Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/Pn_JZBYdbWeYTpOrYwPUUX-UmOk.roa
File: Pn_JZBYdbWeYTpOrYwPUUX-UmOk.roa (raw, json)
Hash identifier: sBtdT8gt00kn3EZRDkb4GQDtBb2Z7h6sCwucTlpz3Q4=
Subject key identifier: 3E:7F:C9:64:16:1D:6D:67:98:4E:93:AB:63:03:D4:51:7F:94:98:E9
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0973
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/Pn_JZBYdbWeYTpOrYwPUUX-UmOk.roa
Signing time: Sun 07 Feb 2021 13:09:13 +0000
ROA not before: Sun 07 Feb 2021 13:09:13 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 198949
IP address blocks: 223.27.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2419 (0x973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 7 13:09:13 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3E7FC964161D6D67984E93AB6303D4517F9498E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:ed:30:ce:36:ff:ba:cb:56:fd:61:f2:6e:
a9:df:73:44:33:ee:3c:bf:55:6f:50:ef:76:70:43:
9c:ca:54:ab:0b:8e:19:32:df:8f:9b:d9:04:e3:51:
e4:8c:df:65:1b:5f:be:f3:fa:a2:d7:88:91:c4:15:
ee:2f:83:57:b5:71:71:39:af:43:e1:9c:92:a1:1c:
28:3c:73:dd:a8:37:52:0a:fe:ae:bb:60:e3:57:94:
cd:67:38:f1:29:f8:b1:aa:05:11:61:4f:a4:84:26:
f4:32:b6:5c:9e:20:f8:5e:82:4d:93:7f:87:e4:4a:
7e:15:c2:3a:56:95:de:3a:62:29:c6:98:52:7c:de:
b9:80:b9:29:8a:ee:d4:b5:0e:53:93:af:41:cf:45:
4c:51:2b:47:70:bc:fa:ff:3b:4c:0e:a3:62:ea:64:
33:20:af:2b:c4:4c:6b:87:cd:5d:3e:03:6d:ea:dd:
62:06:18:67:cf:35:29:1a:86:4c:1b:5f:f0:9d:29:
b2:4f:b2:bf:1c:3d:fe:d7:53:44:bc:c9:3e:26:e6:
0b:1d:e5:40:44:27:4c:a1:94:8d:0f:f1:ab:9a:5e:
4f:27:89:bf:54:4f:3f:de:53:22:d6:df:48:d7:cb:
bb:17:98:12:9c:ce:74:c1:a2:97:d1:02:7e:5e:b3:
58:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7F:C9:64:16:1D:6D:67:98:4E:93:AB:63:03:D4:51:7F:94:98:E9
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/Pn_JZBYdbWeYTpOrYwPUUX-UmOk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.47.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:29:fe:8c:18:1c:dd:5c:ed:84:c9:7f:b3:6a:38:45:fd:db:
a9:ac:c5:4b:8c:69:86:1d:c2:3e:f9:63:6f:4a:fc:cb:25:4f:
73:09:81:cb:ce:e5:12:24:2c:1a:4d:c1:b6:4a:ca:e4:df:1a:
57:dc:1c:e8:37:f3:92:6e:22:93:f2:67:8a:62:e0:06:18:b0:
64:dc:fc:93:a9:4f:19:c8:fc:a5:c6:e7:f5:17:a5:4c:db:44:
35:38:bb:4b:9b:74:e7:5d:31:bb:a0:6d:36:cb:df:c1:0d:44:
70:9c:32:0c:3c:32:c1:b2:79:3b:d7:d3:58:18:27:1d:ca:01:
4f:d0:ec:18:99:73:bd:6c:65:9d:cb:68:59:51:0e:e2:a0:2c:
69:04:b9:91:7d:2d:05:c5:e8:e5:de:60:20:e7:15:8c:d6:d9:
26:bf:9b:6d:66:4a:bf:47:21:79:eb:7c:9b:2a:d8:ce:d0:cc:
70:95:02:a4:da:08:42:64:8b:9c:f1:0b:50:62:0a:76:70:fa:
e6:d5:e1:42:21:ca:14:83:93:79:d7:30:28:9e:65:6b:30:25:
1d:66:11:47:e3:f1:71:37:67:f0:ca:0b:ec:5e:da:45:32:98:
fb:8f:51:2e:f1:6a:f9:4c:af:25:d4:2d:c7:53:23:bd:ba:00:
38:05:2f:71
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCXMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MzA5MTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNFN0ZDOTY0MTYxRDZE
Njc5ODRFOTNBQjYzMDNENDUxN0Y5NDk4RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2re0wzjb/ustW/WHybqnfc0Qz7jy/VW9Q73ZwQ5zKVKsLjhky
34+b2QTjUeSM32UbX77z+qLXiJHEFe4vg1e1cXE5r0PhnJKhHCg8c92oN1IK/q67
YONXlM1nOPEp+LGqBRFhT6SEJvQytlyeIPhegk2Tf4fkSn4VwjpWld46YinGmFJ8
3rmAuSmK7tS1DlOTr0HPRUxRK0dwvPr/O0wOo2LqZDMgryvETGuHzV0+A23q3WIG
GGfPNSkahkwbX/CdKbJPsr8cPf7XU0S8yT4m5gsd5UBEJ0yhlI0P8auaXk8nib9U
Tz/eUyLW30jXy7sXmBKcznTBopfRAn5es1ijAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPn/JZBYdbWeYTpOrYwPUUX+UmOkwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUG5fSlpCWWRiV2VZVHBPcll3UFVV
WC1VbU9rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bLzAN
BgkqhkiG9w0BAQsFAAOCAQEAXin+jBgc3VzthMl/s2o4Rf3bqazFS4xphh3CPvlj
b0r8yyVPcwmBy87lEiQsGk3BtkrK5N8aV9wc6Dfzkm4ik/JnimLgBhiwZNz8k6lP
Gcj8pcbn9RelTNtENTi7S5t0510xu6BtNsvfwQ1EcJwyDDwywbJ5O9fTWBgnHcoB
T9DsGJlzvWxlnctoWVEO4qAsaQS5kX0tBcXo5d5gIOcVjNbZJr+bbWZKv0cheet8
myrYztDMcJUCpNoIQmSLnPELUGIKdnD65tXhQiHKFIOTedcwKJ5lazAlHWYRR+Px
cTdn8MoL7F7aRTKY+49RLvFq+UyvJdQtx1MjvboAOAUvcQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org