Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/iHE3FigQJ62cZqNRlDiI5an6qPA.roa
File: iHE3FigQJ62cZqNRlDiI5an6qPA.roa (raw, json)
Hash identifier: 40qnbo83EJYBiryfNlcdij5uPDLIiCQ0dICgZBCGLhE=
Subject key identifier: 88:71:37:16:28:10:27:AD:9C:66:A3:51:94:38:88:E5:A9:FA:A8:F0
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 089E
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/iHE3FigQJ62cZqNRlDiI5an6qPA.roa
Signing time: Fri 11 Dec 2020 08:54:54 +0000
ROA not before: Fri 11 Dec 2020 08:54:54 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 198949
IP address blocks: 223.27.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2206 (0x89e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 08:54:54 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=88713716281027AD9C66A351943888E5A9FAA8F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2e:17:0b:3c:33:84:78:94:51:1e:e3:71:80:
58:99:34:87:e1:bd:1a:08:db:d4:9d:66:35:49:f2:
ab:05:6f:16:21:2e:11:9d:09:e4:97:2a:f0:29:59:
33:a5:a6:cb:c2:ee:0b:cb:f3:08:9d:f4:db:90:04:
8a:93:a4:29:3d:fc:53:3f:19:28:e8:e3:62:7f:c4:
89:a9:43:3c:3a:80:1a:30:33:15:65:79:54:09:4b:
ee:89:87:2e:93:70:27:f1:9b:bd:94:7b:0a:10:0a:
71:34:04:8b:47:6e:53:3a:13:48:b8:b1:93:0d:5e:
cc:7b:64:da:3b:42:22:3d:04:37:1d:96:bf:b4:de:
f5:f0:aa:5f:8f:47:aa:1b:53:45:96:9d:b4:cf:4c:
34:08:e6:e8:f8:7c:ef:c2:95:e5:6e:d1:e3:22:f4:
c5:24:c9:7d:d1:ae:ba:20:ba:7a:bb:aa:32:13:21:
28:f7:e2:d8:67:a7:6f:1e:e2:76:d8:1a:cd:d9:f4:
72:13:db:34:d6:4d:b9:f0:bf:40:49:32:06:28:b2:
03:44:0e:6c:8c:14:da:92:4a:b0:7f:2e:a0:93:1d:
e5:52:b0:21:57:2d:ae:0c:79:dd:93:57:82:08:85:
1f:62:43:17:a9:cc:47:e3:cb:b2:95:a7:47:4c:60:
96:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:71:37:16:28:10:27:AD:9C:66:A3:51:94:38:88:E5:A9:FA:A8:F0
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/iHE3FigQJ62cZqNRlDiI5an6qPA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.32.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e9:e7:c2:f8:05:03:4d:5a:c8:ed:b0:3e:f2:40:9d:96:6d:
66:27:9e:84:34:63:c4:fb:c6:2f:65:f1:1e:35:20:0c:7d:7f:
de:d6:49:9a:54:f7:a0:9e:a7:41:e8:04:99:1f:8f:d4:8b:9b:
7d:4e:2f:a3:d4:cc:76:29:5d:fb:c9:cd:b5:95:67:72:36:0d:
77:2e:fd:bd:ac:9d:25:a8:e4:6e:11:f5:a3:f5:9e:34:64:c6:
2a:d8:fa:95:1b:dc:00:4e:15:b8:41:87:63:e6:18:a7:82:f6:
98:4e:3d:7c:94:be:43:ab:9a:99:13:9c:04:43:38:0a:cc:b5:
47:84:ab:0d:36:d4:78:09:55:a1:ff:cf:ca:e0:81:48:06:52:
da:0d:02:6c:ea:4d:a7:03:ac:14:ee:7f:1f:0e:cd:aa:7c:9d:
30:96:83:84:0c:0a:14:1a:29:80:b0:b3:d1:9e:7d:0f:23:0b:
12:d6:25:8b:8c:ed:a7:4f:53:1c:19:40:75:4e:17:e4:7d:7b:
03:35:69:b5:74:a7:58:91:d9:34:6c:f5:a1:e9:c6:33:bb:3c:
8f:bf:aa:03:45:57:6d:fd:d4:48:1a:44:0f:ec:9b:00:59:61:
10:2e:83:56:34:8b:92:ef:83:54:ec:e3:bf:7c:ba:2b:75:61:
4f:c4:a2:b0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
ODU0NTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg4NzEzNzE2MjgxMDI3
QUQ5QzY2QTM1MTk0Mzg4OEU1QTlGQUE4RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnLhcLPDOEeJRRHuNxgFiZNIfhvRoI29SdZjVJ8qsFbxYhLhGd
CeSXKvApWTOlpsvC7gvL8wid9NuQBIqTpCk9/FM/GSjo42J/xImpQzw6gBowMxVl
eVQJS+6Jhy6TcCfxm72UewoQCnE0BItHblM6E0i4sZMNXsx7ZNo7QiI9BDcdlr+0
3vXwql+PR6obU0WWnbTPTDQI5uj4fO/CleVu0eMi9MUkyX3Rrrogunq7qjITISj3
4thnp28e4nbYGs3Z9HIT2zTWTbnwv0BJMgYosgNEDmyMFNqSSrB/LqCTHeVSsCFX
La4Med2TV4IIhR9iQxepzEfjy7KVp0dMYJYTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUiHE3FigQJ62cZqNRlDiI5an6qPAwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vaUhFM0ZpZ1FKNjJjWnFOUmxEaUk1
YW42cVBBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bIDAN
BgkqhkiG9w0BAQsFAAOCAQEAQennwvgFA01ayO2wPvJAnZZtZieehDRjxPvGL2Xx
HjUgDH1/3tZJmlT3oJ6nQegEmR+P1IubfU4vo9TMdild+8nNtZVncjYNdy79vayd
JajkbhH1o/WeNGTGKtj6lRvcAE4VuEGHY+YYp4L2mE49fJS+Q6uamROcBEM4Csy1
R4SrDTbUeAlVof/PyuCBSAZS2g0CbOpNpwOsFO5/Hw7NqnydMJaDhAwKFBopgLCz
0Z59DyMLEtYli4ztp09THBlAdU4X5H17AzVptXSnWJHZNGz1oenGM7s8j7+qA0VX
bf3USBpED+ybAFlhEC6DVjSLku+DVOzjv3y6K3VhT8SisA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org