Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/H2X4Sp8I0K25Uq20tjBtpwFYJIk.roa
File: H2X4Sp8I0K25Uq20tjBtpwFYJIk.roa (raw, json)
Hash identifier: ubK9BhgfjHn5JEIsIACk71+1q1z3qB6B+JQUR1W01e4=
Subject key identifier: 1F:65:F8:4A:9F:08:D0:AD:B9:52:AD:B4:B6:30:6D:A7:01:58:24:89
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08EC
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/H2X4Sp8I0K25Uq20tjBtpwFYJIk.roa
Signing time: Fri 11 Dec 2020 09:07:39 +0000
ROA not before: Fri 11 Dec 2020 09:07:39 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 223.27.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2284 (0x8ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 09:07:39 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1F65F84A9F08D0ADB952ADB4B6306DA701582489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f5:e4:23:a8:78:e8:69:f7:df:43:4a:44:66:
b3:68:6e:de:14:f7:87:55:c0:10:57:02:c3:09:0f:
8f:b2:98:9f:60:e5:6e:c2:81:a3:f2:d5:08:0f:29:
c7:2b:0e:97:2e:52:41:f5:51:ce:6c:7b:5b:7a:ec:
a1:79:d6:d8:98:e6:85:38:8d:cd:f9:81:0e:d7:cd:
d3:11:6a:ed:1b:cd:6b:ad:4c:af:c7:16:f9:47:e9:
fa:6a:26:10:4b:67:63:5e:97:ef:a3:16:d8:7e:bd:
c6:14:1b:4d:38:b7:d3:a6:99:1b:20:46:bc:57:b6:
b3:0b:87:2a:d9:15:15:e5:6c:e7:17:7f:92:af:8e:
1a:33:44:d6:b2:a2:ac:26:ec:9b:b5:82:f7:8a:9d:
c1:c1:73:ed:9e:e8:12:bd:13:8e:5d:dc:84:82:8e:
44:bd:94:3b:b9:88:91:18:ca:7c:f7:30:33:2b:83:
b3:3b:b9:a0:fe:90:fa:ba:73:14:a5:3b:f6:b9:e3:
7f:72:2e:95:c0:69:3b:98:b9:b8:4e:77:7e:94:f5:
0d:3d:cf:70:12:aa:d2:9a:4a:28:a3:b2:07:27:f7:
3f:83:38:56:29:9c:79:2f:f4:b2:9c:d0:75:43:06:
ed:fc:11:16:dd:b5:a4:c8:5d:23:dd:aa:e7:c7:06:
df:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:65:F8:4A:9F:08:D0:AD:B9:52:AD:B4:B6:30:6D:A7:01:58:24:89
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/H2X4Sp8I0K25Uq20tjBtpwFYJIk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.60.0/24
Signature Algorithm: sha256WithRSAEncryption
64:41:89:0f:c7:f9:ae:4d:6d:e0:e8:3c:af:bf:71:9c:32:0a:
54:2b:cc:13:d4:15:cf:2f:35:ee:c5:1b:4c:99:d8:2e:fa:4a:
55:13:17:4d:7e:f5:f0:38:7a:d8:e5:09:6b:91:82:c3:37:6b:
89:87:49:b2:bb:d4:44:69:4f:82:31:c1:d9:d0:81:02:26:ab:
3a:60:26:73:65:ac:90:d6:2c:a9:45:f2:cb:56:ce:c8:41:86:
77:6b:12:0f:22:32:33:32:fe:dc:63:dd:5a:00:18:1d:41:83:
08:bc:40:38:dc:7c:10:a9:a5:3b:d0:a8:74:d4:35:b6:5c:76:
24:44:84:8c:15:29:ab:ec:8c:f6:a6:02:73:87:4b:e0:b8:f0:
76:5d:a4:bc:6c:89:9a:ff:f2:ab:37:8f:79:80:58:62:b3:0e:
73:fa:3d:f4:c1:11:50:2a:43:cd:5c:fa:fd:af:02:2c:6d:d7:
2e:e7:74:14:5e:04:35:3f:9b:06:14:b2:74:b1:a3:57:fe:16:
be:d0:a0:ff:50:36:a3:8f:3c:34:b2:07:6c:99:4a:e1:09:eb:
5b:05:ee:16:95:bb:39:d3:e8:ce:1c:0e:86:c7:85:10:2c:6f:
94:ca:60:9a:fc:b8:7a:61:5a:e9:ac:8c:2e:c7:67:ee:98:d7:
f6:2c:a4:5c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
OTA3MzlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFGNjVGODRBOUYwOEQw
QURCOTUyQURCNEI2MzA2REE3MDE1ODI0ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl9eQjqHjoafffQ0pEZrNobt4U94dVwBBXAsMJD4+ymJ9g5W7C
gaPy1QgPKccrDpcuUkH1Uc5se1t67KF51tiY5oU4jc35gQ7XzdMRau0bzWutTK/H
FvlH6fpqJhBLZ2Nel++jFth+vcYUG004t9OmmRsgRrxXtrMLhyrZFRXlbOcXf5Kv
jhozRNayoqwm7Ju1gveKncHBc+2e6BK9E45d3ISCjkS9lDu5iJEYynz3MDMrg7M7
uaD+kPq6cxSlO/a5439yLpXAaTuYubhOd36U9Q09z3ASqtKaSiijsgcn9z+DOFYp
nHkv9LKc0HVDBu38ERbdtaTIXSPdqufHBt8TAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUH2X4Sp8I0K25Uq20tjBtpwFYJIkwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vSDJYNFNwOEkwSzI1VXEyMHRqQnRw
d0ZZSklrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bPDAN
BgkqhkiG9w0BAQsFAAOCAQEAZEGJD8f5rk1t4Og8r79xnDIKVCvME9QVzy817sUb
TJnYLvpKVRMXTX718Dh62OUJa5GCwzdriYdJsrvURGlPgjHB2dCBAiarOmAmc2Ws
kNYsqUXyy1bOyEGGd2sSDyIyMzL+3GPdWgAYHUGDCLxAONx8EKmlO9CodNQ1tlx2
JESEjBUpq+yM9qYCc4dL4Ljwdl2kvGyJmv/yqzePeYBYYrMOc/o99MERUCpDzVz6
/a8CLG3XLud0FF4ENT+bBhSydLGjV/4WvtCg/1A2o488NLIHbJlK4QnrWwXuFpW7
OdPozhwOhseFECxvlMpgmvy4emFa6ayMLsdn7pjX9iykXA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org