Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/6hpDq4puO3csFwO8UpcFXE9llzM.roa
File: 6hpDq4puO3csFwO8UpcFXE9llzM.roa (raw, json)
Hash identifier: dmI5gowx4Ig1rn63mu/2fNgCGy8kr4Rr4yUyql+PClM=
Subject key identifier: EA:1A:43:AB:8A:6E:3B:77:2C:17:03:BC:52:97:05:5C:4F:65:97:33
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08AE
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/6hpDq4puO3csFwO8UpcFXE9llzM.roa
Signing time: Fri 11 Dec 2020 08:57:03 +0000
ROA not before: Fri 11 Dec 2020 08:57:03 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 198949
IP address blocks: 223.27.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2222 (0x8ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 08:57:03 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=EA1A43AB8A6E3B772C1703BC5297055C4F659733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:bf:05:20:39:61:dc:3d:69:71:a4:89:4e:
49:da:08:a3:78:c7:a4:5a:f3:25:30:14:66:35:d9:
34:1b:0c:85:0d:fe:33:9a:da:84:17:62:50:76:0e:
21:93:cb:9b:6d:84:f8:cb:e8:8a:cd:29:b8:0e:f7:
c7:91:9c:16:9a:f0:66:48:df:eb:4f:01:b2:b8:03:
c3:95:fb:c5:a3:9b:f3:70:54:20:77:3a:8a:f4:d0:
78:6d:90:6c:b5:b0:56:75:ac:5b:00:53:01:c7:ba:
6d:2b:6c:1a:71:df:25:c5:13:42:f4:ea:a9:2c:3d:
3f:cf:2c:c7:e1:64:b6:7b:e7:57:e1:63:b7:41:38:
e3:aa:72:0f:43:bd:25:bd:1f:94:04:5d:87:ce:5f:
de:3a:7b:c2:f6:cc:0d:dd:a7:e4:5e:cb:da:3e:97:
68:1b:49:a5:65:38:05:1a:14:7e:73:82:23:ff:ca:
b2:81:72:5f:36:34:2b:7a:70:2f:80:58:e4:a2:9a:
21:d9:c0:c4:d7:bb:2d:b3:fd:24:09:1e:31:cf:2c:
e6:e8:3e:0a:c4:e5:76:c3:9d:0f:a3:b1:25:6b:c0:
b0:54:33:f0:17:06:e1:06:dc:cd:ff:a3:e8:a4:bd:
53:da:d2:76:c3:bc:a2:e9:90:53:f4:a8:ae:96:2d:
79:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:1A:43:AB:8A:6E:3B:77:2C:17:03:BC:52:97:05:5C:4F:65:97:33
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/6hpDq4puO3csFwO8UpcFXE9llzM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.42.0/24
Signature Algorithm: sha256WithRSAEncryption
47:4a:af:50:ad:12:82:66:9d:17:41:bb:01:38:46:12:0e:e9:
91:31:01:33:0d:b2:58:76:4d:25:4f:58:c3:36:6d:31:2d:04:
6e:e0:b4:79:88:d7:e4:81:f8:fd:26:68:83:45:e9:2c:e3:b9:
53:2f:a4:22:4a:86:a9:61:f0:ec:70:4a:48:bc:07:d0:55:57:
7d:a2:0f:ec:7d:e5:83:4a:9d:fb:c9:f9:9e:a5:74:fe:57:22:
99:44:c5:cc:42:e0:62:19:95:5b:34:d6:61:45:c5:2c:37:d3:
f1:88:93:49:c3:e0:a9:09:f3:e0:fd:cb:71:f1:db:91:c7:9c:
28:a9:28:dc:7f:cd:8e:06:cd:32:52:d1:f6:36:41:88:69:34:
0b:c6:1c:2e:d8:d0:da:9f:10:28:ec:35:23:5b:c5:d9:52:72:
72:e8:5e:af:47:87:14:46:6c:e4:1e:54:c7:15:83:a0:c4:8b:
00:97:20:40:82:53:7a:8a:ee:0e:86:04:ad:dc:93:7b:28:04:
da:78:ec:9c:97:ec:3a:59:2d:52:1f:ef:bd:02:71:09:47:46:
75:a3:4c:89:90:96:bc:6a:d7:3b:19:fd:05:8b:cc:58:66:08:
68:58:98:ae:a5:5e:c9:fc:66:76:83:39:e4:6c:d3:86:9f:9a:
53:ae:9c:8e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
ODU3MDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEVBMUE0M0FCOEE2RTNC
NzcyQzE3MDNCQzUyOTcwNTVDNEY2NTk3MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClhb8FIDlh3D1pcaSJTknaCKN4x6Ra8yUwFGY12TQbDIUN/jOa
2oQXYlB2DiGTy5tthPjL6IrNKbgO98eRnBaa8GZI3+tPAbK4A8OV+8Wjm/NwVCB3
Oor00HhtkGy1sFZ1rFsAUwHHum0rbBpx3yXFE0L06qksPT/PLMfhZLZ751fhY7dB
OOOqcg9DvSW9H5QEXYfOX946e8L2zA3dp+Rey9o+l2gbSaVlOAUaFH5zgiP/yrKB
cl82NCt6cC+AWOSimiHZwMTXuy2z/SQJHjHPLOboPgrE5XbDnQ+jsSVrwLBUM/AX
BuEG3M3/o+ikvVPa0nbDvKLpkFP0qK6WLXlBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU6hpDq4puO3csFwO8UpcFXE9llzMwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vNmhwRHE0cHVPM2NzRndPOFVwY0ZY
RTlsbHpNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKjAN
BgkqhkiG9w0BAQsFAAOCAQEAR0qvUK0SgmadF0G7AThGEg7pkTEBMw2yWHZNJU9Y
wzZtMS0EbuC0eYjX5IH4/SZog0XpLOO5Uy+kIkqGqWHw7HBKSLwH0FVXfaIP7H3l
g0qd+8n5nqV0/lcimUTFzELgYhmVWzTWYUXFLDfT8YiTScPgqQnz4P3LcfHbkcec
KKko3H/NjgbNMlLR9jZBiGk0C8YcLtjQ2p8QKOw1I1vF2VJycuher0eHFEZs5B5U
xxWDoMSLAJcgQIJTeoruDoYErdyTeygE2njsnJfsOlktUh/vvQJxCUdGdaNMiZCW
vGrXOxn9BYvMWGYIaFiYrqVeyfxmdoM55GzThp+aU66cjg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:03 2023 by rpki-client on console-ams.rpki-client.org