Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/2koN81Z4iLQhvwgQDEFIKlbYmgc.roa
File: 2koN81Z4iLQhvwgQDEFIKlbYmgc.roa (raw, json)
Hash identifier: +DiIE8M/piRDHGrH36GQi053u3ztDTegCMCeOns3K0E=
Subject key identifier: DA:4A:0D:F3:56:78:88:B4:21:BF:08:10:0C:41:48:2A:56:D8:9A:07
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 096B
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/2koN81Z4iLQhvwgQDEFIKlbYmgc.roa
Signing time: Sun 07 Feb 2021 13:09:05 +0000
ROA not before: Sun 07 Feb 2021 13:09:05 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 198949
IP address blocks: 223.27.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2411 (0x96b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 7 13:09:05 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=DA4A0DF3567888B421BF08100C41482A56D89A07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d4:62:21:ee:5f:14:9f:7e:cc:59:77:a2:d6:
fc:85:61:4e:ad:b0:6f:58:ea:c2:38:7e:f8:8d:2a:
2d:6f:53:4f:7b:98:8a:71:6f:d7:7e:fa:e0:06:2c:
3e:b9:e8:0c:8a:c3:dd:05:87:ec:a8:b3:c2:cf:d4:
06:df:aa:fb:d8:6c:dd:fe:b4:ee:26:84:7e:25:fc:
0d:39:72:0a:1c:64:aa:75:ba:96:7d:44:90:a8:d8:
cf:b4:fb:a9:d2:7c:16:4b:9b:27:a1:d8:6e:de:8c:
6e:de:1e:ec:52:64:5e:79:70:19:b6:de:b6:1d:8d:
b0:f8:15:ed:48:b7:83:8a:3d:32:69:4f:42:6e:df:
98:79:a3:63:e9:7d:a6:91:12:6d:70:38:d2:35:5c:
2b:3e:2d:e9:47:80:c6:a4:af:f2:ca:03:19:3c:49:
c0:6c:58:17:87:51:13:70:95:23:6b:4e:63:ba:d8:
a9:df:0a:01:ba:33:ad:bd:56:4b:24:ed:bb:5a:c1:
1d:68:22:9f:3b:bf:74:ce:19:7e:f1:eb:6c:50:a9:
b1:a8:e4:5a:1a:6d:b6:e8:2b:d3:29:ba:91:68:c9:
75:3e:a3:1a:92:2a:fe:2f:11:ca:4f:db:56:7c:b0:
d3:dc:b4:e3:a9:7b:e1:a6:f9:1e:fa:f6:a0:46:b6:
b5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4A:0D:F3:56:78:88:B4:21:BF:08:10:0C:41:48:2A:56:D8:9A:07
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/2koN81Z4iLQhvwgQDEFIKlbYmgc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.39.0/24
Signature Algorithm: sha256WithRSAEncryption
33:ef:d9:da:e6:f3:98:d2:a7:d0:db:07:a2:6e:0b:f7:c2:00:
3f:07:67:0c:25:40:67:14:8e:fc:c8:ad:6b:b2:3c:cc:bd:55:
96:9d:24:47:57:19:2a:2c:76:e8:40:99:35:b7:5e:23:e8:68:
71:27:f0:45:cb:6a:25:18:2b:c6:59:75:cd:5b:11:e2:7f:a6:
38:12:65:f5:b6:78:36:05:ee:de:0c:c1:45:76:64:1c:97:3b:
7b:32:3a:62:1e:e8:08:b7:7e:2e:30:03:d6:57:ff:aa:fc:ed:
2f:35:b8:36:17:33:26:25:83:42:e4:c2:f3:dc:e7:ad:d0:aa:
1f:c8:5c:e5:b4:b9:31:37:c0:c8:f6:d6:29:ad:dc:39:7e:59:
60:91:43:9b:5e:58:ee:e6:b1:a9:44:b7:ea:4e:2d:47:3e:a7:
ef:65:13:cd:68:b6:d7:15:b5:2b:b5:7b:d1:02:e6:25:65:30:
e3:8d:75:4b:89:35:92:ff:01:0f:df:70:f3:17:60:1a:ff:ab:
e5:27:e3:24:a0:bc:39:63:6c:75:70:47:d0:b3:dd:7f:1e:9e:
34:c1:07:fd:7c:13:c5:5d:a4:7d:22:c2:3e:83:90:e3:8b:16:
87:72:db:67:f8:f6:fa:e3:02:de:e0:73:1b:6b:2d:00:9b:ad:
2b:7e:6b:35
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MzA5MDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERBNEEwREYzNTY3ODg4
QjQyMUJGMDgxMDBDNDE0ODJBNTZEODlBMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC91GIh7l8Un37MWXei1vyFYU6tsG9Y6sI4fviNKi1vU097mIpx
b9d++uAGLD656AyKw90Fh+yos8LP1AbfqvvYbN3+tO4mhH4l/A05cgocZKp1upZ9
RJCo2M+0+6nSfBZLmyeh2G7ejG7eHuxSZF55cBm23rYdjbD4Fe1It4OKPTJpT0Ju
35h5o2PpfaaREm1wONI1XCs+LelHgMakr/LKAxk8ScBsWBeHURNwlSNrTmO62Knf
CgG6M629Vksk7btawR1oIp87v3TOGX7x62xQqbGo5FoabbboK9MpupFoyXU+oxqS
Kv4vEcpP21Z8sNPctOOpe+Gm+R769qBGtrU3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2koN81Z4iLQhvwgQDEFIKlbYmgcwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vMmtvTjgxWjRpTFFodndnUURFRklL
bGJZbWdjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bJzAN
BgkqhkiG9w0BAQsFAAOCAQEAM+/Z2ubzmNKn0NsHom4L98IAPwdnDCVAZxSO/Mit
a7I8zL1Vlp0kR1cZKix26ECZNbdeI+hocSfwRctqJRgrxll1zVsR4n+mOBJl9bZ4
NgXu3gzBRXZkHJc7ezI6Yh7oCLd+LjAD1lf/qvztLzW4NhczJiWDQuTC89znrdCq
H8hc5bS5MTfAyPbWKa3cOX5ZYJFDm15Y7uaxqUS36k4tRz6n72UTzWi21xW1K7V7
0QLmJWUw4411S4k1kv8BD99w8xdgGv+r5SfjJKC8OWNsdXBH0LPdfx6eNMEH/XwT
xV2kfSLCPoOQ44sWh3LbZ/j2+uMC3uBzG2stAJutK35rNQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:03 2023 by rpki-client on console-ams.rpki-client.org