Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/HQzwV0PpK2KlQ1pinvxcsLu-ycg.roa
File: HQzwV0PpK2KlQ1pinvxcsLu-ycg.roa (raw, json)
Hash identifier: c4S59J0Wrh1d7RxsMDSwva445XstXt7VTY+xLfSPLyA=
Subject key identifier: 1D:0C:F0:57:43:E9:2B:62:A5:43:5A:62:9E:FC:5C:B0:BB:BE:C9:C8
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0A8D
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/HQzwV0PpK2KlQ1pinvxcsLu-ycg.roa
Signing time: Wed 06 Oct 2021 07:03:58 +0000
ROA not before: Wed 06 Oct 2021 07:03:58 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 223.27.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2701 (0xa8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Oct 6 07:03:58 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=1D0CF05743E92B62A5435A629EFC5CB0BBBEC9C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:56:52:97:ca:93:af:a9:d0:19:93:c8:7b:fe:
8c:25:8e:85:e9:42:8d:72:3e:15:be:52:d7:8a:ef:
95:05:0c:9a:38:92:cd:bb:a9:cb:52:32:e4:c9:53:
42:b4:04:af:28:32:d9:62:37:3d:37:1a:a5:9f:e0:
e0:fe:9f:76:bf:a3:94:79:1d:83:42:ac:53:15:d8:
00:ca:86:31:b5:09:0e:8a:4b:76:41:1b:df:98:76:
8b:5e:09:fb:f2:f4:7c:2d:37:19:ce:a2:85:28:6e:
93:34:87:e8:7c:e8:ef:83:53:41:2e:96:59:39:63:
b5:ee:a7:0e:aa:2b:9d:f4:1d:56:dc:ec:c8:a5:1c:
94:c4:4a:f8:51:89:b9:43:6e:8f:0e:1a:c7:cf:5d:
41:f3:6f:fb:42:eb:84:71:17:f6:0d:6f:0c:a0:d0:
ca:83:76:d7:26:4f:e7:09:78:61:25:0e:b7:44:44:
1d:90:9f:4b:3a:26:b5:b1:a0:20:8f:a7:72:b4:28:
ed:17:59:33:bd:6e:8b:be:4e:86:60:ea:19:62:31:
73:da:a6:04:54:10:90:b1:2f:c4:c1:94:94:ef:91:
75:56:0b:57:fd:5d:8a:d3:c5:31:16:e5:c9:0c:2a:
ba:f5:c1:5f:56:14:c5:89:68:4f:e0:44:6f:07:40:
98:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0C:F0:57:43:E9:2B:62:A5:43:5A:62:9E:FC:5C:B0:BB:BE:C9:C8
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/HQzwV0PpK2KlQ1pinvxcsLu-ycg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.40.0/21
Signature Algorithm: sha256WithRSAEncryption
98:e2:4f:d6:97:ee:7c:35:b3:7a:8b:e1:c4:cc:56:49:fd:43:
ca:dd:b9:42:8e:c6:38:83:f7:a1:67:c8:24:a1:b3:6d:76:8e:
73:7c:83:2c:3a:7d:ed:04:c2:78:52:52:93:1f:f0:9d:89:d3:
57:b8:74:9b:b2:84:50:8e:eb:07:c4:a3:07:4c:b6:8a:38:28:
48:51:de:c9:29:26:e0:df:b3:dd:58:fb:0c:cc:e4:fd:97:cf:
ca:15:0e:4c:8a:1e:fb:31:e1:4b:c7:42:54:fa:03:ae:40:7b:
64:41:d7:1e:15:2b:c3:49:b1:2c:ed:52:f4:ba:2d:3a:81:6a:
9b:77:b9:06:c6:f7:ca:51:d0:9f:15:34:3e:50:a1:84:3f:51:
11:d5:d8:27:79:00:f6:31:d8:b3:b7:0a:ba:87:7e:3f:0c:10:
96:45:25:c5:f6:a5:f2:86:f7:9b:94:ab:87:35:ff:8d:cc:79:
cf:d7:55:e1:6d:8a:e8:98:6c:53:97:3b:54:cf:20:9d:48:f5:
04:7f:d7:b8:f7:65:ab:74:44:66:26:73:aa:d1:6d:08:a8:cc:
d7:58:1d:9a:17:e8:ee:44:52:f8:8e:8b:6a:73:d9:e9:ea:2a:
b0:8f:70:5c:fb:75:ee:b7:e1:9c:46:ac:7a:ff:bb:99:9a:f5:
ac:c2:c9:12
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTEwMDYw
NzAzNThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFEMENGMDU3NDNFOTJC
NjJBNTQzNUE2MjlFRkM1Q0IwQkJCRUM5QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0VlKXypOvqdAZk8h7/owljoXpQo1yPhW+UteK75UFDJo4ks27
qctSMuTJU0K0BK8oMtliNz03GqWf4OD+n3a/o5R5HYNCrFMV2ADKhjG1CQ6KS3ZB
G9+YdoteCfvy9HwtNxnOooUobpM0h+h86O+DU0Eullk5Y7Xupw6qK530HVbc7Mil
HJTESvhRiblDbo8OGsfPXUHzb/tC64RxF/YNbwyg0MqDdtcmT+cJeGElDrdERB2Q
n0s6JrWxoCCPp3K0KO0XWTO9bou+ToZg6hliMXPapgRUEJCxL8TBlJTvkXVWC1f9
XYrTxTEW5ckMKrr1wV9WFMWJaE/gRG8HQJgHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHQzwV0PpK2KlQ1pinvxcsLu+ycgwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vSFF6d1YwUHBLMktsUTFwaW52eGNz
THUteWNnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA98bKDAN
BgkqhkiG9w0BAQsFAAOCAQEAmOJP1pfufDWzeovhxMxWSf1Dyt25Qo7GOIP3oWfI
JKGzbXaOc3yDLDp97QTCeFJSkx/wnYnTV7h0m7KEUI7rB8SjB0y2ijgoSFHeySkm
4N+z3Vj7DMzk/ZfPyhUOTIoe+zHhS8dCVPoDrkB7ZEHXHhUrw0mxLO1S9LotOoFq
m3e5Bsb3ylHQnxU0PlChhD9REdXYJ3kA9jHYs7cKuod+PwwQlkUlxfal8ob3m5Sr
hzX/jcx5z9dV4W2K6JhsU5c7VM8gnUj1BH/XuPdlq3REZiZzqtFtCKjM11gdmhfo
7kRS+I6LanPZ6eoqsI9wXPt17rfhnEasev+7mZr1rMLJEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org