Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/OZa3weSYUamPDYNdsNdknlDPu9g.roa
File: OZa3weSYUamPDYNdsNdknlDPu9g.roa (raw, json)
Hash identifier: 4vPxO90mH2OLJzw3Q0VqG/40nI6LyfUWcZMCzN2EIkI=
Subject key identifier: 39:96:B7:C1:E4:98:51:A9:8F:0D:83:5D:B0:D7:64:9E:50:CF:BB:D8
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08E4
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/OZa3weSYUamPDYNdsNdknlDPu9g.roa
Signing time: Fri 11 Dec 2020 09:06:50 +0000
ROA not before: Fri 11 Dec 2020 09:06:50 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 223.27.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2276 (0x8e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 09:06:50 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3996B7C1E49851A98F0D835DB0D7649E50CFBBD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:48:c9:66:a1:db:b7:23:e3:e6:10:e8:24:de:
da:50:fa:2c:06:08:81:94:6b:67:96:aa:a4:43:75:
75:0c:ee:9b:98:2a:12:92:8f:ef:e7:91:f0:2d:c2:
c3:6a:8b:4e:c5:3d:3a:ff:43:7c:fd:d3:e1:1b:32:
de:0b:41:e8:e8:e6:cd:67:0e:45:de:c9:e1:dc:e9:
c9:a7:76:53:b7:b1:a3:48:9b:17:53:83:37:86:67:
ed:d6:45:b5:fa:4c:62:d5:5d:0c:76:dd:75:66:e8:
4a:3d:e8:cd:a1:8b:52:cf:1f:0f:58:2c:5a:f8:6a:
1a:07:70:bc:37:d0:a9:e6:30:d2:48:9c:4e:5e:ba:
54:f3:5d:3c:5e:f6:e6:0c:3b:c8:e5:bd:b6:9f:bf:
a9:e3:0a:3c:5e:3c:40:a0:78:57:8d:6e:d0:6a:f3:
48:59:05:18:f9:bd:6a:1a:40:b3:8b:4e:cd:73:a3:
2f:0d:13:e2:ab:2b:d9:16:f8:f7:e4:d1:32:72:c0:
35:3f:27:31:dc:89:9a:6e:cb:d8:2b:b7:bb:78:ff:
95:c5:40:8a:3a:86:e6:91:4b:7b:e6:e2:bc:07:ea:
55:fa:5f:48:b5:db:18:b4:18:40:03:a2:1c:3d:ae:
3a:1f:31:e8:e7:fb:c6:7c:c1:e1:ce:b7:18:66:6c:
98:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:96:B7:C1:E4:98:51:A9:8F:0D:83:5D:B0:D7:64:9E:50:CF:BB:D8
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/OZa3weSYUamPDYNdsNdknlDPu9g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.47.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:88:fd:e5:94:e5:fc:03:f6:50:c0:32:9a:ac:d0:22:69:9f:
c1:6f:f7:a1:dd:46:3f:8f:95:7a:33:63:34:2b:13:d1:9e:52:
ec:59:76:f1:61:39:af:17:44:6a:5e:ee:73:57:19:fd:96:6b:
1e:3e:56:4d:18:01:1f:26:ae:ee:a5:8f:83:07:36:ea:bd:f6:
fa:e9:7c:3a:6f:07:a2:9d:5b:12:5f:03:16:56:ad:f4:76:0f:
95:bc:9a:f2:26:dc:e8:93:b9:97:e2:27:08:4c:5c:06:c5:fb:
9d:ed:6a:89:b6:8b:38:a1:bb:90:8c:f1:dd:2c:92:88:1f:d1:
82:94:e6:e9:d5:1d:6a:42:c6:71:cb:73:0a:93:e2:29:e8:f9:
ac:71:5a:73:2a:6c:32:da:69:bc:f7:ef:cb:62:23:ff:29:0f:
27:7b:67:31:dd:8b:3f:a4:6e:0c:f7:68:9e:0a:d9:9c:31:91:
da:2f:d9:8c:2b:4f:db:31:5b:9b:66:40:70:ea:b0:ed:d5:ee:
32:b5:b5:42:7a:fd:1d:60:dc:fc:bf:40:22:5d:f8:89:f3:d8:
34:ad:4f:18:d1:4d:8b:71:b7:97:87:3d:da:3a:c3:2a:1b:4b:
a6:ea:86:a3:17:9e:eb:e5:94:b9:35:d7:c5:50:86:d1:18:fa:
91:09:f9:43
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
OTA2NTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM5OTZCN0MxRTQ5ODUx
QTk4RjBEODM1REIwRDc2NDlFNTBDRkJCRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmSMlmodu3I+PmEOgk3tpQ+iwGCIGUa2eWqqRDdXUM7puYKhKS
j+/nkfAtwsNqi07FPTr/Q3z90+EbMt4LQejo5s1nDkXeyeHc6cmndlO3saNImxdT
gzeGZ+3WRbX6TGLVXQx23XVm6Eo96M2hi1LPHw9YLFr4ahoHcLw30KnmMNJInE5e
ulTzXTxe9uYMO8jlvbafv6njCjxePECgeFeNbtBq80hZBRj5vWoaQLOLTs1zoy8N
E+KrK9kW+Pfk0TJywDU/JzHciZpuy9grt7t4/5XFQIo6huaRS3vm4rwH6lX6X0i1
2xi0GEADohw9rjofMejn+8Z8weHOtxhmbJjTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOZa3weSYUamPDYNdsNdknlDPu9gwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vT1phM3dlU1lVYW1QRFlOZHNOZGtu
bERQdTlnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bLzAN
BgkqhkiG9w0BAQsFAAOCAQEAC4j95ZTl/AP2UMAymqzQImmfwW/3od1GP4+VejNj
NCsT0Z5S7Fl28WE5rxdEal7uc1cZ/ZZrHj5WTRgBHyau7qWPgwc26r32+ul8Om8H
op1bEl8DFlat9HYPlbya8ibc6JO5l+InCExcBsX7ne1qibaLOKG7kIzx3SySiB/R
gpTm6dUdakLGcctzCpPiKej5rHFacypsMtppvPfvy2Ij/ykPJ3tnMd2LP6RuDPdo
ngrZnDGR2i/ZjCtP2zFbm2ZAcOqw7dXuMrW1Qnr9HWDc/L9AIl34ifPYNK1PGNFN
i3G3l4c92jrDKhtLpuqGoxee6+WUuTXXxVCG0Rj6kQn5Qw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org