Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/PLbu9pQPVtTKKkpHpWgMgSLXroo.roa
File: PLbu9pQPVtTKKkpHpWgMgSLXroo.roa (raw, json)
Hash identifier: 1aH6QV61UnszONbxNwn3TKzSkYq9i/Zs5s9xi+hEj0c=
Subject key identifier: 3C:B6:EE:F6:94:0F:56:D4:CA:2A:4A:47:A5:68:0C:81:22:D7:AE:8A
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 09A3
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/PLbu9pQPVtTKKkpHpWgMgSLXroo.roa
Signing time: Sun 07 Feb 2021 13:09:57 +0000
ROA not before: Sun 07 Feb 2021 13:09:57 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 223.27.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2467 (0x9a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 7 13:09:57 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3CB6EEF6940F56D4CA2A4A47A5680C8122D7AE8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bc:98:0c:bb:09:7b:3d:95:b7:dd:42:1d:0b:
29:e5:d5:35:8c:72:93:ab:d2:04:ef:7c:8f:c6:74:
cc:29:87:06:74:3d:34:cb:9c:75:4a:59:3c:89:c4:
42:b3:82:03:a4:63:83:bd:b8:7b:17:69:ae:79:bd:
25:04:3a:9d:7b:30:ee:25:da:54:12:c2:8c:e8:e8:
e6:e9:d7:36:39:4f:56:c3:20:f9:c5:2a:2c:37:ff:
e3:87:77:37:5a:ef:eb:8d:e1:c8:f3:b7:7f:39:81:
dc:a4:20:e7:7a:4b:b5:15:65:40:cd:7c:17:a6:21:
58:32:12:e6:d0:e4:16:41:08:66:e9:9a:4a:6d:81:
d3:2e:91:a7:15:9e:db:02:67:b5:99:d0:e7:57:03:
ca:a8:5a:31:cd:00:f2:59:6e:fd:41:2c:e5:f6:19:
d7:d1:e7:37:8c:01:b3:d7:8f:4b:9a:d2:64:39:c0:
5b:46:02:9e:96:d6:5d:1d:e6:91:85:26:c4:96:92:
0e:9c:5f:12:31:02:c8:6e:22:27:4c:20:de:36:ca:
b4:f5:c1:25:92:3b:e2:d2:75:4d:cf:16:66:04:93:
0a:b4:47:87:0b:8f:61:fa:49:31:de:41:30:bc:bf:
04:32:28:a8:00:44:20:1a:62:3a:62:75:d5:14:b4:
d3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B6:EE:F6:94:0F:56:D4:CA:2A:4A:47:A5:68:0C:81:22:D7:AE:8A
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/PLbu9pQPVtTKKkpHpWgMgSLXroo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.47.0/24
Signature Algorithm: sha256WithRSAEncryption
42:3d:47:4d:78:1f:07:bb:8e:85:b6:1a:a7:61:23:8b:d1:68:
3e:af:2f:ee:15:6e:e6:ba:d6:b2:3a:0e:1d:1c:88:97:b8:46:
7a:73:8a:7c:86:c5:d8:de:01:82:83:f2:e6:e7:89:12:88:aa:
a7:05:fd:7a:26:b3:11:13:c9:ae:bd:c1:54:41:bb:97:39:54:
e3:bd:89:99:48:9c:9f:aa:68:24:f0:4a:84:ae:f7:d9:f4:ff:
03:03:37:59:a9:75:f4:88:da:c4:c0:6c:4b:68:45:bd:6b:ab:
fc:c7:ac:e2:f2:9d:6b:20:5a:fa:44:e1:b6:8b:09:0c:06:15:
89:0a:fe:9d:2e:bb:b6:57:f0:6f:2d:f0:11:6e:e4:9a:bd:51:
cb:f0:10:22:95:04:9e:50:da:40:ba:44:2e:c0:8d:5e:44:f1:
33:e1:2b:b8:72:b0:82:25:ca:e1:16:ca:8b:78:c8:0e:6b:55:
32:58:ef:c9:29:3d:f5:ae:cd:55:43:67:3e:e0:33:66:9a:96:
cc:36:ec:db:56:14:94:f1:15:f1:6b:2f:f7:06:73:4a:a3:fb:
59:8f:8f:48:60:8f:bf:45:db:ba:91:07:ee:90:62:db:60:a0:
1c:61:bb:e9:cf:1b:ff:94:d1:53:94:0a:d7:54:4f:c0:37:b6:
1a:5f:31:13
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MzA5NTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNDQjZFRUY2OTQwRjU2
RDRDQTJBNEE0N0E1NjgwQzgxMjJEN0FFOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+vJgMuwl7PZW33UIdCynl1TWMcpOr0gTvfI/GdMwphwZ0PTTL
nHVKWTyJxEKzggOkY4O9uHsXaa55vSUEOp17MO4l2lQSwozo6Obp1zY5T1bDIPnF
Kiw3/+OHdzda7+uN4cjzt385gdykIOd6S7UVZUDNfBemIVgyEubQ5BZBCGbpmkpt
gdMukacVntsCZ7WZ0OdXA8qoWjHNAPJZbv1BLOX2GdfR5zeMAbPXj0ua0mQ5wFtG
Ap6W1l0d5pGFJsSWkg6cXxIxAshuIidMIN42yrT1wSWSO+LSdU3PFmYEkwq0R4cL
j2H6STHeQTC8vwQyKKgARCAaYjpiddUUtNP5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPLbu9pQPVtTKKkpHpWgMgSLXroowHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUExidTlwUVBWdFRLS2twSHBXZ01n
U0xYcm9vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bLzAN
BgkqhkiG9w0BAQsFAAOCAQEAQj1HTXgfB7uOhbYap2Eji9FoPq8v7hVu5rrWsjoO
HRyIl7hGenOKfIbF2N4BgoPy5ueJEoiqpwX9eiazERPJrr3BVEG7lzlU472JmUic
n6poJPBKhK732fT/AwM3Wal19IjaxMBsS2hFvWur/Mes4vKdayBa+kThtosJDAYV
iQr+nS67tlfwby3wEW7kmr1Ry/AQIpUEnlDaQLpELsCNXkTxM+EruHKwgiXK4RbK
i3jIDmtVMljvySk99a7NVUNnPuAzZpqWzDbs21YUlPEV8Wsv9wZzSqP7WY+PSGCP
v0XbupEH7pBi22CgHGG76c8b/5TRU5QK11RPwDe2Gl8xEw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:17 2025 by rpki-client