Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ChZdK0h7tqWhBnA5Dr5ZOaM6Ngg.roa
File: ChZdK0h7tqWhBnA5Dr5ZOaM6Ngg.roa (raw, json)
Hash identifier: oJIP+OHzmbPRYqm/a7lPSmJK/kY8WSRYMh0jEMCqTfM=
Subject key identifier: 0A:16:5D:2B:48:7B:B6:A5:A1:06:70:39:0E:BE:59:39:A3:3A:36:08
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0AA0
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ChZdK0h7tqWhBnA5Dr5ZOaM6Ngg.roa
Signing time: Sun 07 Feb 2021 11:36:47 +0000
ROA not before: Sun 07 Feb 2021 11:36:47 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 210.192.0.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2720 (0xaa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 7 11:36:47 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=0A165D2B487BB6A5A10670390EBE5939A33A3608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:88:56:3a:62:96:f8:02:aa:95:60:d7:6d:da:
d5:5f:61:06:99:dc:2f:8d:53:c1:e5:2b:1d:bd:46:
db:29:c9:71:03:fc:ed:fe:8f:f7:3b:4f:e9:8c:52:
33:c9:07:84:ee:28:15:2f:01:36:ae:7a:1b:5d:3e:
1b:bf:09:54:35:be:eb:c1:36:34:d7:61:98:eb:ad:
c9:7f:c2:d9:13:33:16:f6:3d:75:7c:e5:d4:e3:01:
31:38:a9:a4:3c:f4:68:21:e5:29:64:03:9b:41:fa:
ce:89:ec:8c:43:fc:95:10:7e:07:c5:dd:25:98:f3:
f9:b1:3c:ee:09:2e:a1:71:f1:12:70:da:fc:45:77:
d8:87:7c:44:f6:02:e3:c6:ad:6b:b8:33:52:44:c0:
67:94:3f:aa:11:f9:d4:c3:23:5b:80:7a:3f:6b:dc:
2b:f1:7e:85:39:a5:bf:0d:79:90:25:bb:de:7d:bc:
32:dd:9b:5e:ba:a2:09:1f:82:12:19:29:e9:e8:56:
02:a2:d6:a1:e4:5b:5b:36:ed:79:94:83:66:04:13:
e0:bb:10:22:79:0d:53:e3:72:98:2e:90:6f:82:f1:
cf:2e:a0:5d:05:94:05:1d:20:c8:fd:8c:12:7f:00:
a4:58:e6:e7:33:b7:27:68:56:a0:68:b4:47:7d:88:
5b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:16:5D:2B:48:7B:B6:A5:A1:06:70:39:0E:BE:59:39:A3:3A:36:08
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ChZdK0h7tqWhBnA5Dr5ZOaM6Ngg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.192.0.0/18
Signature Algorithm: sha256WithRSAEncryption
31:b4:91:7c:58:18:35:2d:48:75:02:0e:e4:82:6e:de:0e:78:
87:bf:40:f4:c6:a2:95:89:38:66:b6:58:a7:4e:a2:84:7b:6c:
7e:8c:e5:29:db:a2:80:b0:0e:e9:b9:87:15:ef:eb:dd:9a:42:
dc:24:54:3e:47:6e:5b:d4:4f:c9:2c:97:cf:68:ee:10:d2:d0:
f4:02:29:83:cf:40:7f:84:ad:31:e2:79:65:2c:62:25:03:21:
a2:4b:d2:fb:97:65:cd:95:15:55:40:ed:95:67:25:cd:a0:87:
2b:af:b7:da:9e:e5:e3:59:2b:4f:29:05:3b:10:3d:7a:cf:9a:
87:c4:a5:1b:7f:22:c8:a5:2d:28:d0:46:dc:70:99:21:b2:e9:
f4:bb:7b:88:32:a8:14:ff:a7:82:23:90:76:e8:44:36:85:8b:
39:b8:1d:14:a8:eb:70:5f:73:00:80:7a:37:e6:9e:20:d9:a9:
2a:dd:14:86:b0:32:71:e5:94:72:b2:c9:41:7a:cf:e6:d9:7b:
be:3e:7b:d9:fc:7c:4e:89:63:ec:42:95:2e:c2:f3:34:12:68:
0a:80:33:f0:30:6e:ac:9b:be:28:a8:89:a2:1c:71:3e:61:e9:
e0:5a:51:f0:66:a9:59:9e:52:54:53:9d:df:cc:a3:49:95:a0:
06:5f:a9:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCqAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MTM2NDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBBMTY1RDJCNDg3QkI2
QTVBMTA2NzAzOTBFQkU1OTM5QTMzQTM2MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCniFY6Ypb4AqqVYNdt2tVfYQaZ3C+NU8HlKx29RtspyXED/O3+
j/c7T+mMUjPJB4TuKBUvATauehtdPhu/CVQ1vuvBNjTXYZjrrcl/wtkTMxb2PXV8
5dTjATE4qaQ89Ggh5SlkA5tB+s6J7IxD/JUQfgfF3SWY8/mxPO4JLqFx8RJw2vxF
d9iHfET2AuPGrWu4M1JEwGeUP6oR+dTDI1uAej9r3CvxfoU5pb8NeZAlu959vDLd
m166ogkfghIZKenoVgKi1qHkW1s27XmUg2YEE+C7ECJ5DVPjcpgukG+C8c8uoF0F
lAUdIMj9jBJ/AKRY5ucztydoVqBotEd9iFu/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUChZdK0h7tqWhBnA5Dr5ZOaM6NggwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvQ2haZEswaDd0cVdoQm5B
NURyNVpPYU02TmdnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BtLAADANBgkqhkiG9w0BAQsFAAOCAQEAMbSRfFgYNS1IdQIO5IJu3g54h79A9Mai
lYk4ZrZYp06ihHtsfozlKduigLAO6bmHFe/r3ZpC3CRUPkduW9RPySyXz2juENLQ
9AIpg89Af4StMeJ5ZSxiJQMhokvS+5dlzZUVVUDtlWclzaCHK6+32p7l41krTykF
OxA9es+ah8SlG38iyKUtKNBG3HCZIbLp9Lt7iDKoFP+ngiOQduhENoWLObgdFKjr
cF9zAIB6N+aeINmpKt0UhrAyceWUcrLJQXrP5tl7vj572fx8Tolj7EKVLsLzNBJo
CoAz8DBurJu+KKiJohxxPmHp4FpR8GapWZ5SVFOd38yjSZWgBl+p9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org