Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Kiz6RRuE2atYanuST8UtYzbbSgQ.roa
File: Kiz6RRuE2atYanuST8UtYzbbSgQ.roa (raw, json)
Hash identifier: ghkjgfeolWBrx9ktW2MA2+UGZYSW50WJRe00o/b4oc4=
Subject key identifier: 2A:2C:FA:45:1B:84:D9:AB:58:6A:7B:92:4F:C5:2D:63:36:DB:4A:04
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Kiz6RRuE2atYanuST8UtYzbbSgQ.roa
Signing time: Thu 15 Sep 2022 02:47:33 +0000
ROA not before: Thu 15 Sep 2022 02:47:33 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9924
IP address blocks: 203.77.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3529 (0xdc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 15 02:47:33 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2A2CFA451B84D9AB586A7B924FC52D6336DB4A04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cf:44:eb:6d:56:24:91:7e:c8:41:a9:b1:1d:
b5:07:c7:e4:88:7f:66:30:51:19:8e:91:ae:36:87:
75:06:7b:5c:af:1c:76:7f:19:04:37:30:db:f0:56:
04:63:af:34:92:7b:2a:56:18:e6:ce:a0:27:27:4a:
49:d6:37:70:54:1d:47:61:5d:3a:d5:be:7f:31:2c:
1e:6b:32:62:3a:66:f2:01:31:81:72:23:fc:7f:4f:
9e:58:c4:98:f5:4f:df:d3:40:53:e3:58:5b:47:6d:
f2:33:ec:9d:9d:5c:e6:03:bb:fb:0a:9a:b3:b7:cc:
c4:4c:34:4b:30:f0:81:13:6a:87:95:d7:85:86:05:
4d:b0:15:01:83:e4:6e:17:8f:7f:0b:e8:a6:40:90:
b5:fe:f2:4d:5f:4c:6c:1d:b8:b8:c2:1a:db:46:17:
9f:be:12:a1:86:de:41:50:45:57:4c:93:8d:02:70:
c3:aa:eb:52:3f:eb:23:26:78:ac:d1:7c:68:bf:71:
ef:a5:42:58:56:dc:c2:06:e0:33:8c:f5:60:04:66:
56:ab:44:4a:ed:80:75:22:aa:bc:30:4c:1a:cc:52:
90:b1:69:56:fe:42:4f:9a:35:86:de:00:18:34:d1:
fa:e9:64:44:f1:ab:41:1e:0e:b5:77:76:c4:45:31:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2C:FA:45:1B:84:D9:AB:58:6A:7B:92:4F:C5:2D:63:36:DB:4A:04
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Kiz6RRuE2atYanuST8UtYzbbSgQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.77.64.0/18
Signature Algorithm: sha256WithRSAEncryption
98:f9:e2:68:97:d4:5f:1e:ee:68:d0:85:6e:f3:db:bf:dc:50:
24:bb:c5:7d:c9:7f:6a:e5:09:3e:1b:3f:b7:32:98:71:d5:72:
a9:67:95:1d:69:e1:ce:33:4d:81:c5:d7:40:a3:63:35:93:ba:
99:0c:0b:08:69:b4:58:a3:20:07:9d:08:24:f5:84:80:43:0f:
7a:a5:6a:bb:ab:69:04:6f:e0:70:2b:d7:ae:6f:c6:ea:91:a2:
95:e9:2c:f0:be:65:65:50:50:1b:62:10:e4:1e:05:0f:7d:9e:
c9:71:1d:18:5b:5e:5b:07:19:f0:8b:3f:e3:6e:fd:3a:0f:a5:
00:44:4b:aa:32:95:a6:66:e1:7d:6b:80:bc:0d:2a:bc:44:31:
f0:46:58:a2:38:07:27:fe:5b:5d:a3:14:4a:19:5a:d5:00:e7:
63:71:68:62:53:3d:91:fb:78:ac:01:b2:45:25:de:48:ca:85:
66:91:14:c5:ad:da:83:92:4c:2b:5c:af:b9:5c:12:22:cb:1c:
26:e4:4f:14:23:2c:7d:92:f7:d6:76:2f:1b:e0:db:a2:86:f4:
ef:13:f4:82:af:bc:5e:34:52:77:ee:94:1d:92:b5:07:ce:37:
4e:63:af:9f:56:2f:72:b2:51:cd:fb:05:b7:98:74:81:f7:63:
9c:3a:0f:9d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MzNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJBMkNGQTQ1MUI4NEQ5
QUI1ODZBN0I5MjRGQzUyRDYzMzZEQjRBMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCz0TrbVYkkX7IQamxHbUHx+SIf2YwURmOka42h3UGe1yvHHZ/
GQQ3MNvwVgRjrzSSeypWGObOoCcnSknWN3BUHUdhXTrVvn8xLB5rMmI6ZvIBMYFy
I/x/T55YxJj1T9/TQFPjWFtHbfIz7J2dXOYDu/sKmrO3zMRMNEsw8IETaoeV14WG
BU2wFQGD5G4Xj38L6KZAkLX+8k1fTGwduLjCGttGF5++EqGG3kFQRVdMk40CcMOq
61I/6yMmeKzRfGi/ce+lQlhW3MIG4DOM9WAEZlarRErtgHUiqrwwTBrMUpCxaVb+
Qk+aNYbeABg00frpZETxq0EeDrV3dsRFMfaNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKiz6RRuE2atYanuST8UtYzbbSgQwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvS2l6NlJSdUUyYXRZYW51
U1Q4VXRZemJiU2dRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BstNQDANBgkqhkiG9w0BAQsFAAOCAQEAmPniaJfUXx7uaNCFbvPbv9xQJLvFfcl/
auUJPhs/tzKYcdVyqWeVHWnhzjNNgcXXQKNjNZO6mQwLCGm0WKMgB50IJPWEgEMP
eqVqu6tpBG/gcCvXrm/G6pGileks8L5lZVBQG2IQ5B4FD32eyXEdGFteWwcZ8Is/
4279Og+lAERLqjKVpmbhfWuAvA0qvEQx8EZYojgHJ/5bXaMUShla1QDnY3FoYlM9
kft4rAGyRSXeSMqFZpEUxa3ag5JMK1yvuVwSIsscJuRPFCMsfZL31nYvG+Dboob0
7xP0gq+8XjRSd+6UHZK1B843TmOvn1YvcrJRzfsFt5h0gfdjnDoPnQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:45 2025 by rpki-client