Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/KwIvJWOjjGv7YLxvELwRTBS7Z4Q.roa
File: KwIvJWOjjGv7YLxvELwRTBS7Z4Q.roa (raw, json)
Hash identifier: FIItVYJ3+MAhKCURMrlBHxt9wCY3soy2aYgiYCW7vMo=
Subject key identifier: 2B:02:2F:25:63:A3:8C:6B:FB:60:BC:6F:10:BC:11:4C:14:BB:67:84
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08EA
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/KwIvJWOjjGv7YLxvELwRTBS7Z4Q.roa
Signing time: Fri 11 Dec 2020 09:07:27 +0000
ROA not before: Fri 11 Dec 2020 09:07:27 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 223.27.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2282 (0x8ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 09:07:27 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=2B022F2563A38C6BFB60BC6F10BC114C14BB6784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b7:62:3c:fb:cf:c2:22:fb:a0:2a:8e:e5:d0:
12:b6:32:c8:ad:da:51:ab:fc:e2:da:b7:27:a7:fc:
21:23:f4:76:f8:e4:4d:55:a8:da:6b:50:f4:5d:86:
25:13:e7:7c:47:5b:d9:ed:a5:89:2c:86:15:ba:82:
70:5f:d9:23:6c:5e:3c:f9:ae:2b:ef:73:a4:74:53:
2c:58:9a:de:91:44:e2:5d:5c:06:e3:35:b2:17:af:
45:cd:52:28:b1:2f:d1:f3:0e:c7:8b:16:97:ef:05:
b5:a9:cb:91:8b:a7:fe:f7:7d:99:e7:d9:65:e2:20:
ff:b2:3f:69:a1:a7:d5:a5:6e:e1:98:f3:d6:c9:14:
3c:30:14:2c:5e:da:14:82:4e:84:ad:3d:0d:1f:80:
3b:89:69:57:ff:cf:3c:e1:ed:27:85:72:04:3d:a1:
9c:49:25:7c:9b:0b:66:56:19:21:b4:70:64:f4:a6:
cf:29:d1:aa:09:f5:75:5c:02:88:e0:40:bb:f0:d6:
7b:bf:ba:bb:dd:75:34:b6:a0:da:57:cf:52:3e:bc:
72:85:7e:99:48:51:62:59:f6:c8:46:ed:51:2f:dd:
a5:10:07:5c:97:3b:d5:4e:cb:5a:af:46:3c:d8:9c:
4e:47:c1:14:08:cc:a8:cc:34:8c:5b:b5:0a:59:a3:
19:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:02:2F:25:63:A3:8C:6B:FB:60:BC:6F:10:BC:11:4C:14:BB:67:84
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/KwIvJWOjjGv7YLxvELwRTBS7Z4Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.52.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f5:5d:7a:5e:c9:11:eb:e2:78:99:5d:bf:bb:93:d9:69:cc:
db:64:48:54:0d:3e:3f:1a:90:be:11:d2:23:08:20:8f:b9:b5:
a5:ea:2b:4b:08:55:36:d5:15:3c:d6:53:a2:e9:79:e0:9a:9c:
0b:84:f0:bb:4a:fb:fb:b2:8d:d9:d5:48:84:f1:c9:ea:ab:89:
e7:b7:e6:26:33:58:99:f9:c9:83:c8:98:46:78:47:84:11:07:
d3:d5:a0:07:99:0a:e4:19:9c:17:42:85:9a:41:a6:ba:ba:bb:
f3:04:18:69:fb:a8:c9:16:a4:84:30:24:28:b8:6f:a4:56:20:
f8:e0:53:fe:31:53:3a:f7:3a:e5:ab:30:76:6a:d5:b2:d9:52:
34:e1:2f:4f:26:ba:80:43:74:d9:20:b1:4d:e4:a4:cb:82:44:
de:6b:65:45:fd:b2:4a:29:3a:e6:80:5b:61:09:b2:28:49:24:
1c:70:46:60:01:79:f0:30:0e:90:97:58:53:e7:6f:3f:3e:80:
fd:94:62:37:5e:1b:f7:a4:93:22:ee:ed:50:40:27:3e:4d:ba:
51:5d:57:8d:33:98:92:b2:1d:13:e0:d7:25:49:91:f6:d4:f9:
54:ce:4d:61:60:92:58:19:ff:0f:d3:ce:72:ad:cb:51:b0:d7:
02:7b:67:03
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
OTA3MjdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJCMDIyRjI1NjNBMzhD
NkJGQjYwQkM2RjEwQkMxMTRDMTRCQjY3ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmt2I8+8/CIvugKo7l0BK2Msit2lGr/OLatyen/CEj9Hb45E1V
qNprUPRdhiUT53xHW9ntpYkshhW6gnBf2SNsXjz5rivvc6R0UyxYmt6RROJdXAbj
NbIXr0XNUiixL9HzDseLFpfvBbWpy5GLp/73fZnn2WXiIP+yP2mhp9WlbuGY89bJ
FDwwFCxe2hSCToStPQ0fgDuJaVf/zzzh7SeFcgQ9oZxJJXybC2ZWGSG0cGT0ps8p
0aoJ9XVcAojgQLvw1nu/urvddTS2oNpXz1I+vHKFfplIUWJZ9shG7VEv3aUQB1yX
O9VOy1qvRjzYnE5HwRQIzKjMNIxbtQpZoxk/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKwIvJWOjjGv7YLxvELwRTBS7Z4QwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vS3dJdkpXT2pqR3Y3WUx4dkVMd1JU
QlM3WjRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bNDAN
BgkqhkiG9w0BAQsFAAOCAQEAcvVdel7JEevieJldv7uT2WnM22RIVA0+PxqQvhHS
Iwggj7m1peorSwhVNtUVPNZToul54JqcC4Twu0r7+7KN2dVIhPHJ6quJ57fmJjNY
mfnJg8iYRnhHhBEH09WgB5kK5BmcF0KFmkGmurq78wQYafuoyRakhDAkKLhvpFYg
+OBT/jFTOvc65aswdmrVstlSNOEvTya6gEN02SCxTeSky4JE3mtlRf2ySik65oBb
YQmyKEkkHHBGYAF58DAOkJdYU+dvPz6A/ZRiN14b96STIu7tUEAnPk26UV1XjTOY
krIdE+DXJUmR9tT5VM5NYWCSWBn/D9POcq3LUbDXAntnAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org