Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-4HN2jmJGw0K7ZX8ncTwPHW_2sA.roa
File: -4HN2jmJGw0K7ZX8ncTwPHW_2sA.roa (raw, json)
Hash identifier: rT9OYj8jjYkpGEtqTcBMf2AnAhh/egfB7gvAal11/U4=
Subject key identifier: FB:81:CD:DA:39:89:1B:0D:0A:ED:95:FC:9D:C4:F0:3C:75:BF:DA:C0
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0FC2
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-4HN2jmJGw0K7ZX8ncTwPHW_2sA.roa
Signing time: Fri 01 Sep 2023 09:37:14 +0000
ROA not before: Fri 01 Sep 2023 09:37:14 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9924
IP address blocks: 60.199.110.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4034 (0xfc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 1 09:37:14 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=FB81CDDA39891B0D0AED95FC9DC4F03C75BFDAC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1f:f5:b3:4c:9d:3a:d8:ce:f4:b3:8b:5f:99:
84:60:91:f2:24:6f:92:9a:2e:d5:ee:66:56:43:df:
72:3c:26:65:15:af:8f:83:2a:dd:2c:44:8a:c6:93:
50:1b:36:53:ae:40:df:9a:c4:b1:3f:01:4b:86:ec:
80:f7:44:93:a4:5d:8e:f0:5f:06:11:55:80:35:52:
cc:e0:c8:f2:4d:30:12:4b:95:f9:a3:6d:c4:9f:20:
1d:47:68:12:3a:37:4c:0c:10:6e:59:34:2d:7b:9b:
33:b6:d9:91:4f:bc:d2:b3:94:7e:da:34:ab:c7:eb:
2b:2b:54:94:4b:ad:33:43:1a:99:28:9c:b1:2a:3e:
dd:f5:6b:c6:a3:46:93:9b:a2:2d:27:4b:87:59:24:
8e:a5:ff:24:d9:e5:aa:b4:28:f1:d3:85:7c:19:7f:
21:b7:9e:6c:91:0a:00:b9:7c:fb:25:98:1a:2c:77:
96:74:be:4b:21:d6:da:00:76:a0:e6:53:a2:20:34:
1e:11:3e:8d:56:62:cb:51:12:e5:b9:c6:a6:97:94:
92:bd:70:54:8b:73:f8:85:67:32:92:d0:e4:47:b3:
10:50:34:23:3a:d1:7b:f2:85:a3:e0:29:03:89:f5:
bb:81:d2:eb:a1:ec:40:cb:f8:a1:fc:97:49:2d:f6:
3a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:81:CD:DA:39:89:1B:0D:0A:ED:95:FC:9D:C4:F0:3C:75:BF:DA:C0
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-4HN2jmJGw0K7ZX8ncTwPHW_2sA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.199.110.0/24
Signature Algorithm: sha256WithRSAEncryption
91:59:ae:bd:d7:71:95:69:c4:f2:d7:15:0f:cc:67:80:5a:cf:
25:fd:00:00:03:08:3c:c8:ef:f5:81:f7:40:88:96:6c:9f:42:
48:58:ee:03:c1:58:25:0e:d7:c1:ba:35:d1:b4:15:a5:25:c8:
91:92:31:a8:bd:2a:6b:dc:99:74:59:94:17:d8:0d:36:50:0d:
8c:85:03:b2:e7:10:fc:1a:1f:e1:f0:9e:17:41:82:95:6e:30:
ce:c7:6b:fc:31:05:02:1b:40:38:b1:5e:60:52:65:1b:63:25:
47:3f:cb:45:83:30:20:e4:5b:32:16:10:81:cf:47:ed:af:cd:
9e:3c:f4:71:56:50:55:f2:78:b7:13:7a:0c:fb:02:bf:d2:57:
15:97:98:09:62:2a:8a:d5:17:dc:e2:e5:5b:6d:03:34:d2:b6:
2b:4f:18:5b:4a:a3:3e:0c:07:f5:c2:c7:6d:88:85:d0:cc:8a:
0d:cf:19:ab:41:cd:a3:86:63:6e:4a:38:4e:a7:7b:2c:6f:8a:
8c:70:5d:50:c3:a8:43:f4:63:5d:1a:e3:29:14:00:ec:c0:fd:
6d:3b:7d:19:49:5e:f4:ce:87:53:56:14:77:f8:e0:1c:e3:78:
89:fc:d8:d5:f2:a5:b0:e5:2d:22:87:27:f7:c2:6c:de:fb:a5:
6d:7f:d0:91
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM3MTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEZCODFDRERBMzk4OTFC
MEQwQUVEOTVGQzlEQzRGMDNDNzVCRkRBQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsH/WzTJ062M70s4tfmYRgkfIkb5KaLtXuZlZD33I8JmUVr4+D
Kt0sRIrGk1AbNlOuQN+axLE/AUuG7ID3RJOkXY7wXwYRVYA1UszgyPJNMBJLlfmj
bcSfIB1HaBI6N0wMEG5ZNC17mzO22ZFPvNKzlH7aNKvH6ysrVJRLrTNDGpkonLEq
Pt31a8ajRpOboi0nS4dZJI6l/yTZ5aq0KPHThXwZfyG3nmyRCgC5fPslmBosd5Z0
vksh1toAdqDmU6IgNB4RPo1WYstREuW5xqaXlJK9cFSLc/iFZzKS0ORHsxBQNCM6
0XvyhaPgKQOJ9buB0uuh7EDL+KH8l0kt9jr9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+4HN2jmJGw0K7ZX8ncTwPHW/2sAwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvLTRITjJqbUpHdzBLN1pY
OG5jVHdQSFdfMnNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzHbjANBgkqhkiG9w0BAQsFAAOCAQEAkVmuvddxlWnE8tcVD8xngFrPJf0AAAMI
PMjv9YH3QIiWbJ9CSFjuA8FYJQ7Xwbo10bQVpSXIkZIxqL0qa9yZdFmUF9gNNlAN
jIUDsucQ/Bof4fCeF0GClW4wzsdr/DEFAhtAOLFeYFJlG2MlRz/LRYMwIORbMhYQ
gc9H7a/Nnjz0cVZQVfJ4txN6DPsCv9JXFZeYCWIqitUX3OLlW20DNNK2K08YW0qj
PgwH9cLHbYiF0MyKDc8Zq0HNo4Zjbko4Tqd7LG+KjHBdUMOoQ/RjXRrjKRQA7MD9
bTt9GUle9M6HU1YUd/jgHON4ifzY1fKlsOUtIocn98Js3vulbX/QkQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:49 2025 by rpki-client