Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/F2mXkRcQEIIqhVfauFQA0reR2rM.roa
File: F2mXkRcQEIIqhVfauFQA0reR2rM.roa (raw, json)
Hash identifier: ZfyOp/oELEQWxaZy7GsURB7eOKM2N8wgmdBkvg4xG2Q=
Subject key identifier: 17:69:97:91:17:10:10:82:2A:85:57:DA:B8:54:00:D2:B7:91:DA:B3
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0947
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/F2mXkRcQEIIqhVfauFQA0reR2rM.roa
Signing time: Sun 07 Feb 2021 11:53:43 +0000
ROA not before: Sun 07 Feb 2021 11:53:43 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 124.150.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2375 (0x947)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 7 11:53:43 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=17699791171010822A8557DAB85400D2B791DAB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:15:94:4b:b1:fc:0f:5d:3b:49:b0:55:8e:c7:
7c:d8:bc:ee:88:58:4d:06:a5:a9:84:1e:13:35:9c:
b6:4e:95:aa:cf:fa:1e:44:8a:d5:03:49:80:fd:91:
28:ec:6b:47:0c:8d:ed:ad:e4:97:7d:20:6b:e9:80:
c1:f3:11:64:c9:47:6e:ff:5c:37:04:76:d6:90:c4:
8f:69:f6:29:d8:61:c9:f7:d9:b9:d7:a2:63:bf:22:
90:6e:16:16:2d:a0:31:65:b9:a5:77:72:99:9c:72:
a8:31:84:d7:fe:ad:df:19:57:aa:a7:2c:a0:01:fd:
0c:76:5f:b4:b6:af:28:59:fa:8a:17:51:99:90:cd:
bb:cd:35:97:7a:29:e0:8a:13:14:1f:01:86:24:a3:
79:44:23:1e:77:58:d2:35:c6:f8:d0:fc:6a:55:1a:
01:51:4d:d8:a8:e0:1f:48:17:a4:5f:5c:e4:29:11:
ad:7f:6b:05:0c:b6:76:81:ae:68:29:fe:68:be:ad:
78:eb:22:42:6b:7b:4c:72:c2:95:39:70:9f:18:d3:
49:71:88:79:ba:db:07:62:2f:eb:47:ce:e1:d0:4f:
d9:f7:e3:dc:86:7a:9c:b7:0c:6a:39:a1:c1:3f:41:
14:bf:4c:d0:9c:29:3a:c9:5d:fa:6f:35:69:7b:b7:
24:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:69:97:91:17:10:10:82:2A:85:57:DA:B8:54:00:D2:B7:91:DA:B3
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/F2mXkRcQEIIqhVfauFQA0reR2rM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.128.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:73:bc:6c:6a:ea:1c:72:82:d2:1a:5c:93:86:0f:a6:f0:10:
60:f9:8e:fd:f4:79:47:b6:70:9f:91:1a:a5:ff:93:ea:22:3d:
7e:a1:bd:a2:bf:18:d9:75:0b:27:e8:a4:3d:dd:09:86:b6:e4:
09:70:f4:a5:9f:4d:86:61:74:8d:25:17:df:6d:c1:df:bc:51:
db:34:c4:03:5c:8d:3a:b7:71:34:8a:3d:e4:55:85:40:40:f3:
45:e1:bb:78:a0:c0:19:c5:ac:4e:26:45:bd:20:43:f8:c1:2d:
14:a0:0a:af:15:cd:09:a8:e8:cc:fc:72:d7:aa:04:dc:75:1e:
eb:72:8b:68:ab:c2:83:3c:68:9d:08:35:37:fb:81:c7:4e:90:
44:0d:1d:7f:bd:3a:38:0d:96:73:36:90:6b:28:67:3c:a6:92:
3e:d6:50:ed:0e:e3:c4:49:5b:ff:95:9d:65:bd:d2:69:02:d9:
75:91:7e:5a:9e:fa:0f:e8:ed:bd:52:31:aa:bc:9a:14:2a:2a:
4f:e8:a1:26:7b:85:db:9c:65:c6:5e:6c:a7:95:a6:3f:3d:13:
bd:b0:7f:dc:2c:5d:49:c7:fe:95:1f:fb:a6:42:b6:9d:75:1e:
1d:40:95:30:63:49:e9:d1:6a:28:8b:0e:a4:b5:75:68:99:98:
1c:ee:79:86
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCUcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MTUzNDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDE3Njk5NzkxMTcxMDEw
ODIyQTg1NTdEQUI4NTQwMEQyQjc5MURBQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyFZRLsfwPXTtJsFWOx3zYvO6IWE0GpamEHhM1nLZOlarP+h5E
itUDSYD9kSjsa0cMje2t5Jd9IGvpgMHzEWTJR27/XDcEdtaQxI9p9inYYcn32bnX
omO/IpBuFhYtoDFluaV3cpmccqgxhNf+rd8ZV6qnLKAB/Qx2X7S2ryhZ+ooXUZmQ
zbvNNZd6KeCKExQfAYYko3lEIx53WNI1xvjQ/GpVGgFRTdio4B9IF6RfXOQpEa1/
awUMtnaBrmgp/mi+rXjrIkJre0xywpU5cJ8Y00lxiHm62wdiL+tHzuHQT9n349yG
epy3DGo5ocE/QRS/TNCcKTrJXfpvNWl7tyTfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUF2mXkRcQEIIqhVfauFQA0reR2rMwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vRjJtWGtSY1FFSUlxaFZmYXVGUUEw
cmVSMnJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3yWgDAN
BgkqhkiG9w0BAQsFAAOCAQEAPHO8bGrqHHKC0hpck4YPpvAQYPmO/fR5R7Zwn5Ea
pf+T6iI9fqG9or8Y2XULJ+ikPd0JhrbkCXD0pZ9NhmF0jSUX323B37xR2zTEA1yN
OrdxNIo95FWFQEDzReG7eKDAGcWsTiZFvSBD+MEtFKAKrxXNCajozPxy16oE3HUe
63KLaKvCgzxonQg1N/uBx06QRA0df706OA2WczaQayhnPKaSPtZQ7Q7jxElb/5Wd
Zb3SaQLZdZF+Wp76D+jtvVIxqryaFCoqT+ihJnuF25xlxl5sp5WmPz0TvbB/3Cxd
Scf+lR/7pkK2nXUeHUCVMGNJ6dFqKIsOpLV1aJmYHO55hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org