Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/LIrgPBNqG-cgxoaV9LmadxpEtEA.roa
File: LIrgPBNqG-cgxoaV9LmadxpEtEA.roa (raw, json)
Hash identifier: J840UMkcK8fNhf3H50XXn2t6+RwCbSWc6C5xuTdv19g=
Subject key identifier: 2C:8A:E0:3C:13:6A:1B:E7:20:C6:86:95:F4:B9:9A:77:1A:44:B4:40
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08D2
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/LIrgPBNqG-cgxoaV9LmadxpEtEA.roa
Signing time: Fri 11 Dec 2020 09:04:24 +0000
ROA not before: Fri 11 Dec 2020 09:04:24 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 223.27.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2258 (0x8d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 09:04:24 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=2C8AE03C136A1BE720C68695F4B99A771A44B440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4f:33:84:11:00:f7:d7:5c:16:fc:d4:19:3f:
2c:61:90:e5:79:3b:45:5f:3f:dd:c5:2e:d0:14:4f:
c0:fd:d6:36:73:cc:99:5b:c7:4f:d1:4d:5a:e6:51:
66:fc:0f:84:3a:71:e0:06:d5:6a:e9:e0:e4:3c:c4:
36:9c:dc:a5:c1:c1:12:57:da:bd:77:97:0e:88:f8:
70:85:6c:d4:88:91:c0:3a:bd:00:87:49:a2:1f:a9:
49:2c:ad:0b:75:85:1c:5d:7c:f8:c3:11:37:61:fb:
6d:b2:80:e0:55:94:08:e8:7c:48:24:98:c3:91:72:
86:fd:0f:0b:86:11:93:55:66:9f:d3:59:c9:aa:03:
50:d3:1a:3d:32:a9:33:cc:5a:68:5c:9a:8a:76:43:
cc:54:90:5e:95:6b:9c:bf:20:3d:39:96:c9:ce:15:
0d:47:a8:27:c3:a3:7e:04:11:35:f7:79:fe:4f:2b:
ae:a4:2e:b0:65:ce:76:be:4f:e7:50:a7:3b:e9:89:
81:16:a9:0e:67:1c:36:35:46:3b:6f:1d:3f:85:8f:
7b:00:81:1d:6b:31:7c:61:47:0b:12:3f:48:c1:17:
5f:45:e5:d7:c2:36:c8:58:48:c1:37:8c:07:ea:1c:
0c:dc:0f:88:90:11:4d:60:9d:b4:02:f8:09:54:92:
4a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:8A:E0:3C:13:6A:1B:E7:20:C6:86:95:F4:B9:9A:77:1A:44:B4:40
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/LIrgPBNqG-cgxoaV9LmadxpEtEA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.34.0/24
Signature Algorithm: sha256WithRSAEncryption
17:7f:99:e5:c2:07:3f:05:9f:56:9e:74:cf:5e:21:46:60:8a:
df:20:bd:73:1b:13:22:d6:66:10:6d:0d:f3:0c:91:48:9d:61:
ec:0d:20:75:0a:92:a9:7f:ad:9f:6b:e9:32:03:ff:5c:7a:85:
3c:43:12:9a:12:b5:9d:87:7f:85:4d:50:02:93:fc:3f:2f:00:
14:10:90:fc:0b:82:7d:f5:e9:3b:74:cf:41:22:23:1b:99:f1:
25:c8:7a:00:f9:37:59:f9:4a:3d:88:3e:e4:c0:ea:4b:23:e2:
05:c4:5a:8f:6e:03:87:d9:a7:54:98:2e:d9:fd:c5:5c:99:6e:
f3:37:ce:f2:4c:c9:12:36:da:bc:9e:5e:42:85:a2:9b:75:aa:
51:de:8d:bf:27:93:15:8e:5b:b2:44:71:8b:86:13:44:a3:54:
25:ef:b0:ac:9f:1a:1d:b4:d5:4a:a8:4d:50:b0:1e:5a:14:c5:
a4:3e:37:12:97:02:81:7a:6e:2b:38:17:0b:d8:99:ae:e5:04:
11:90:f4:b1:28:a4:be:77:e4:e8:97:9b:d6:fd:38:40:47:b2:
0f:47:cd:24:d2:d5:34:af:3d:d1:ca:dc:5d:c0:2b:cc:2f:1f:
3a:6a:ce:4a:88:26:32:2b:a2:15:4e:5b:b0:9d:8b:05:e7:a9:
b1:76:05:d6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
OTA0MjRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJDOEFFMDNDMTM2QTFC
RTcyMEM2ODY5NUY0Qjk5QTc3MUE0NEI0NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4TzOEEQD311wW/NQZPyxhkOV5O0VfP93FLtAUT8D91jZzzJlb
x0/RTVrmUWb8D4Q6ceAG1Wrp4OQ8xDac3KXBwRJX2r13lw6I+HCFbNSIkcA6vQCH
SaIfqUksrQt1hRxdfPjDETdh+22ygOBVlAjofEgkmMORcob9DwuGEZNVZp/TWcmq
A1DTGj0yqTPMWmhcmop2Q8xUkF6Va5y/ID05lsnOFQ1HqCfDo34EETX3ef5PK66k
LrBlzna+T+dQpzvpiYEWqQ5nHDY1RjtvHT+Fj3sAgR1rMXxhRwsSP0jBF19F5dfC
NshYSME3jAfqHAzcD4iQEU1gnbQC+AlUkkrjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULIrgPBNqG+cgxoaV9LmadxpEtEAwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vTElyZ1BCTnFHLWNneG9hVjlMbWFk
eHBFdEVBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bIjAN
BgkqhkiG9w0BAQsFAAOCAQEAF3+Z5cIHPwWfVp50z14hRmCK3yC9cxsTItZmEG0N
8wyRSJ1h7A0gdQqSqX+tn2vpMgP/XHqFPEMSmhK1nYd/hU1QApP8Py8AFBCQ/AuC
ffXpO3TPQSIjG5nxJch6APk3WflKPYg+5MDqSyPiBcRaj24Dh9mnVJgu2f3FXJlu
8zfO8kzJEjbavJ5eQoWim3WqUd6NvyeTFY5bskRxi4YTRKNUJe+wrJ8aHbTVSqhN
ULAeWhTFpD43EpcCgXpuKzgXC9iZruUEEZD0sSikvnfk6Jeb1v04QEeyD0fNJNLV
NK890crcXcArzC8fOmrOSogmMiuiFU5bsJ2LBeepsXYF1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org