Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/DeNJGTC9ukI3EXhOY1Dbc73E1yY.roa
File: DeNJGTC9ukI3EXhOY1Dbc73E1yY.roa (raw, json)
Hash identifier: VsQVM9ival5m1DBevEybdB7bTHVlcjWJY+ImG4UV8eQ=
Subject key identifier: 0D:E3:49:19:30:BD:BA:42:37:11:78:4E:63:50:DB:73:BD:C4:D7:26
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08CE
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/DeNJGTC9ukI3EXhOY1Dbc73E1yY.roa
Signing time: Fri 11 Dec 2020 09:04:03 +0000
ROA not before: Fri 11 Dec 2020 09:04:03 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 223.27.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2254 (0x8ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 09:04:03 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=0DE3491930BDBA423711784E6350DB73BDC4D726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:52:60:62:a2:2e:c4:6d:d5:77:be:47:59:b5:
9a:ed:f5:05:4d:30:97:5b:59:fc:2c:50:0b:fb:75:
04:75:b8:d0:7b:f7:da:41:3f:fc:55:5c:22:8b:4a:
48:83:41:0f:69:a6:1c:d2:39:fb:72:e0:8e:0d:07:
81:3c:e0:f2:e0:4c:dd:b7:d7:93:1b:15:48:fa:c4:
b9:ac:62:f5:83:49:c1:87:18:51:0b:5e:09:8a:c5:
1c:75:01:61:55:ed:4d:03:31:5b:c2:6c:22:a3:e0:
29:72:33:89:3a:34:65:e8:86:56:53:ff:3a:57:da:
6a:da:ab:2b:1c:71:56:6a:c3:c6:8c:a3:68:78:bb:
fe:75:fb:2f:b2:47:e2:cd:ae:4f:c9:4e:e6:9c:09:
0a:b4:0f:33:2c:5b:14:ac:a7:f0:66:bb:37:46:38:
c9:4e:00:8e:6f:59:23:9e:4f:cd:fc:33:b4:dc:7c:
07:35:bb:9f:ec:c0:f4:b8:5c:e1:19:e5:77:24:bb:
5d:fa:34:4a:8f:69:47:8e:0d:1c:cc:cb:77:f7:3d:
f4:52:d6:6c:79:dd:45:1a:ea:eb:9d:6d:66:55:90:
74:06:86:9e:f2:7b:30:03:92:8e:11:ec:80:d9:b2:
bd:eb:6e:e4:48:b3:eb:63:fe:ed:95:7f:66:7b:a7:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E3:49:19:30:BD:BA:42:37:11:78:4E:63:50:DB:73:BD:C4:D7:26
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/DeNJGTC9ukI3EXhOY1Dbc73E1yY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.32.0/24
Signature Algorithm: sha256WithRSAEncryption
41:58:e2:bd:62:c7:ab:d4:97:c2:ca:8c:84:8e:ef:58:13:35:
eb:06:dc:5f:c8:df:f6:94:54:ac:40:07:81:ea:c4:d0:eb:a2:
37:5c:f3:77:35:da:b3:38:ec:65:54:44:19:24:8d:a5:cb:38:
fe:44:c0:3f:95:78:55:e3:4a:60:20:be:70:97:58:42:b1:b1:
ab:d0:7a:b3:4f:7a:34:4e:df:ae:9c:67:13:fc:1c:0c:bd:07:
64:ee:06:38:d7:64:f1:17:08:59:63:37:a9:02:57:da:c4:e7:
3d:d1:c5:0e:0a:23:ec:a6:57:a4:6e:1e:9a:3c:40:28:45:e5:
79:3c:03:31:bc:81:37:19:2f:3e:a8:c2:33:77:24:5c:45:8d:
99:9c:cd:d4:e7:8a:d0:fe:b0:bb:21:6e:a3:b8:0a:3e:96:01:
d9:2e:1c:c3:aa:3b:8d:39:6d:80:80:70:0f:e7:4c:90:b8:e9:
df:5a:59:f7:89:47:7a:ab:cb:a0:05:14:5d:e6:14:65:89:e3:
34:5d:cd:65:fa:84:6c:1d:ed:30:37:fa:70:6e:48:de:5c:b0:
bd:4d:18:2e:0c:09:64:e3:b5:69:54:17:a5:4a:2e:bc:b0:4a:
18:8c:db:e4:3e:26:97:8a:18:ec:53:87:b7:5b:ac:47:d0:30:
a3:91:e7:16
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCM4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
OTA0MDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBERTM0OTE5MzBCREJB
NDIzNzExNzg0RTYzNTBEQjczQkRDNEQ3MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjUmBioi7EbdV3vkdZtZrt9QVNMJdbWfwsUAv7dQR1uNB799pB
P/xVXCKLSkiDQQ9pphzSOfty4I4NB4E84PLgTN2315MbFUj6xLmsYvWDScGHGFEL
XgmKxRx1AWFV7U0DMVvCbCKj4ClyM4k6NGXohlZT/zpX2mraqysccVZqw8aMo2h4
u/51+y+yR+LNrk/JTuacCQq0DzMsWxSsp/BmuzdGOMlOAI5vWSOeT838M7TcfAc1
u5/swPS4XOEZ5Xcku136NEqPaUeODRzMy3f3PfRS1mx53UUa6uudbWZVkHQGhp7y
ezADko4R7IDZsr3rbuRIs+tj/u2Vf2Z7p3o5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUDeNJGTC9ukI3EXhOY1Dbc73E1yYwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vRGVOSkdUQzl1a0kzRVhoT1kxRGJj
NzNFMXlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bIDAN
BgkqhkiG9w0BAQsFAAOCAQEAQVjivWLHq9SXwsqMhI7vWBM16wbcX8jf9pRUrEAH
gerE0OuiN1zzdzXaszjsZVREGSSNpcs4/kTAP5V4VeNKYCC+cJdYQrGxq9B6s096
NE7frpxnE/wcDL0HZO4GONdk8RcIWWM3qQJX2sTnPdHFDgoj7KZXpG4emjxAKEXl
eTwDMbyBNxkvPqjCM3ckXEWNmZzN1OeK0P6wuyFuo7gKPpYB2S4cw6o7jTltgIBw
D+dMkLjp31pZ94lHeqvLoAUUXeYUZYnjNF3NZfqEbB3tMDf6cG5I3lywvU0YLgwJ
ZOO1aVQXpUouvLBKGIzb5D4ml4oY7FOHt1usR9Awo5HnFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org