Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/OkyHJWXz7yIlBpmm9eZF9LET2Kw.roa
File: OkyHJWXz7yIlBpmm9eZF9LET2Kw.roa (raw, json)
Hash identifier: rv22y8bLmgW1SagIDmhFCAPa+AMgsZF0NLroXKwxCGA=
Subject key identifier: 3A:4C:87:25:65:F3:EF:22:25:06:99:A6:F5:E6:45:F4:B1:13:D8:AC
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0971
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/OkyHJWXz7yIlBpmm9eZF9LET2Kw.roa
Signing time: Sun 07 Feb 2021 13:09:11 +0000
ROA not before: Sun 07 Feb 2021 13:09:11 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 198949
IP address blocks: 223.27.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2417 (0x971)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 7 13:09:11 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3A4C872565F3EF22250699A6F5E645F4B113D8AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:28:96:82:6f:f6:d8:8e:01:24:e7:e6:db:3a:
e9:b6:3e:72:70:19:83:78:a9:70:9c:d4:4d:45:8e:
fe:ce:c0:6f:8a:76:a5:67:e5:8a:4c:0a:7a:d0:13:
8b:f7:e3:e7:96:bc:a0:9b:72:55:da:e4:05:ca:bc:
1d:63:3e:36:cb:c8:c9:78:69:55:d0:35:0c:36:cb:
22:9b:e6:48:f2:ca:c5:82:21:52:53:c4:c3:b6:77:
63:6b:5b:a5:c6:40:ee:35:cb:bd:c1:14:c6:74:63:
51:b3:5e:ec:72:1d:00:d9:70:75:f6:ce:f6:6f:99:
96:55:f0:1d:d7:b1:ce:16:54:35:08:24:f6:81:cc:
b5:3f:12:32:e1:5b:34:f1:a1:3b:4b:a1:da:d5:b9:
b1:4d:1b:fb:67:d4:fa:32:63:7e:61:2d:68:07:de:
bc:99:2e:53:ac:ef:85:90:c0:6d:11:4d:d9:75:fb:
d8:28:0f:eb:f0:2e:70:5e:49:d2:83:c7:7c:08:99:
eb:24:4d:b2:9b:0b:cc:fb:f8:a1:89:e1:12:64:24:
23:ba:14:9b:c3:9c:33:5b:07:5a:ad:0d:b6:ae:be:
b7:e9:e1:f3:99:c3:e6:49:1a:aa:68:7b:a9:8b:1a:
59:71:c3:19:8e:68:6a:be:90:24:07:10:b6:3e:64:
c1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4C:87:25:65:F3:EF:22:25:06:99:A6:F5:E6:45:F4:B1:13:D8:AC
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/OkyHJWXz7yIlBpmm9eZF9LET2Kw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.46.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:61:0a:a4:43:2e:a1:0d:93:2e:ed:34:c6:51:97:80:24:40:
53:31:61:b2:cc:dd:70:79:04:81:0a:10:e6:37:b3:7f:22:44:
a2:76:b4:65:14:b2:be:57:7e:3f:c1:5d:c3:a1:fa:39:2f:7b:
8c:b3:a0:4f:65:85:1d:99:da:53:5b:9c:55:e3:82:e5:ac:fa:
23:97:fa:cc:e6:c4:9e:82:bb:d7:e9:a5:d2:1f:24:5f:9c:88:
37:0d:40:97:c8:49:01:39:1b:3d:0f:d1:cf:5d:87:74:93:49:
db:37:e0:13:21:5c:33:a5:a9:a5:55:62:5a:44:09:86:c0:08:
4a:e9:f6:bb:ea:d5:cc:a4:71:b8:32:4d:31:97:91:35:d7:69:
48:ab:6f:7f:fc:53:1d:82:45:9a:19:1f:e4:c5:54:85:3a:c5:
cc:53:5c:1c:8f:12:f6:1a:da:b6:ef:b9:57:20:72:02:d5:55:
55:f3:02:78:f1:e4:d7:b5:4b:57:51:78:f9:5b:43:df:17:2e:
db:17:bf:a6:31:8b:e6:1f:a2:d9:68:e2:4f:f9:66:c8:2a:bc:
45:38:eb:1d:8a:71:de:6c:6d:25:36:36:d1:92:66:94:40:8e:
e1:a1:20:9e:e8:3f:3f:c5:b2:72:da:1d:04:bd:5a:89:e8:2c:
fe:af:e6:4d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MzA5MTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNBNEM4NzI1NjVGM0VG
MjIyNTA2OTlBNkY1RTY0NUY0QjExM0Q4QUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLKJaCb/bYjgEk5+bbOum2PnJwGYN4qXCc1E1Fjv7OwG+KdqVn
5YpMCnrQE4v34+eWvKCbclXa5AXKvB1jPjbLyMl4aVXQNQw2yyKb5kjyysWCIVJT
xMO2d2NrW6XGQO41y73BFMZ0Y1GzXuxyHQDZcHX2zvZvmZZV8B3Xsc4WVDUIJPaB
zLU/EjLhWzTxoTtLodrVubFNG/tn1PoyY35hLWgH3ryZLlOs74WQwG0RTdl1+9go
D+vwLnBeSdKDx3wImeskTbKbC8z7+KGJ4RJkJCO6FJvDnDNbB1qtDbauvrfp4fOZ
w+ZJGqpoe6mLGllxwxmOaGq+kCQHELY+ZMHTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOkyHJWXz7yIlBpmm9eZF9LET2KwwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vT2t5SEpXWHo3eUlsQnBtbTllWkY5
TEVUMkt3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bLjAN
BgkqhkiG9w0BAQsFAAOCAQEAPGEKpEMuoQ2TLu00xlGXgCRAUzFhsszdcHkEgQoQ
5jezfyJEona0ZRSyvld+P8Fdw6H6OS97jLOgT2WFHZnaU1ucVeOC5az6I5f6zObE
noK71+ml0h8kX5yINw1Al8hJATkbPQ/Rz12HdJNJ2zfgEyFcM6WppVViWkQJhsAI
Sun2u+rVzKRxuDJNMZeRNddpSKtvf/xTHYJFmhkf5MVUhTrFzFNcHI8S9hratu+5
VyByAtVVVfMCePHk17VLV1F4+VtD3xcu2xe/pjGL5h+i2WjiT/lmyCq8RTjrHYpx
3mxtJTY20ZJmlECO4aEgnug/P8WyctodBL1aiegs/q/mTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org