Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/BkduS0moJkSyDSPVfgOzF9EigAs.roa
File: BkduS0moJkSyDSPVfgOzF9EigAs.roa (raw, json)
Hash identifier: 1kpzpCRuCRGDGJzaM+ljPjsh/veqfAFa7b2dEWfDzFg=
Subject key identifier: 06:47:6E:4B:49:A8:26:44:B2:0D:23:D5:7E:03:B3:17:D1:22:80:0B
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0A76
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/BkduS0moJkSyDSPVfgOzF9EigAs.roa
Signing time: Wed 29 Sep 2021 02:42:49 +0000
ROA not before: Wed 29 Sep 2021 02:42:49 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 124.150.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2678 (0xa76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 29 02:42:49 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=06476E4B49A82644B20D23D57E03B317D122800B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5c:c6:9c:5b:2b:2f:4e:a4:f8:1f:4f:8a:e8:
ad:11:d9:a0:24:35:f4:ff:0b:7c:44:16:0d:33:f8:
0b:19:13:89:ad:be:40:a0:10:b7:80:df:ed:90:ee:
6a:5f:70:b9:33:a2:65:13:30:9e:ad:16:8e:75:f6:
9c:52:84:16:d8:1a:1a:f7:84:17:33:0e:47:90:a1:
ee:2d:49:80:30:2b:3c:f3:d5:ad:21:2f:fb:8a:32:
8f:91:21:b6:f1:34:c7:aa:fc:da:a8:00:fb:f7:16:
ee:cc:00:71:38:28:87:79:ca:17:4f:79:bd:87:0e:
c4:97:88:67:7e:98:76:11:90:b6:6f:6e:a3:83:14:
90:02:09:57:43:79:6a:b7:2c:11:8d:57:46:ce:f1:
41:f7:84:65:64:63:03:86:6e:58:bf:25:a5:f2:99:
21:a4:47:8a:7e:00:ae:72:82:61:ff:0c:d8:7b:7e:
46:5e:ac:9b:5f:ec:ff:b1:3e:02:8c:d2:d8:0b:df:
f9:70:46:17:f2:e3:98:b3:94:f7:cf:ce:ce:0a:a9:
05:8e:35:91:99:09:dd:73:f1:89:b0:17:9f:76:b3:
35:e7:41:2a:66:4b:1c:f3:9c:cb:64:1b:e2:2e:08:
6b:d2:30:ca:f2:31:25:8c:37:b9:af:38:cf:bb:e1:
62:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:47:6E:4B:49:A8:26:44:B2:0D:23:D5:7E:03:B3:17:D1:22:80:0B
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/BkduS0moJkSyDSPVfgOzF9EigAs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:d4:85:b9:66:6f:40:b2:fc:70:19:1a:11:f1:aa:b1:5f:6a:
bc:93:ec:79:73:fc:10:af:9d:c1:14:c1:f5:4d:73:be:91:32:
43:9c:34:24:76:ae:a0:c1:e2:37:f2:46:0f:80:61:00:c4:bb:
66:aa:ed:5c:c6:24:24:6e:95:0b:89:56:f2:49:c2:7d:70:01:
a6:6b:88:7f:be:a5:5a:7c:cf:33:29:26:6f:46:de:a9:bf:be:
51:c2:ec:29:83:58:36:3c:4e:3f:c0:3f:80:6a:e0:6b:dc:66:
26:ca:f7:b0:05:74:2f:31:ca:90:f9:69:11:c3:cd:33:c2:ab:
f3:e7:a5:dc:f6:c4:2d:e4:a5:98:28:a0:3f:83:1f:7c:90:17:
6e:ca:b2:12:36:43:b5:06:5a:f8:84:92:33:69:3d:6d:2b:1f:
ee:00:c9:1c:ae:44:3b:1a:79:88:6d:2c:28:c6:9b:4c:99:a9:
78:0c:80:9f:51:2f:67:a0:7b:e7:8a:66:69:44:00:71:fb:8e:
67:10:96:99:3e:c8:22:d2:f4:e3:f6:c7:25:d0:da:12:05:49:
fc:10:96:6f:db:1e:42:7b:bb:7c:90:d5:8a:1f:a9:f5:ff:d1:
10:3c:b2:a4:5f:c6:ff:a2:3f:bb:c9:91:f3:d0:22:89:cc:59:
90:0d:62:b6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTA5Mjkw
MjQyNDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA2NDc2RTRCNDlBODI2
NDRCMjBEMjNENTdFMDNCMzE3RDEyMjgwMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrXMacWysvTqT4H0+K6K0R2aAkNfT/C3xEFg0z+AsZE4mtvkCg
ELeA3+2Q7mpfcLkzomUTMJ6tFo519pxShBbYGhr3hBczDkeQoe4tSYAwKzzz1a0h
L/uKMo+RIbbxNMeq/NqoAPv3Fu7MAHE4KId5yhdPeb2HDsSXiGd+mHYRkLZvbqOD
FJACCVdDeWq3LBGNV0bO8UH3hGVkYwOGbli/JaXymSGkR4p+AK5ygmH/DNh7fkZe
rJtf7P+xPgKM0tgL3/lwRhfy45izlPfPzs4KqQWONZGZCd1z8YmwF592szXnQSpm
SxzznMtkG+IuCGvSMMryMSWMN7mvOM+74WIvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUBkduS0moJkSyDSPVfgOzF9EigAswHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vQmtkdVMwbW9Ka1N5RFNQVmZnT3pG
OUVpZ0FzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHyWgTAN
BgkqhkiG9w0BAQsFAAOCAQEAqNSFuWZvQLL8cBkaEfGqsV9qvJPseXP8EK+dwRTB
9U1zvpEyQ5w0JHauoMHiN/JGD4BhAMS7ZqrtXMYkJG6VC4lW8knCfXABpmuIf76l
WnzPMykmb0beqb++UcLsKYNYNjxOP8A/gGrga9xmJsr3sAV0LzHKkPlpEcPNM8Kr
8+el3PbELeSlmCigP4MffJAXbsqyEjZDtQZa+ISSM2k9bSsf7gDJHK5EOxp5iG0s
KMabTJmpeAyAn1EvZ6B754pmaUQAcfuOZxCWmT7IItL04/bHJdDaEgVJ/BCWb9se
Qnu7fJDVih+p9f/REDyypF/G/6I/u8mR89AiicxZkA1itg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org