Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/AOlaZzJ7Xynz9_YrTyRLKMI_vT0.roa
File: AOlaZzJ7Xynz9_YrTyRLKMI_vT0.roa (raw, json)
Hash identifier: 3RzQnyOW5bTgZVYGIpEzlEAwZUTutetOp//seN3+k7s=
Subject key identifier: 00:E9:5A:67:32:7B:5F:29:F3:F7:F6:2B:4F:24:4B:28:C2:3F:BD:3D
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08DE
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/AOlaZzJ7Xynz9_YrTyRLKMI_vT0.roa
Signing time: Fri 11 Dec 2020 09:06:14 +0000
ROA not before: Fri 11 Dec 2020 09:06:14 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 223.27.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2270 (0x8de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 09:06:14 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=00E95A67327B5F29F3F7F62B4F244B28C23FBD3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e2:94:13:eb:c4:bb:2a:13:a8:fa:4c:46:7f:
a4:80:94:c4:c2:d8:c7:ca:f1:33:7b:20:ef:41:dd:
83:f4:0b:59:09:1c:4e:7a:01:e9:02:9c:66:c8:88:
4f:ec:de:a8:34:a6:f6:00:87:96:f7:d3:f5:4b:ff:
ca:c1:7e:3b:7a:d8:13:8c:59:67:4c:e9:d4:68:98:
c7:02:50:42:5b:b4:b2:95:e7:26:b5:b7:fb:1b:69:
d0:16:4e:f4:2a:f3:c5:81:c7:43:db:a4:43:5a:03:
e0:02:2e:f4:3c:35:0d:aa:88:91:87:a9:86:81:23:
45:c0:11:47:3e:8f:f2:ed:0e:65:7e:cd:63:dd:ce:
e2:1a:ee:16:99:f6:59:2c:cb:89:c7:4c:20:2d:29:
3b:95:c5:dc:6d:de:3b:8c:23:0c:5f:c1:f5:93:42:
17:fd:66:f7:cc:05:6f:f7:29:fe:99:2d:83:7e:8a:
fb:4a:1b:a8:40:90:44:12:32:32:10:91:a3:53:50:
74:ad:34:02:d0:6c:9f:e9:94:85:0f:05:3f:7a:f8:
26:d6:0f:24:2a:f1:62:69:ac:4f:e6:86:23:b8:b1:
b5:15:57:d5:5c:5b:25:ab:4d:32:39:ec:c5:c0:f6:
2e:29:98:aa:95:d9:67:64:dd:54:0e:53:7f:90:ec:
ac:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E9:5A:67:32:7B:5F:29:F3:F7:F6:2B:4F:24:4B:28:C2:3F:BD:3D
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/AOlaZzJ7Xynz9_YrTyRLKMI_vT0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.42.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:fb:7f:2b:d3:9a:35:d0:f7:66:bc:9b:05:25:ba:a0:79:fc:
f5:21:14:e0:b9:05:3f:70:57:fc:e1:f1:77:9d:20:9c:44:eb:
fd:86:c6:09:20:0a:8e:ab:56:48:5a:16:89:d9:21:3b:ad:50:
e7:e5:76:60:13:80:be:2e:c9:22:40:0e:4c:1c:2a:18:2c:54:
9a:13:56:10:07:f9:cf:ba:30:ec:43:fc:ea:8f:51:17:b6:d9:
85:3c:0d:09:36:86:ad:cf:22:05:b7:20:e4:56:3e:4a:85:19:
c3:d3:f4:ff:8b:ed:68:72:9b:fe:21:0e:98:38:e1:55:03:e5:
d3:86:c0:79:48:f8:44:98:47:8d:ae:8e:01:86:c9:e9:23:07:
ae:90:d6:00:ba:f0:82:27:c5:57:bf:55:f8:99:d6:88:3f:77:
2f:a5:a2:30:dd:46:e9:a8:62:c5:14:18:ff:9e:6e:f3:0b:44:
9b:a9:17:20:b8:13:03:df:54:43:86:f8:b9:05:0a:b0:65:64:
62:0e:cc:ed:cf:ce:0b:64:49:9c:3a:c3:00:02:67:51:66:a1:
e6:a2:ef:08:88:ee:cc:48:1d:4e:0d:8d:9a:5d:85:54:86:ad:
ba:ff:2a:56:5d:35:aa:3a:d0:ce:70:6e:7d:40:5c:cd:f2:5d:
b6:66:07:f9
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
OTA2MTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDAwRTk1QTY3MzI3QjVG
MjlGM0Y3RjYyQjRGMjQ0QjI4QzIzRkJEM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV4pQT68S7KhOo+kxGf6SAlMTC2MfK8TN7IO9B3YP0C1kJHE56
AekCnGbIiE/s3qg0pvYAh5b30/VL/8rBfjt62BOMWWdM6dRomMcCUEJbtLKV5ya1
t/sbadAWTvQq88WBx0PbpENaA+ACLvQ8NQ2qiJGHqYaBI0XAEUc+j/LtDmV+zWPd
zuIa7haZ9lksy4nHTCAtKTuVxdxt3juMIwxfwfWTQhf9ZvfMBW/3Kf6ZLYN+ivtK
G6hAkEQSMjIQkaNTUHStNALQbJ/plIUPBT96+CbWDyQq8WJprE/mhiO4sbUVV9Vc
WyWrTTI57MXA9i4pmKqV2Wdk3VQOU3+Q7KxbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUAOlaZzJ7Xynz9/YrTyRLKMI/vT0wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vQU9sYVp6SjdYeW56OV9ZclR5UkxL
TUlfdlQwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKjAN
BgkqhkiG9w0BAQsFAAOCAQEAuft/K9OaNdD3ZrybBSW6oHn89SEU4LkFP3BX/OHx
d50gnETr/YbGCSAKjqtWSFoWidkhO61Q5+V2YBOAvi7JIkAOTBwqGCxUmhNWEAf5
z7ow7EP86o9RF7bZhTwNCTaGrc8iBbcg5FY+SoUZw9P0/4vtaHKb/iEOmDjhVQPl
04bAeUj4RJhHja6OAYbJ6SMHrpDWALrwgifFV79V+JnWiD93L6WiMN1G6ahixRQY
/55u8wtEm6kXILgTA99UQ4b4uQUKsGVkYg7M7c/OC2RJnDrDAAJnUWah5qLvCIju
zEgdTg2Nml2FVIatuv8qVl01qjrQznBufUBczfJdtmYH+Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org