Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/AtYi-xWIXRm8C6yXDm3lQPtrzuI.roa
File: AtYi-xWIXRm8C6yXDm3lQPtrzuI.roa (raw, json)
Hash identifier: V1aI0NM/bYBrDoC2yfAM4csGw8hmrstpdO/5/XDUgyA=
Subject key identifier: 02:D6:22:FB:15:88:5D:19:BC:0B:AC:97:0E:6D:E5:40:FB:6B:CE:E2
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0AA1
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/AtYi-xWIXRm8C6yXDm3lQPtrzuI.roa
Signing time: Wed 06 Oct 2021 07:10:58 +0000
ROA not before: Wed 06 Oct 2021 07:10:58 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 223.27.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2721 (0xaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Oct 6 07:10:58 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=02D622FB15885D19BC0BAC970E6DE540FB6BCEE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5a:5e:f6:3a:ff:01:9d:45:f5:26:31:16:44:
53:9f:29:71:a0:9f:64:2d:d2:75:d4:d2:8e:7b:9d:
88:38:ed:ef:b6:5f:71:89:be:7f:bf:e0:7a:da:d6:
be:c9:37:e5:10:fa:c1:9a:50:42:dd:4b:56:b0:64:
bf:e1:86:15:c3:6d:3e:5a:c4:ca:57:2e:19:a1:11:
ce:6a:6f:2e:63:54:6e:3f:3c:f4:97:e9:b0:ab:f9:
ea:29:1d:dc:85:48:ab:a2:8a:94:2a:ab:08:a6:c8:
4d:7e:98:a3:78:30:91:7b:df:23:95:42:01:48:1d:
ab:a5:49:74:4d:1f:b1:61:2b:b2:44:9e:92:31:29:
e5:01:f2:3b:52:bc:63:86:b7:67:4d:83:c2:1f:9a:
63:35:c2:b3:2a:a5:0f:34:eb:42:30:34:3e:4f:de:
e5:99:cb:91:b7:fd:44:e7:5e:bd:ba:7b:7c:83:00:
3e:94:47:01:c9:3f:97:05:d0:4a:f4:10:35:64:ef:
dd:9d:5e:ab:d3:55:83:49:ad:0d:0f:00:41:64:2f:
b3:45:6a:71:87:f0:63:4b:3d:0f:c8:a9:08:a1:0e:
05:70:06:d9:c2:11:45:8b:1e:99:6e:46:12:09:a9:
1f:6e:1d:38:96:5c:5b:6a:a3:1a:f6:2a:df:1e:51:
25:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D6:22:FB:15:88:5D:19:BC:0B:AC:97:0E:6D:E5:40:FB:6B:CE:E2
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/AtYi-xWIXRm8C6yXDm3lQPtrzuI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.54.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:98:de:c2:f8:ba:ce:6a:16:f7:1b:07:14:09:1b:1b:ba:f7:
05:bb:9a:ef:15:3e:7d:2a:7b:b5:67:b7:fd:1f:cc:90:08:de:
76:b1:56:3e:e0:75:ee:2f:28:cd:ce:a7:93:cb:bb:1a:72:c5:
04:ea:23:5e:c2:39:e9:28:ae:59:61:f3:fb:3f:f5:f6:29:2b:
06:26:e0:26:e2:24:f0:65:17:76:60:b7:ef:19:bc:53:e0:7d:
04:27:2d:6b:72:aa:4f:65:50:4d:75:a1:ee:2e:73:4b:1a:12:
bb:b8:d1:18:a6:f2:ae:c6:f5:8f:c4:a5:7b:bf:a2:d3:cc:fd:
a7:a6:02:3b:b8:56:7f:60:9f:9d:85:c7:f3:f7:71:7f:9c:bc:
d6:2c:89:b6:da:e6:d0:ca:39:ab:7f:49:18:b3:a8:65:67:28:
b9:07:cc:1c:bf:92:ad:81:9d:46:88:bf:b3:cb:9d:93:7d:56:
cc:97:c3:1d:f5:e1:94:d8:22:b7:2e:40:68:de:a1:b7:86:eb:
1b:b0:50:e4:5b:2b:9d:4f:f9:0e:fd:58:65:ab:98:38:a7:25:
ce:63:2e:22:fb:b5:30:64:e6:50:79:c0:69:a7:af:ba:57:61:
69:66:1b:2e:68:91:42:b0:d2:02:be:54:4f:cd:0d:38:1e:ee:
f8:24:66:25
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTEwMDYw
NzEwNThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDAyRDYyMkZCMTU4ODVE
MTlCQzBCQUM5NzBFNkRFNTQwRkI2QkNFRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKWl72Ov8BnUX1JjEWRFOfKXGgn2Qt0nXU0o57nYg47e+2X3GJ
vn+/4Hra1r7JN+UQ+sGaUELdS1awZL/hhhXDbT5axMpXLhmhEc5qby5jVG4/PPSX
6bCr+eopHdyFSKuiipQqqwimyE1+mKN4MJF73yOVQgFIHaulSXRNH7FhK7JEnpIx
KeUB8jtSvGOGt2dNg8IfmmM1wrMqpQ8060IwND5P3uWZy5G3/UTnXr26e3yDAD6U
RwHJP5cF0Er0EDVk792dXqvTVYNJrQ0PAEFkL7NFanGH8GNLPQ/IqQihDgVwBtnC
EUWLHpluRhIJqR9uHTiWXFtqoxr2Kt8eUSXVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUAtYi+xWIXRm8C6yXDm3lQPtrzuIwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vQXRZaS14V0lYUm04QzZ5WERtM2xR
UHRyenVJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bNjAN
BgkqhkiG9w0BAQsFAAOCAQEAj5jewvi6zmoW9xsHFAkbG7r3Bbua7xU+fSp7tWe3
/R/MkAjedrFWPuB17i8ozc6nk8u7GnLFBOojXsI56SiuWWHz+z/19ikrBibgJuIk
8GUXdmC37xm8U+B9BCcta3KqT2VQTXWh7i5zSxoSu7jRGKbyrsb1j8Sle7+i08z9
p6YCO7hWf2CfnYXH8/dxf5y81iyJttrm0Mo5q39JGLOoZWcouQfMHL+SrYGdRoi/
s8udk31WzJfDHfXhlNgity5AaN6ht4brG7BQ5FsrnU/5Dv1YZauYOKclzmMuIvu1
MGTmUHnAaaevuldhaWYbLmiRQrDSAr5UT80NOB7u+CRmJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org