Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/6ISfiRfZMhURW1QQrPcP5GQk3Do.roa
File: 6ISfiRfZMhURW1QQrPcP5GQk3Do.roa (raw, json)
Hash identifier: lBjuUEz4b/EwelkjMNBa0p1ogJYv3k1siLbIIw/Zv38=
Subject key identifier: E8:84:9F:89:17:D9:32:15:11:5B:54:10:AC:F7:0F:E4:64:24:DC:3A
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08CC
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/6ISfiRfZMhURW1QQrPcP5GQk3Do.roa
Signing time: Fri 11 Dec 2020 09:03:40 +0000
ROA not before: Fri 11 Dec 2020 09:03:40 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 124.150.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2252 (0x8cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 09:03:40 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=E8849F8917D93215115B5410ACF70FE46424DC3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b3:6c:8c:fd:9d:07:d1:ab:14:b7:be:e1:1c:
fe:1b:2c:3e:8a:b6:88:d8:51:45:a9:26:66:a4:d9:
9f:cf:63:0d:78:9c:88:49:26:6d:aa:8a:40:83:23:
48:71:2c:86:9f:c4:84:7a:26:16:77:5f:63:8e:af:
57:0c:1c:fc:bc:fd:85:c3:c2:82:f8:eb:6d:3c:72:
64:f7:cd:ba:fd:48:c8:5c:20:23:e6:12:79:02:ee:
10:22:1a:3f:f6:ca:23:ee:68:f0:0b:3d:da:cd:74:
28:9a:db:a7:ba:f4:3b:0f:35:1e:bc:7c:4a:af:3e:
7f:37:a8:e7:cb:60:05:62:7e:97:7e:11:4b:c7:a9:
5a:51:8c:60:7d:b5:cb:d9:bb:6c:66:ce:51:ab:d4:
cf:21:1d:f1:9d:be:b2:29:86:b3:f2:f7:93:c2:dc:
6f:c5:4e:88:98:44:cb:42:b7:03:0e:dc:b4:18:e4:
40:55:80:2e:72:23:fb:19:6a:f4:e1:31:d1:58:c9:
63:a0:3e:ec:b2:13:b7:10:da:7e:57:f4:78:72:db:
38:85:ba:d3:b0:7b:a4:cb:b6:b0:e3:e9:ea:bb:08:
6a:9a:9f:39:81:64:ea:6d:99:93:77:9a:f6:89:4a:
cd:33:41:63:0a:a5:6e:c5:79:59:5c:53:2b:5d:06:
fa:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:84:9F:89:17:D9:32:15:11:5B:54:10:AC:F7:0F:E4:64:24:DC:3A
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/6ISfiRfZMhURW1QQrPcP5GQk3Do.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.135.0/24
Signature Algorithm: sha256WithRSAEncryption
37:72:f5:f9:f4:ed:54:95:3c:54:c9:ed:1f:6d:93:58:15:15:
34:1b:5f:8d:b8:eb:43:8b:96:e8:ac:5d:8a:c8:e9:22:76:cf:
59:f4:5f:a5:62:1d:69:4f:55:72:ab:00:63:8a:ef:f9:cf:9d:
ea:e3:a1:47:b8:8e:cc:9f:8b:15:5f:20:c3:b8:c9:cf:4a:79:
4a:ed:62:4d:ae:47:19:c0:7f:9c:7f:69:15:23:a0:83:76:ff:
c6:c9:f1:bc:20:d6:d5:23:66:3a:6c:b3:93:00:56:2d:6a:23:
81:de:dd:96:c9:07:3c:5b:31:f8:5a:97:88:51:e6:59:bc:ae:
4b:f1:a9:7b:27:39:6c:18:64:22:1f:45:fc:c7:88:0b:87:73:
6a:a0:e5:16:e0:cf:ca:1b:4a:ec:02:a8:b7:b6:d8:61:8b:18:
b1:20:8b:86:71:f0:4e:2f:89:d9:31:57:79:af:85:84:62:59:
9f:c5:b5:fe:5a:ef:bf:d2:4b:8d:f7:ff:d3:41:2e:f2:06:75:
13:54:54:55:97:46:24:3e:cf:79:62:24:5a:a8:ff:28:1f:19:
15:8a:96:b3:2c:8f:8b:ae:53:d0:09:dc:ba:78:cb:6e:b2:8d:
71:d4:57:c8:fe:c9:3e:f4:39:1a:26:d3:f6:33:18:ff:b7:a8:
32:86:db:62
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
OTAzNDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEU4ODQ5Rjg5MTdEOTMy
MTUxMTVCNTQxMEFDRjcwRkU0NjQyNERDM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLs2yM/Z0H0asUt77hHP4bLD6KtojYUUWpJmak2Z/PYw14nIhJ
Jm2qikCDI0hxLIafxIR6JhZ3X2OOr1cMHPy8/YXDwoL46208cmT3zbr9SMhcICPm
EnkC7hAiGj/2yiPuaPALPdrNdCia26e69DsPNR68fEqvPn83qOfLYAVifpd+EUvH
qVpRjGB9tcvZu2xmzlGr1M8hHfGdvrIphrPy95PC3G/FToiYRMtCtwMO3LQY5EBV
gC5yI/sZavThMdFYyWOgPuyyE7cQ2n5X9Hhy2ziFutOwe6TLtrDj6eq7CGqanzmB
ZOptmZN3mvaJSs0zQWMKpW7FeVlcUytdBvolAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU6ISfiRfZMhURW1QQrPcP5GQk3DowHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vNklTZmlSZlpNaFVSVzFRUXJQY1A1
R1FrM0RvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHyWhzAN
BgkqhkiG9w0BAQsFAAOCAQEAN3L1+fTtVJU8VMntH22TWBUVNBtfjbjrQ4uW6Kxd
isjpInbPWfRfpWIdaU9VcqsAY4rv+c+d6uOhR7iOzJ+LFV8gw7jJz0p5Su1iTa5H
GcB/nH9pFSOgg3b/xsnxvCDW1SNmOmyzkwBWLWojgd7dlskHPFsx+FqXiFHmWbyu
S/Gpeyc5bBhkIh9F/MeIC4dzaqDlFuDPyhtK7AKot7bYYYsYsSCLhnHwTi+J2TFX
ea+FhGJZn8W1/lrvv9JLjff/00Eu8gZ1E1RUVZdGJD7PeWIkWqj/KB8ZFYqWsyyP
i65T0AncunjLbrKNcdRXyP7JPvQ5GibT9jMY/7eoMobbYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org