Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/GzWUDk_bEcpH6nKDtwnxhC8PNnk.roa
File: GzWUDk_bEcpH6nKDtwnxhC8PNnk.roa (raw, json)
Hash identifier: f7h+TcpF7z5+fmSzu2iJm+eIZE+tb2v5KT/MdLQnBtQ=
Subject key identifier: 1B:35:94:0E:4F:DB:11:CA:47:EA:72:83:B7:09:F1:84:2F:0F:36:79
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0A6D
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/GzWUDk_bEcpH6nKDtwnxhC8PNnk.roa
Signing time: Wed 29 Sep 2021 02:42:46 +0000
ROA not before: Wed 29 Sep 2021 02:42:46 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 223.27.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2669 (0xa6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 29 02:42:46 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=1B35940E4FDB11CA47EA7283B709F1842F0F3679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cd:be:fd:4b:25:43:31:bc:8d:4d:3a:26:a8:
05:71:cb:a0:40:c9:34:9e:f9:8c:2f:4f:33:2c:8d:
2d:36:91:21:3a:5c:02:f6:25:af:36:3a:31:e6:37:
06:5d:d7:2d:67:58:0b:be:53:de:29:db:31:cf:50:
03:e8:1e:ee:6c:9a:fe:0a:0d:e9:4e:20:71:0f:a0:
44:7c:8e:fd:27:23:07:69:d0:e3:1f:38:0e:19:09:
88:59:4c:9c:e8:81:94:19:ca:0c:41:fc:24:01:2e:
46:2e:01:7b:35:8c:c6:47:a6:9b:b1:0d:48:ce:29:
b0:4c:2d:86:7f:74:13:6e:7a:5d:03:4b:e2:44:92:
f5:a8:b7:1c:96:66:96:b8:aa:bc:a5:c2:86:0f:8e:
b5:da:ea:da:6e:9a:8b:2b:d9:a6:a6:10:b0:e0:77:
54:13:fa:02:69:87:b9:85:2a:25:82:e0:74:61:4c:
13:54:ce:ca:f0:50:a7:7c:67:57:36:9c:0c:2c:9c:
4d:36:4b:da:d2:6b:74:ca:d3:c8:be:f3:d6:c5:55:
4c:05:cc:ee:e2:a4:18:02:d3:8f:ea:95:6a:42:36:
b4:36:e0:42:ca:b6:cf:5e:dc:f3:17:e7:55:1f:25:
c6:1e:0f:48:3f:f5:30:e4:a5:bb:e9:78:da:48:7d:
d4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:35:94:0E:4F:DB:11:CA:47:EA:72:83:B7:09:F1:84:2F:0F:36:79
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/GzWUDk_bEcpH6nKDtwnxhC8PNnk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.34.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ec:da:69:2a:eb:8c:aa:ed:f0:36:3d:22:e1:80:bc:65:dd:
19:de:2b:55:fc:fb:9d:fa:fb:9e:88:3a:4b:98:6d:27:e6:e7:
52:af:d1:6a:5d:4d:db:45:12:b6:2e:34:89:f5:0d:9d:ed:c1:
3c:c6:4e:85:2e:84:ac:af:d2:01:01:1a:02:55:fc:86:c5:f3:
69:49:cf:23:c0:bb:91:1e:f7:53:62:c4:1c:5d:0b:f5:96:ed:
f1:16:98:bf:ed:cd:2a:22:7a:95:81:52:1e:90:12:26:5d:a5:
a3:e5:ce:4e:c0:6a:36:8e:bf:70:eb:94:31:53:48:d9:1c:d3:
48:d2:e6:8f:cc:93:a4:82:c6:78:0b:d6:7e:63:9d:f1:64:c8:
54:86:68:da:a0:7c:6f:54:3b:10:7c:57:a1:1a:d7:00:b1:ad:
d0:32:64:0b:61:09:0b:97:e4:9f:ed:1a:b4:b5:66:ba:31:36:
ac:fe:0b:86:cf:90:e1:ac:7f:f2:c8:a0:5e:b1:23:a4:ed:bb:
c4:62:98:67:43:d3:51:f5:ba:7b:11:3c:a7:48:37:4c:02:89:
38:c1:f9:7d:c2:27:2c:9f:cb:f0:4e:9c:62:ec:6e:65:75:9e:
bd:2f:26:6c:92:61:98:1e:9f:70:96:f9:84:ed:c8:00:d6:44:
10:b1:1e:c6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCm0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTA5Mjkw
MjQyNDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFCMzU5NDBFNEZEQjEx
Q0E0N0VBNzI4M0I3MDlGMTg0MkYwRjM2NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSzb79SyVDMbyNTTomqAVxy6BAyTSe+YwvTzMsjS02kSE6XAL2
Ja82OjHmNwZd1y1nWAu+U94p2zHPUAPoHu5smv4KDelOIHEPoER8jv0nIwdp0OMf
OA4ZCYhZTJzogZQZygxB/CQBLkYuAXs1jMZHppuxDUjOKbBMLYZ/dBNuel0DS+JE
kvWotxyWZpa4qrylwoYPjrXa6tpumosr2aamELDgd1QT+gJph7mFKiWC4HRhTBNU
zsrwUKd8Z1c2nAwsnE02S9rSa3TK08i+89bFVUwFzO7ipBgC04/qlWpCNrQ24ELK
ts9e3PMX51UfJcYeD0g/9TDkpbvpeNpIfdQ1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUGzWUDk/bEcpH6nKDtwnxhC8PNnkwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vR3pXVURrX2JFY3BINm5LRHR3bnho
QzhQTm5rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bIjAN
BgkqhkiG9w0BAQsFAAOCAQEAUezaaSrrjKrt8DY9IuGAvGXdGd4rVfz7nfr7nog6
S5htJ+bnUq/Ral1N20USti40ifUNne3BPMZOhS6ErK/SAQEaAlX8hsXzaUnPI8C7
kR73U2LEHF0L9Zbt8RaYv+3NKiJ6lYFSHpASJl2lo+XOTsBqNo6/cOuUMVNI2RzT
SNLmj8yTpILGeAvWfmOd8WTIVIZo2qB8b1Q7EHxXoRrXALGt0DJkC2EJC5fkn+0a
tLVmujE2rP4Lhs+Q4ax/8sigXrEjpO27xGKYZ0PTUfW6exE8p0g3TAKJOMH5fcIn
LJ/L8E6cYuxuZXWevS8mbJJhmB6fcJb5hO3IANZEELEexg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org