Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/dsCIFwwcyTFNlqNrRqtKAXcsKHg.roa
File: dsCIFwwcyTFNlqNrRqtKAXcsKHg.roa (raw, json)
Hash identifier: 98CjIKWhtzrhGtc6rwhz3R5nSY99aoPYFgItfwZXxdA=
Subject key identifier: 76:C0:88:17:0C:1C:C9:31:4D:96:A3:6B:46:AB:4A:01:77:2C:28:78
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0AC1
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/dsCIFwwcyTFNlqNrRqtKAXcsKHg.roa
Signing time: Thu 07 Oct 2021 07:23:19 +0000
ROA not before: Thu 07 Oct 2021 07:23:19 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 223.27.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2753 (0xac1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Oct 7 07:23:19 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=76C088170C1CC9314D96A36B46AB4A01772C2878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:77:c4:85:0f:fa:6b:9d:cd:b2:1a:93:c7:d7:
51:47:b0:56:9e:45:b1:d8:cf:4d:42:04:07:0f:30:
fc:9e:d6:1a:69:ec:5f:5e:23:ff:b8:35:ac:ad:6d:
bb:bb:a3:10:af:a8:20:85:a1:05:d2:76:5f:bd:31:
fa:02:cd:9b:5e:39:b9:2a:6d:8a:0a:a6:c1:a8:10:
5c:f6:18:ac:d7:a4:57:c0:cf:d6:ea:f3:37:65:68:
22:e0:cf:e0:17:9f:0e:ac:cf:73:d9:db:c5:f5:ff:
67:69:bb:19:cc:ae:e0:9b:c8:c9:46:3f:a9:71:b8:
5e:f1:0f:76:88:e6:4d:35:53:f0:11:87:d1:55:c1:
bf:15:1f:89:08:7c:f4:b9:1f:5a:34:7b:09:4a:80:
c1:8e:67:9c:8f:9e:9d:8c:24:db:47:8d:3a:b9:a6:
f6:48:44:0c:67:4e:72:e9:8b:da:6c:b0:20:7d:42:
4f:66:e6:d1:34:61:1c:0f:7c:86:4d:11:19:3a:81:
e4:1d:00:5c:49:b7:fb:d1:f2:54:76:59:b7:e0:ef:
9c:7b:01:0a:b3:61:47:c2:9c:5e:45:2b:1d:57:5a:
cf:7b:66:55:b7:ff:3f:c9:c0:91:30:f1:8d:23:b5:
3a:85:69:bf:57:25:c7:4d:3b:a3:8e:0b:4a:de:08:
d0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C0:88:17:0C:1C:C9:31:4D:96:A3:6B:46:AB:4A:01:77:2C:28:78
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/dsCIFwwcyTFNlqNrRqtKAXcsKHg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.32.0/20
Signature Algorithm: sha256WithRSAEncryption
86:a1:11:9e:3a:61:b2:40:3d:cb:a5:ad:de:17:af:ea:66:04:
cd:5c:33:f4:b9:57:94:be:37:51:3f:a3:44:c1:7c:55:2e:2f:
01:91:a3:66:44:dc:be:35:e8:14:d8:1e:50:34:3f:e8:43:fc:
d9:3a:b5:7e:8d:93:0f:3e:a8:d3:06:d2:97:2b:86:6b:72:60:
f7:42:d1:58:56:2a:bb:90:22:5a:8a:02:5b:88:82:a7:66:4a:
94:57:92:f7:95:98:f9:1a:ea:4c:ae:c8:3b:91:0e:b0:fc:0a:
07:39:51:18:61:f8:a1:a8:8e:ff:dd:41:0a:06:85:7e:5e:0e:
39:5a:60:39:1f:e1:e0:92:ec:d3:3d:6f:0f:2d:6f:bb:62:7a:
41:38:42:e5:18:d5:98:41:92:56:c4:08:a2:ba:29:d4:9f:af:
81:c7:16:ef:27:6c:43:20:fa:12:7d:32:f8:90:67:f0:9e:20:
bb:e2:c4:e1:82:f2:d2:fe:ae:ec:c4:e6:2b:6b:0b:8e:6f:2a:
10:2d:91:5a:88:72:bf:f1:34:59:94:9a:ca:ed:fb:95:d2:82:
79:09:95:60:2e:aa:2f:c2:44:15:96:fc:ea:76:25:cf:5a:fd:
9a:1a:db:4b:81:65:cf:45:65:a6:f4:e9:e0:68:1f:18:13:e4:
42:f9:aa:1c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCsEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTEwMDcw
NzIzMTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDc2QzA4ODE3MEMxQ0M5
MzE0RDk2QTM2QjQ2QUI0QTAxNzcyQzI4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBd8SFD/prnc2yGpPH11FHsFaeRbHYz01CBAcPMPye1hpp7F9e
I/+4Naytbbu7oxCvqCCFoQXSdl+9MfoCzZteObkqbYoKpsGoEFz2GKzXpFfAz9bq
8zdlaCLgz+AXnw6sz3PZ28X1/2dpuxnMruCbyMlGP6lxuF7xD3aI5k01U/ARh9FV
wb8VH4kIfPS5H1o0ewlKgMGOZ5yPnp2MJNtHjTq5pvZIRAxnTnLpi9pssCB9Qk9m
5tE0YRwPfIZNERk6geQdAFxJt/vR8lR2Wbfg75x7AQqzYUfCnF5FKx1XWs97ZlW3
/z/JwJEw8Y0jtTqFab9XJcdNO6OOC0reCNDNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUdsCIFwwcyTFNlqNrRqtKAXcsKHgwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vZHNDSUZ3d2N5VEZObHFOclJxdEtB
WGNzS0hnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBN8bIDAN
BgkqhkiG9w0BAQsFAAOCAQEAhqERnjphskA9y6Wt3hev6mYEzVwz9LlXlL43UT+j
RMF8VS4vAZGjZkTcvjXoFNgeUDQ/6EP82Tq1fo2TDz6o0wbSlyuGa3Jg90LRWFYq
u5AiWooCW4iCp2ZKlFeS95WY+RrqTK7IO5EOsPwKBzlRGGH4oaiO/91BCgaFfl4O
OVpgOR/h4JLs0z1vDy1vu2J6QThC5RjVmEGSVsQIorop1J+vgccW7ydsQyD6En0y
+JBn8J4gu+LE4YLy0v6u7MTmK2sLjm8qEC2RWohyv/E0WZSayu37ldKCeQmVYC6q
L8JEFZb86nYlz1r9mhrbS4Flz0VlpvTp4GgfGBPkQvmqHA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org