Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/DGBAwopjbKXZrgBq-xFlxo2kJAE.roa
File: DGBAwopjbKXZrgBq-xFlxo2kJAE.roa (raw, json)
Hash identifier: gXYK44Pb1AyrZ9kTdj7n6taHqRAsIX44jz1uDP/Q5R4=
Subject key identifier: 0C:60:40:C2:8A:63:6C:A5:D9:AE:00:6A:FB:11:65:C6:8D:A4:24:01
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 096D
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/DGBAwopjbKXZrgBq-xFlxo2kJAE.roa
Signing time: Sun 07 Feb 2021 13:09:07 +0000
ROA not before: Sun 07 Feb 2021 13:09:07 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 198949
IP address blocks: 223.27.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2413 (0x96d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 7 13:09:07 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=0C6040C28A636CA5D9AE006AFB1165C68DA42401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3c:bf:2f:0e:7c:c7:65:46:50:2d:48:2c:21:
46:99:9c:fb:bd:ef:a7:f1:1d:49:83:db:94:a6:2d:
27:9c:bb:7a:a6:94:ba:26:1e:93:5e:4d:55:92:c6:
ca:15:2c:a9:5e:43:47:92:ed:cb:6f:6a:af:64:b6:
44:43:58:3c:28:4f:d6:50:a9:16:94:8f:aa:8c:78:
82:49:45:66:c6:a7:a7:91:2c:57:4a:10:6c:e9:c2:
ba:5e:07:a6:0b:1e:f0:4e:6b:13:71:c6:84:de:bf:
b5:f7:7b:e7:7b:80:24:5d:90:a3:77:2d:71:d3:32:
3a:d8:40:59:85:89:9b:20:b2:7f:b6:b8:3d:67:d3:
a8:df:89:cb:58:6f:06:f6:1e:40:48:30:8a:8c:b8:
f5:fe:36:f6:af:1c:ee:fb:d6:a5:d6:a9:51:64:47:
a9:a9:02:df:a3:1b:d7:a3:d3:fb:4b:1d:71:9b:05:
76:ea:06:08:6d:c6:b6:52:9a:8f:2d:75:d7:ee:ad:
5d:d4:93:d7:8d:ce:23:9a:b8:34:ad:f1:51:b3:0f:
90:04:9c:d5:35:19:33:bd:e5:b8:1a:4f:29:12:6b:
08:3e:83:a4:66:72:f2:7e:ac:6d:9f:ed:57:1a:04:
f8:ad:06:c4:f9:1f:e5:0a:01:4c:8a:c4:38:58:3c:
0b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:60:40:C2:8A:63:6C:A5:D9:AE:00:6A:FB:11:65:C6:8D:A4:24:01
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/DGBAwopjbKXZrgBq-xFlxo2kJAE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.42.0/24
Signature Algorithm: sha256WithRSAEncryption
20:93:34:26:e2:61:f1:35:a8:ef:15:6c:7c:32:fe:d8:0b:05:
ba:d2:a4:66:b2:7f:73:7b:ed:d3:b0:6d:d7:bd:13:73:29:a1:
d8:96:81:6f:42:cf:36:39:a5:72:7f:27:bd:df:ff:57:81:5b:
84:24:11:38:8c:00:81:a0:17:a4:fd:e9:55:7b:f1:61:b2:bf:
12:f2:04:d5:55:fb:07:37:77:1e:64:98:ab:34:dd:52:8d:12:
6c:86:2a:eb:67:6f:91:53:97:d9:f9:90:ef:1b:51:cc:4d:92:
f7:42:5a:88:1d:b1:06:82:68:cd:af:f3:c4:01:44:60:80:d6:
c5:9d:a0:f0:61:7c:20:f1:1c:15:f6:44:aa:04:b8:c5:df:e6:
63:c2:c9:84:1a:8a:63:f6:44:e2:92:a3:fe:e9:db:97:53:f1:
c3:06:eb:33:6d:57:12:b1:b1:3d:30:8b:f2:3d:18:24:85:55:
2f:ec:53:27:61:d3:4a:6d:2c:6b:aa:a8:eb:b1:97:c9:d1:63:
b6:83:b5:0d:ec:5d:06:d9:cb:d1:33:76:5b:49:be:4f:7a:ce:
5e:c7:eb:e3:04:fb:b2:4c:0d:49:b6:28:29:2e:14:05:e4:a3:
ac:ef:13:5b:ea:a9:7e:b6:3e:91:2d:8e:e4:ca:40:dd:b6:2b:
4e:2e:57:9f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCW0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MzA5MDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBDNjA0MEMyOEE2MzZD
QTVEOUFFMDA2QUZCMTE2NUM2OERBNDI0MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKPL8vDnzHZUZQLUgsIUaZnPu976fxHUmD25SmLSecu3qmlLom
HpNeTVWSxsoVLKleQ0eS7ctvaq9ktkRDWDwoT9ZQqRaUj6qMeIJJRWbGp6eRLFdK
EGzpwrpeB6YLHvBOaxNxxoTev7X3e+d7gCRdkKN3LXHTMjrYQFmFiZsgsn+2uD1n
06jfictYbwb2HkBIMIqMuPX+NvavHO771qXWqVFkR6mpAt+jG9ej0/tLHXGbBXbq
BghtxrZSmo8tddfurV3Uk9eNziOauDSt8VGzD5AEnNU1GTO95bgaTykSawg+g6Rm
cvJ+rG2f7VcaBPitBsT5H+UKAUyKxDhYPAu1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUDGBAwopjbKXZrgBq+xFlxo2kJAEwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vREdCQXdvcGpiS1hacmdCcS14Rmx4
bzJrSkFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKjAN
BgkqhkiG9w0BAQsFAAOCAQEAIJM0JuJh8TWo7xVsfDL+2AsFutKkZrJ/c3vt07Bt
170Tcymh2JaBb0LPNjmlcn8nvd//V4FbhCQROIwAgaAXpP3pVXvxYbK/EvIE1VX7
Bzd3HmSYqzTdUo0SbIYq62dvkVOX2fmQ7xtRzE2S90JaiB2xBoJoza/zxAFEYIDW
xZ2g8GF8IPEcFfZEqgS4xd/mY8LJhBqKY/ZE4pKj/unbl1PxwwbrM21XErGxPTCL
8j0YJIVVL+xTJ2HTSm0sa6qo67GXydFjtoO1DexdBtnL0TN2W0m+T3rOXsfr4wT7
skwNSbYoKS4UBeSjrO8TW+qpfrY+kS2O5MpA3bYrTi5Xnw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:24 2025 by rpki-client