Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/LgXL1gEPUrApvvzwkWOI9aAgcnA.roa
File: LgXL1gEPUrApvvzwkWOI9aAgcnA.roa (raw, json)
Hash identifier: 9+dsIZpJmKgjNtWoYp5fTCA2kBhr+G+KXPX3pNddvtg=
Subject key identifier: 2E:05:CB:D6:01:0F:52:B0:29:BE:FC:F0:91:63:88:F5:A0:20:72:70
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0A8F
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/LgXL1gEPUrApvvzwkWOI9aAgcnA.roa
Signing time: Wed 06 Oct 2021 07:05:59 +0000
ROA not before: Wed 06 Oct 2021 07:05:59 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 223.27.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2703 (0xa8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Oct 6 07:05:59 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=2E05CBD6010F52B029BEFCF0916388F5A0207270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:04:9d:f0:62:de:b8:b1:09:3b:33:75:30:30:
33:6c:18:65:be:7b:63:80:74:21:03:b0:be:eb:d4:
6a:47:46:a6:d1:52:17:e1:9f:53:a7:86:61:37:13:
56:8b:dc:25:d8:06:d1:61:2f:df:b6:c5:70:67:8b:
dc:8f:1c:0e:ef:83:78:ad:99:05:be:ca:a2:4a:3f:
09:8a:1f:7a:00:e8:55:ae:3a:3d:5c:7d:60:19:3d:
cf:bf:03:5a:1a:19:6b:bc:47:4a:54:3c:da:2b:7d:
66:de:d1:0c:ef:a0:f8:2a:8f:ad:a9:72:52:03:9b:
77:14:ed:3f:6f:e5:90:e5:02:11:5b:1d:c1:95:ce:
f5:78:d8:c6:4c:4f:dd:36:60:6f:d7:7c:a6:23:da:
bc:03:c3:41:5a:6d:6d:b3:96:0e:93:6d:d3:f0:f4:
6b:c3:47:e8:b4:35:5b:72:3f:96:b3:c5:a4:bc:39:
b3:ac:17:74:89:47:ee:be:f7:74:18:b8:40:5a:b2:
5d:f8:f3:2a:82:c8:0d:2e:fe:66:97:e8:f3:66:0c:
ae:68:84:1f:56:13:0c:12:d5:d4:ff:67:a2:3d:d5:
6e:e7:71:f3:d5:6e:9c:5d:8d:86:0b:ee:c0:a0:0c:
98:38:c1:d8:72:df:6b:32:a7:3b:c3:56:90:66:27:
c3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:05:CB:D6:01:0F:52:B0:29:BE:FC:F0:91:63:88:F5:A0:20:72:70
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/LgXL1gEPUrApvvzwkWOI9aAgcnA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.41.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:ca:ce:c4:ee:55:ce:74:37:f7:b9:e8:09:b6:b4:d1:14:31:
ac:29:9d:15:20:c3:98:d1:7f:e2:fd:af:ef:9b:93:f4:91:f6:
89:65:31:68:4f:97:af:e0:5b:7a:16:88:cd:60:36:91:69:f3:
8b:2b:4b:46:51:85:19:da:80:2a:5d:5b:36:ac:e1:a9:c8:76:
10:73:68:1c:74:a3:7e:2c:6d:f9:4c:1d:dc:49:f2:ab:16:2c:
c7:f4:16:ef:f9:06:e3:5c:93:ef:1f:d8:e5:ad:91:1b:e3:33:
71:40:ef:31:95:ba:3b:f3:20:a3:6c:c9:a2:4e:22:e0:1e:42:
50:6a:7f:09:95:55:e0:af:68:c4:40:86:da:16:1d:98:f4:ba:
a1:11:3f:5d:2c:bc:a9:26:0c:a1:67:38:da:f0:2c:c9:39:f3:
b4:1a:3c:f3:9d:fc:0c:14:0b:79:e7:16:2b:1e:0a:f9:94:28:
77:26:a4:ac:a0:be:bb:3f:b6:3b:7d:0d:b7:22:02:79:a0:db:
e9:4c:6f:77:fd:a3:7f:de:7b:2b:8d:68:ea:43:10:f8:36:2a:
38:07:95:6e:4a:b5:f7:8a:9d:9b:9d:66:74:5e:db:58:1e:90:
18:a5:7d:45:e5:79:25:1a:43:3e:d7:bd:0f:7d:9e:ce:1a:3f:
36:8b:e0:08
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTEwMDYw
NzA1NTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDJFMDVDQkQ2MDEwRjUy
QjAyOUJFRkNGMDkxNjM4OEY1QTAyMDcyNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKBJ3wYt64sQk7M3UwMDNsGGW+e2OAdCEDsL7r1GpHRqbRUhfh
n1OnhmE3E1aL3CXYBtFhL9+2xXBni9yPHA7vg3itmQW+yqJKPwmKH3oA6FWuOj1c
fWAZPc+/A1oaGWu8R0pUPNorfWbe0QzvoPgqj62pclIDm3cU7T9v5ZDlAhFbHcGV
zvV42MZMT902YG/XfKYj2rwDw0FabW2zlg6TbdPw9GvDR+i0NVtyP5azxaS8ObOs
F3SJR+6+93QYuEBasl348yqCyA0u/maX6PNmDK5ohB9WEwwS1dT/Z6I91W7ncfPV
bpxdjYYL7sCgDJg4wdhy32sypzvDVpBmJ8OhAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULgXL1gEPUrApvvzwkWOI9aAgcnAwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vTGdYTDFnRVBVckFwdnZ6d2tXT0k5
YUFnY25BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKTAN
BgkqhkiG9w0BAQsFAAOCAQEAnsrOxO5VznQ397noCba00RQxrCmdFSDDmNF/4v2v
75uT9JH2iWUxaE+Xr+BbehaIzWA2kWnziytLRlGFGdqAKl1bNqzhqch2EHNoHHSj
fixt+Uwd3EnyqxYsx/QW7/kG41yT7x/Y5a2RG+MzcUDvMZW6O/Mgo2zJok4i4B5C
UGp/CZVV4K9oxECG2hYdmPS6oRE/XSy8qSYMoWc42vAsyTnztBo88538DBQLeecW
Kx4K+ZQodyakrKC+uz+2O30NtyICeaDb6Uxvd/2jf957K41o6kMQ+DYqOAeVbkq1
94qdm51mdF7bWB6QGKV9ReV5JRpDPte9D32ezho/NovgCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org