Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/APBAFo4iZshLdEQcteGVMcEJjqY.roa
File: APBAFo4iZshLdEQcteGVMcEJjqY.roa (raw, json)
Hash identifier: 1PKJnXyzS7XH9YINKYO6sbxZE0Zn+xVGrb77DLWEeDo=
Subject key identifier: 00:F0:40:16:8E:22:66:C8:4B:74:44:1C:B5:E1:95:31:C1:09:8E:A6
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0967
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/APBAFo4iZshLdEQcteGVMcEJjqY.roa
Signing time: Sun 07 Feb 2021 13:09:02 +0000
ROA not before: Sun 07 Feb 2021 13:09:02 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 198949
IP address blocks: 223.27.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2407 (0x967)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 7 13:09:02 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=00F040168E2266C84B74441CB5E19531C1098EA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:44:c3:6f:66:69:1b:93:6a:61:23:82:33:9d:
1d:27:48:6b:7a:57:d4:19:d7:d6:78:09:84:c9:3e:
4d:c9:d0:d9:00:ec:c2:46:00:27:3b:6c:9d:cd:10:
42:56:a2:38:5e:b5:73:93:f2:0f:33:02:65:6e:ac:
98:fb:59:04:66:c5:71:31:a3:79:5d:ec:1f:bb:9f:
5c:49:c9:d9:be:07:0a:08:21:c2:0b:27:cd:4c:8d:
90:fd:aa:db:e3:58:37:ff:fc:35:81:0a:da:18:9b:
d4:db:25:a4:b1:92:8d:48:f8:8b:1b:36:2e:35:3e:
34:6f:b8:9a:27:c5:77:c1:8e:f5:b1:2f:7a:f0:04:
94:ad:5c:5d:3c:3d:40:2f:f1:ee:4c:5d:d2:80:4f:
a4:2a:33:14:60:b4:93:3a:26:aa:40:ed:1b:b6:08:
64:0b:b9:47:55:48:30:46:06:5c:9c:2d:5b:08:b2:
1b:e3:9c:a5:96:0a:fc:7f:85:35:cf:1f:f2:d0:2d:
e7:91:be:d8:17:19:32:9e:a4:5f:0e:9c:82:0f:87:
d1:3f:b3:ff:d7:0a:b9:61:dd:96:40:5e:72:88:a9:
12:f2:30:2b:99:5d:25:00:ad:99:e3:95:10:5e:30:
eb:50:2c:3b:b2:6c:d7:5a:82:62:62:e4:ae:27:3f:
fb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F0:40:16:8E:22:66:C8:4B:74:44:1C:B5:E1:95:31:C1:09:8E:A6
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/APBAFo4iZshLdEQcteGVMcEJjqY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.37.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:a4:86:ef:da:28:97:af:b5:27:b2:0a:ce:af:7b:5c:75:95:
c9:b3:65:ac:fd:52:3f:22:9f:6d:ec:61:61:61:05:51:1d:73:
a9:b0:55:05:b0:5c:7b:7c:4e:62:d6:3a:ce:1d:f4:89:68:0a:
50:86:5d:a0:fe:a7:89:f5:bc:32:db:6c:e7:49:fe:53:28:73:
45:83:ff:56:3b:f4:6e:a6:ce:1f:af:2f:52:17:93:9f:19:bb:
4c:4e:49:fa:2b:17:15:75:ab:72:cd:70:e1:62:48:b3:ab:8e:
89:60:41:08:38:4c:88:33:bf:f7:a3:66:14:31:d4:a7:db:75:
b7:cf:8a:eb:88:8d:48:9f:5f:cf:77:44:8c:19:45:50:40:28:
ea:9d:b7:a8:fb:f3:5d:40:7f:42:e4:a7:27:e5:25:fd:51:88:
89:75:46:c5:bd:5e:67:c7:88:af:67:3e:fc:06:40:8b:a8:50:
20:3a:c0:a1:03:95:19:a3:01:bc:09:9f:9a:ba:bb:90:b6:07:
db:82:e4:a0:29:79:13:02:38:5b:50:fa:dc:18:c5:7a:17:da:
78:e5:44:45:88:cd:65:3b:b1:83:e3:11:1f:ba:a3:9e:d6:14:
43:e7:e9:25:e0:be:9f:22:7c:cb:5f:07:5c:b2:f7:bc:bf:cd:
75:67:66:2a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCWcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MzA5MDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDAwRjA0MDE2OEUyMjY2
Qzg0Qjc0NDQxQ0I1RTE5NTMxQzEwOThFQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTRMNvZmkbk2phI4IznR0nSGt6V9QZ19Z4CYTJPk3J0NkA7MJG
ACc7bJ3NEEJWojhetXOT8g8zAmVurJj7WQRmxXExo3ld7B+7n1xJydm+BwoIIcIL
J81MjZD9qtvjWDf//DWBCtoYm9TbJaSxko1I+IsbNi41PjRvuJonxXfBjvWxL3rw
BJStXF08PUAv8e5MXdKAT6QqMxRgtJM6JqpA7Ru2CGQLuUdVSDBGBlycLVsIshvj
nKWWCvx/hTXPH/LQLeeRvtgXGTKepF8OnIIPh9E/s//XCrlh3ZZAXnKIqRLyMCuZ
XSUArZnjlRBeMOtQLDuybNdagmJi5K4nP/sDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUAPBAFo4iZshLdEQcteGVMcEJjqYwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vQVBCQUZvNGlac2hMZEVRY3RlR1ZN
Y0VKanFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bJTAN
BgkqhkiG9w0BAQsFAAOCAQEAtaSG79ool6+1J7IKzq97XHWVybNlrP1SPyKfbexh
YWEFUR1zqbBVBbBce3xOYtY6zh30iWgKUIZdoP6nifW8Mtts50n+UyhzRYP/Vjv0
bqbOH68vUheTnxm7TE5J+isXFXWrcs1w4WJIs6uOiWBBCDhMiDO/96NmFDHUp9t1
t8+K64iNSJ9fz3dEjBlFUEAo6p23qPvzXUB/QuSnJ+Ul/VGIiXVGxb1eZ8eIr2c+
/AZAi6hQIDrAoQOVGaMBvAmfmrq7kLYH24LkoCl5EwI4W1D63BjFehfaeOVERYjN
ZTuxg+MRH7qjntYUQ+fpJeC+nyJ8y18HXLL3vL/NdWdmKg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:13 2025 by rpki-client