Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/h3ZiocqvLNtP85me4uOhRPh9UBg.roa
File: h3ZiocqvLNtP85me4uOhRPh9UBg.roa (raw, json)
Hash identifier: o7l7TzJP/tSWmOjNkVbVRKYvevkBzE950JNATBB8JDg=
Subject key identifier: 87:76:62:A1:CA:AF:2C:DB:4F:F3:99:9E:E2:E3:A1:44:F8:7D:50:18
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0AAC
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/h3ZiocqvLNtP85me4uOhRPh9UBg.roa
Signing time: Sun 07 Feb 2021 11:36:56 +0000
ROA not before: Sun 07 Feb 2021 11:36:56 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 211.78.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2732 (0xaac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 7 11:36:56 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=877662A1CAAF2CDB4FF3999EE2E3A144F87D5018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:98:8d:f4:27:5d:85:71:67:b1:70:60:5e:bd:
88:da:f8:ee:4e:c8:47:e6:4d:ec:94:8c:c7:0c:75:
ce:de:c1:3c:85:1d:e3:26:6f:98:f3:db:cc:e4:82:
ec:c8:c3:77:5b:19:66:2a:de:73:67:e8:37:94:b2:
c3:77:f1:82:90:0f:9b:bc:51:91:4a:fc:81:96:18:
1b:34:ab:37:26:c1:9a:e5:3e:26:ae:18:f5:90:a4:
d0:1d:19:d2:82:55:6d:36:15:05:b9:93:66:5e:3a:
dd:4d:d1:3d:29:b0:39:a7:4e:16:76:a8:f2:91:0e:
5c:d7:ad:67:6e:33:50:34:fe:fb:9a:ba:99:51:94:
7f:f7:66:b5:5e:14:08:58:7b:82:8d:75:c2:bd:b5:
79:0e:e4:33:7f:4e:2a:37:60:d0:53:39:1e:22:e4:
53:b4:e6:86:75:15:4b:36:72:78:d9:66:ef:0f:7d:
17:46:9c:a4:2e:76:18:80:08:55:27:d4:65:9d:3c:
a8:4d:ef:bf:fc:63:b3:98:46:c6:3c:d1:de:b9:9a:
f5:da:39:0d:68:b8:b9:ec:e0:8e:15:49:34:45:41:
6b:2e:1d:1c:f0:10:e1:db:cc:e6:1d:e7:c9:1e:63:
7e:0a:aa:54:8a:f6:aa:5c:3d:9d:c2:50:e3:4d:30:
24:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:76:62:A1:CA:AF:2C:DB:4F:F3:99:9E:E2:E3:A1:44:F8:7D:50:18
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/h3ZiocqvLNtP85me4uOhRPh9UBg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.208.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:7d:84:e2:51:20:7a:5f:48:f6:55:a7:bb:7b:ff:b9:af:ae:
18:e4:77:b4:a6:0f:c2:6f:5d:4a:0e:42:cb:58:f5:1c:bc:ed:
73:a8:c4:1b:3f:e8:f1:43:b6:50:79:1f:54:c3:93:52:3f:8e:
c4:3b:41:c7:da:f4:88:e7:22:74:8f:d8:61:a7:46:37:00:19:
66:7b:99:5d:7a:33:0a:20:75:49:e9:18:82:6b:64:6f:a8:b6:
e5:15:44:07:61:6d:d1:d7:c4:93:de:11:20:78:d2:73:ac:00:
85:e1:ba:02:f1:14:09:f7:8b:2c:3b:cc:13:99:17:fb:74:52:
ca:a7:cf:ba:f5:86:02:75:26:d9:ee:7c:60:89:8b:d3:98:37:
7c:4f:a9:0d:b6:bc:74:33:2b:d2:1a:45:c8:4a:ab:b0:38:0c:
e9:36:42:50:06:72:5d:4c:83:74:8c:d2:5b:6e:82:ea:1a:a8:
ff:72:85:ee:75:42:95:35:12:10:76:e3:61:22:31:69:d6:82:
ab:fc:ee:89:fc:b9:f2:cb:2b:9a:5b:3f:47:e1:f3:77:db:1f:
2b:c1:85:9e:12:8a:55:28:f0:d8:59:98:c5:48:0d:33:ea:aa:
1f:9c:fa:01:c2:30:3d:c9:59:cb:3b:13:c8:4d:fa:2f:bc:5c:
af:c9:74:14
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MTM2NTZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg3NzY2MkExQ0FBRjJD
REI0RkYzOTk5RUUyRTNBMTQ0Rjg3RDUwMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbmI30J12FcWexcGBevYja+O5OyEfmTeyUjMcMdc7ewTyFHeMm
b5jz28zkguzIw3dbGWYq3nNn6DeUssN38YKQD5u8UZFK/IGWGBs0qzcmwZrlPiau
GPWQpNAdGdKCVW02FQW5k2ZeOt1N0T0psDmnThZ2qPKRDlzXrWduM1A0/vuauplR
lH/3ZrVeFAhYe4KNdcK9tXkO5DN/Tio3YNBTOR4i5FO05oZ1FUs2cnjZZu8PfRdG
nKQudhiACFUn1GWdPKhN77/8Y7OYRsY80d65mvXaOQ1ouLns4I4VSTRFQWsuHRzw
EOHbzOYd58keY34KqlSK9qpcPZ3CUONNMCTjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUh3ZiocqvLNtP85me4uOhRPh9UBgwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvaDNaaW9jcXZMTnRQODVt
ZTR1T2hSUGg5VUJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BNNO0DANBgkqhkiG9w0BAQsFAAOCAQEAfX2E4lEgel9I9lWnu3v/ua+uGOR3tKYP
wm9dSg5Cy1j1HLztc6jEGz/o8UO2UHkfVMOTUj+OxDtBx9r0iOcidI/YYadGNwAZ
ZnuZXXozCiB1SekYgmtkb6i25RVEB2Ft0dfEk94RIHjSc6wAheG6AvEUCfeLLDvM
E5kX+3RSyqfPuvWGAnUm2e58YImL05g3fE+pDba8dDMr0hpFyEqrsDgM6TZCUAZy
XUyDdIzSW26C6hqo/3KF7nVClTUSEHbjYSIxadaCq/zuify58ssrmls/R+Hzd9sf
K8GFnhKKVSjw2FmYxUgNM+qqH5z6AcIwPclZyzsTyE36L7xcr8l0FA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:58 2025 by rpki-client