:C0:F1:D9:52:BB:8E:09:8F:B0:C0:CC:47:C3:DE:DE:CB:9E:F6
Certificate issuer: /CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Certificate serial: 0D56
Authority key identifier: C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/XTfA8dlSu44Jj7DAzEfD3t7LnvY.roa
Signing time: Thu 15 Sep 2022 02:38:06 +0000
ROA not before: Thu 15 Sep 2022 02:38:06 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 64271
IP address blocks: 103.137.62.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3414 (0xd56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Validity
Not Before: Sep 15 02:38:06 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5D37C0F1D952BB8E098FB0C0CC47C3DEDECB9EF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:60:94:23:a0:fc:9a:9e:7c:28:89:0a:e0:15:
07:c6:e2:9a:bc:e4:82:95:b6:31:04:79:2d:9e:1a:
09:8f:14:88:74:e3:1c:9d:77:6a:a5:81:ce:d4:09:
3d:54:df:1e:5f:31:d3:f0:d5:ef:f7:1a:aa:d9:35:
d6:20:1b:c0:b3:0c:7a:18:87:31:c9:be:ca:2b:bf:
af:06:b5:6a:14:19:8f:c6:08:5a:5d:9c:7b:71:6a:
e7:94:a8:78:a7:37:c6:de:ac:8a:b8:dd:2e:aa:9f:
32:77:de:82:9d:23:b6:85:95:90:32:d5:b8:77:37:
f6:ce:56:84:9e:aa:d1:19:d0:b5:23:ec:1e:60:27:
3b:e5:3b:3a:d9:0c:b3:9e:6a:52:ba:8e:b8:90:04:
1d:03:0b:1a:8f:9e:0c:69:4e:45:2e:62:c8:63:20:
17:62:56:16:53:75:90:97:50:af:9c:34:b6:b7:df:
de:77:c1:97:9c:cc:24:80:21:83:8a:0f:ae:84:6a:
7c:dd:87:03:fe:ed:bd:a5:ab:54:47:cc:44:7e:e1:
84:c1:4a:57:a4:d4:46:e5:5f:b2:0e:78:e1:0c:c5:
c4:33:c9:07:1f:51:f3:72:69:4f:0e:39:66:f3:2d:
bb:f6:4c:02:0e:95:54:9e:9c:24:ad:25:6d:ec:b1:
67:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:37:C0:F1:D9:52:BB:8E:09:8F:B0:C0:CC:47:C3:DE:DE:CB:9E:F6
X509v3 Authority Key Identifier:
keyid:C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/wU-s_UXCwCdo6CcvT7g_su2vdDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/XTfA8dlSu44Jj7DAzEfD3t7LnvY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.62.0/23
Signature Algorithm: sha256WithRSAEncryption
43:43:1c:f4:4b:db:47:fd:a4:3c:d1:1d:44:2a:84:09:07:69:
c8:cc:5f:ac:cc:ff:a8:82:bb:03:5d:df:f8:ce:df:06:73:e0:
4b:d7:3d:11:ee:95:f0:70:e6:57:ee:55:89:21:9b:25:2c:06:
ab:df:18:16:28:62:81:7f:87:e4:0b:31:9d:cc:51:d3:a1:60:
18:7c:80:90:74:09:6e:fc:11:3f:1e:47:05:86:97:4c:ac:72:
1e:94:40:0f:8e:97:92:2d:7b:aa:b3:a4:4c:35:e5:b0:3c:91:
e8:b4:f7:bc:d4:30:2c:2b:b8:b4:ec:9b:7e:05:c2:0e:63:c5:
54:c0:8e:f1:04:c2:92:89:44:96:19:3f:b4:d2:5f:c4:6e:73:
f2:6e:ed:ab:99:62:21:a2:be:f6:7d:1e:2d:6f:2b:c8:62:f7:
16:69:ca:ed:cc:4f:cd:6d:48:1a:83:a8:e9:70:bd:f4:b3:2b:
16:31:4e:13:e6:ec:af:c3:d2:a2:7a:72:a3:dd:a8:80:b1:6a:
94:5c:05:d5:35:40:16:88:54:3c:af:9a:ea:80:2e:4f:53:5b:
0e:a2:9d:cb:d7:1a:bb:1d:e1:3c:02:da:2e:b1:7c:4d:2a:c1:
04:81:1e:97:69:d0:49:76:84:74:3c:a4:3a:f2:90:12:6b:ae:
02:ff:08:9e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzE0
RkFDRkQ0NUMyQzAyNzY4RTgyNzJGNEZCODNGQjJFREFGNzQzOTAeFw0yMjA5MTUw
MjM4MDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVEMzdDMEYxRDk1MkJC
OEUwOThGQjBDMENDNDdDM0RFREVDQjlFRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxYJQjoPyannwoiQrgFQfG4pq85IKVtjEEeS2eGgmPFIh04xyd
d2qlgc7UCT1U3x5fMdPw1e/3GqrZNdYgG8CzDHoYhzHJvsorv68GtWoUGY/GCFpd
nHtxaueUqHinN8berIq43S6qnzJ33oKdI7aFlZAy1bh3N/bOVoSeqtEZ0LUj7B5g
JzvlOzrZDLOealK6jriQBB0DCxqPngxpTkUuYshjIBdiVhZTdZCXUK+cNLa33953
wZeczCSAIYOKD66EanzdhwP+7b2lq1RHzER+4YTBSlek1EblX7IOeOEMxcQzyQcf
UfNyaU8OOWbzLbv2TAIOlVSenCStJW3ssWfXAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUXTfA8dlSu44Jj7DAzEfD3t7LnvYwHwYDVR0jBBgwFoAUwU+s/UXCwCdo6Ccv
T7g/su2vdDkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL3dV
LXNfVVhDd0NkbzZDY3ZUN2dfc3UydmREay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
d1Utc19VWEN3Q2RvNkNjdlQ3Z19zdTJ2ZERrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL1hUZkE4ZGxTdTQ0Smo3REF6RWZEM3Q3
TG52WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFniT4wDQYJ
KoZIhvcNAQELBQADggEBAENDHPRL20f9pDzRHUQqhAkHacjMX6zM/6iCuwNd3/jO
3wZz4EvXPRHulfBw5lfuVYkhmyUsBqvfGBYoYoF/h+QLMZ3MUdOhYBh8gJB0CW78
ET8eRwWGl0ysch6UQA+Ol5Ite6qzpEw15bA8kei097zUMCwruLTsm34Fwg5jxVTA
jvEEwpKJRJYZP7TSX8Ruc/Ju7auZYiGivvZ9Hi1vK8hi9xZpyu3MT81tSBqDqOlw
vfSzKxYxThPm7K/D0qJ6cqPdqICxapRcBdU1QBaIVDyvmuqALk9TWw6incvXGrsd
4TwC2i6xfE0qwQSBHpdp0El2hHQ8pDrykBJrrgL/CJ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org