Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/aIvYccilaArEsX80gO9qzr44NQo.roa
File: aIvYccilaArEsX80gO9qzr44NQo.roa (raw, json)
Hash identifier: 3nMW3AsOmZA93DvfU23mE3ZgUFJYgUUcQF3b+HGEucY=
Subject key identifier: 68:8B:D8:71:C8:A5:68:0A:C4:B1:7F:34:80:EF:6A:CE:BE:38:35:0A
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 094D
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/aIvYccilaArEsX80gO9qzr44NQo.roa
Signing time: Sun 07 Feb 2021 13:08:35 +0000
ROA not before: Sun 07 Feb 2021 13:08:35 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 198949
IP address blocks: 124.150.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2381 (0x94d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 7 13:08:35 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=688BD871C8A5680AC4B17F3480EF6ACEBE38350A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:9c:ee:8a:f2:79:5a:47:dd:14:28:70:c6:86:
2c:b3:dc:c6:58:b5:c8:1d:e6:29:52:38:4f:50:59:
be:f2:7e:c7:c3:36:cd:8b:62:2f:d8:b6:ff:09:9b:
95:31:c1:00:b9:99:02:69:a5:b8:b8:60:cc:7b:e5:
1d:07:25:4b:2a:22:3a:38:ec:cf:d9:5e:85:8f:5b:
d8:7e:70:a2:b4:e9:d2:d6:49:ac:44:d1:ac:86:c4:
f2:3c:5e:a8:26:19:94:5c:b3:4f:ce:8a:6f:57:fd:
b2:fb:87:53:22:eb:09:ad:a4:a7:a2:15:89:54:d5:
d8:c5:15:c0:f8:55:90:3f:d3:8f:40:4f:06:70:2a:
9b:c8:36:1e:c7:8b:55:d0:6d:55:71:d4:f9:ad:5a:
f0:f7:31:93:c9:02:f3:df:98:d9:50:1d:95:ba:dd:
27:cd:50:64:0c:b0:30:a5:77:3a:6a:bc:3a:44:39:
53:74:7f:b5:85:c3:d5:4d:9a:1f:a1:04:f0:57:c3:
8e:2b:d0:dc:96:83:2c:bc:1e:fa:07:62:ca:b0:14:
17:d6:9d:e5:08:6a:d4:31:c1:b3:f3:d2:51:90:60:
61:55:4b:6c:43:34:ce:e7:6e:e3:23:85:9d:bd:60:
ec:c5:a1:60:d0:0d:b3:2f:8d:ee:f4:f3:f4:d8:03:
c3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8B:D8:71:C8:A5:68:0A:C4:B1:7F:34:80:EF:6A:CE:BE:38:35:0A
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/aIvYccilaArEsX80gO9qzr44NQo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.135.0/24
Signature Algorithm: sha256WithRSAEncryption
56:01:27:42:64:d7:05:b1:f2:04:30:25:bf:35:ce:aa:ad:37:
65:1c:9b:0d:b3:3d:ce:96:c0:63:53:ef:ac:7e:e4:f5:7b:f8:
0b:9d:cb:07:b2:1c:4f:c6:ee:2a:48:25:7f:da:16:9d:8e:0a:
9e:29:c9:f1:5a:c9:e0:4d:5c:97:6e:7b:45:19:1f:e4:08:2a:
d7:c8:99:da:4e:11:6b:3e:3b:19:71:99:8d:d4:02:70:08:ca:
a5:51:6b:a1:86:af:11:17:38:e9:fd:1a:ff:f7:ea:35:a5:8c:
7c:40:66:4e:ff:68:ca:fd:55:4d:6f:77:08:72:5d:97:d0:d3:
ba:f2:4b:c8:f4:dd:4b:8f:d4:21:7d:a5:7d:0b:48:17:db:b0:
60:fb:25:e4:b7:89:66:57:a8:4a:91:f8:ce:d6:34:21:a6:5e:
68:ff:b3:eb:04:f1:e9:17:80:93:40:a1:4a:da:9f:da:bd:93:
44:83:23:b3:7a:6e:48:be:b2:5e:83:ae:26:cb:6a:23:b1:bd:
4a:bf:b7:b6:b6:4a:e4:b8:3a:cf:fa:7a:55:c9:d1:b4:29:e1:
1f:32:9a:8e:8f:e3:0f:19:f9:d6:a7:a0:ff:52:6d:dd:e4:11:
51:56:b7:7e:38:92:a0:94:9a:3e:90:8d:8c:9e:e2:8c:9d:97:
77:f6:f6:68
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MzA4MzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDY4OEJEODcxQzhBNTY4
MEFDNEIxN0YzNDgwRUY2QUNFQkUzODM1MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDznO6K8nlaR90UKHDGhiyz3MZYtcgd5ilSOE9QWb7yfsfDNs2L
Yi/Ytv8Jm5UxwQC5mQJppbi4YMx75R0HJUsqIjo47M/ZXoWPW9h+cKK06dLWSaxE
0ayGxPI8XqgmGZRcs0/Oim9X/bL7h1Mi6wmtpKeiFYlU1djFFcD4VZA/049ATwZw
KpvINh7Hi1XQbVVx1PmtWvD3MZPJAvPfmNlQHZW63SfNUGQMsDCldzpqvDpEOVN0
f7WFw9VNmh+hBPBXw44r0NyWgyy8HvoHYsqwFBfWneUIatQxwbPz0lGQYGFVS2xD
NM7nbuMjhZ29YOzFoWDQDbMvje708/TYA8M/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUaIvYccilaArEsX80gO9qzr44NQowHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vYUl2WWNjaWxhQXJFc1g4MGdPOXF6
cjQ0TlFvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHyWhzAN
BgkqhkiG9w0BAQsFAAOCAQEAVgEnQmTXBbHyBDAlvzXOqq03ZRybDbM9zpbAY1Pv
rH7k9Xv4C53LB7IcT8buKkglf9oWnY4KninJ8VrJ4E1cl257RRkf5Agq18iZ2k4R
az47GXGZjdQCcAjKpVFroYavERc46f0a//fqNaWMfEBmTv9oyv1VTW93CHJdl9DT
uvJLyPTdS4/UIX2lfQtIF9uwYPsl5LeJZleoSpH4ztY0IaZeaP+z6wTx6ReAk0Ch
Stqf2r2TRIMjs3puSL6yXoOuJstqI7G9Sr+3trZK5Lg6z/p6VcnRtCnhHzKajo/j
Dxn51qeg/1Jt3eQRUVa3fjiSoJSaPpCNjJ7ijJ2Xd/b2aA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org