Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/kEGE1-Rxm-YcGV0o32p8L1d3Sy0.roa
File: kEGE1-Rxm-YcGV0o32p8L1d3Sy0.roa (raw, json)
Hash identifier: J6sEHkSJ73/Fa236ZQwy95dUQIHb8lW4HKmF6F4XlUE=
Subject key identifier: 90:41:84:D7:E4:71:9B:E6:1C:19:5D:28:DF:6A:7C:2F:57:77:4B:2D
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0A6A
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/kEGE1-Rxm-YcGV0o32p8L1d3Sy0.roa
Signing time: Wed 29 Sep 2021 02:42:45 +0000
ROA not before: Wed 29 Sep 2021 02:42:45 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 223.27.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2666 (0xa6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 29 02:42:45 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=904184D7E4719BE61C195D28DF6A7C2F57774B2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:6c:74:8c:4b:d2:f4:8f:2d:47:8e:43:73:
dc:d5:99:ba:5c:64:00:8e:4f:18:12:3a:2c:93:62:
c4:f5:a3:3f:bd:85:fc:be:5e:f2:5d:9d:1e:02:b6:
59:d2:c0:55:46:60:73:a0:aa:94:9a:54:3f:e0:04:
f2:73:b4:29:7a:c9:b1:0f:55:0a:31:95:a2:fb:7a:
a0:36:68:c8:85:74:e2:63:ef:de:cd:a1:b1:c7:df:
be:73:26:a9:25:82:bd:94:19:cd:60:41:27:87:24:
45:2b:1b:18:94:41:c0:f1:4e:49:0b:5b:65:33:62:
56:fb:53:c0:ce:80:21:33:77:69:7c:6e:9a:a1:cc:
8b:fb:92:07:dc:4c:ab:4c:33:fb:24:9a:6e:da:b5:
a1:9f:c3:e2:c9:58:14:ba:24:61:21:1c:28:c7:10:
4a:6b:8d:35:9e:0f:ec:a9:eb:66:78:f8:25:01:d5:
10:ec:e3:83:c6:dd:29:32:82:c7:7c:44:d0:e2:11:
c6:7f:ff:67:c9:8d:99:41:53:11:cc:9a:fd:b0:fc:
71:2b:68:af:c7:f1:d7:dd:3e:e8:50:2a:87:71:f0:
25:c5:f4:14:d9:f5:79:eb:3d:50:26:72:44:63:f5:
80:c2:be:b8:54:77:e8:46:05:b1:37:11:a9:81:a1:
f0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:41:84:D7:E4:71:9B:E6:1C:19:5D:28:DF:6A:7C:2F:57:77:4B:2D
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/kEGE1-Rxm-YcGV0o32p8L1d3Sy0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.37.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:18:3f:45:92:21:48:66:06:3e:1e:b1:aa:a7:bf:68:fa:a7:
fa:f7:46:30:b5:50:bc:ea:63:81:d5:68:2b:12:af:71:fd:bd:
8f:8e:a6:8b:7b:f8:5b:38:88:c0:fe:b3:75:38:51:eb:06:e8:
89:e7:ba:99:11:c9:a5:17:a4:4e:da:55:4d:c1:a6:f0:2b:6e:
49:05:72:d9:46:ef:cd:36:01:52:99:51:a6:55:f4:99:f6:50:
48:0d:8e:f7:7b:ad:ee:3f:89:fc:e7:b1:b0:b2:0c:35:24:10:
66:f9:b5:5e:27:ac:4b:e5:83:d0:6c:22:24:a1:f7:40:53:3f:
f8:6c:ab:1a:ab:b4:39:52:c8:3a:bb:60:57:1d:5c:4b:90:89:
81:7c:77:0a:cd:e8:9e:6d:64:42:e9:be:e6:be:ee:6f:1f:ef:
e2:fe:62:27:c3:e1:75:65:3e:54:51:1e:c2:5a:7c:8e:18:f7:
3f:bc:2d:d5:dd:e0:97:1b:62:e0:47:7d:e5:5a:e5:d0:39:6e:
13:aa:cc:b8:c8:b6:5e:13:63:7f:8e:e6:36:06:56:be:b8:d9:
78:74:18:30:43:bd:ed:db:df:5c:66:61:08:9e:3e:7c:ac:2b:
80:0a:4b:12:38:bd:cb:35:ef:d7:27:a0:39:f7:33:bd:94:9f:
8f:8a:b1:02
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTA5Mjkw
MjQyNDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDkwNDE4NEQ3RTQ3MTlC
RTYxQzE5NUQyOERGNkE3QzJGNTc3NzRCMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Lmx0jEvS9I8tR45Dc9zVmbpcZACOTxgSOiyTYsT1oz+9hfy+
XvJdnR4CtlnSwFVGYHOgqpSaVD/gBPJztCl6ybEPVQoxlaL7eqA2aMiFdOJj797N
obHH375zJqklgr2UGc1gQSeHJEUrGxiUQcDxTkkLW2UzYlb7U8DOgCEzd2l8bpqh
zIv7kgfcTKtMM/skmm7ataGfw+LJWBS6JGEhHCjHEEprjTWeD+yp62Z4+CUB1RDs
44PG3Skygsd8RNDiEcZ//2fJjZlBUxHMmv2w/HEraK/H8dfdPuhQKodx8CXF9BTZ
9XnrPVAmckRj9YDCvrhUd+hGBbE3EamBofA9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkEGE1+Rxm+YcGV0o32p8L1d3Sy0wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8va0VHRTEtUnhtLVljR1YwbzMycDhM
MWQzU3kwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bJTAN
BgkqhkiG9w0BAQsFAAOCAQEAuxg/RZIhSGYGPh6xqqe/aPqn+vdGMLVQvOpjgdVo
KxKvcf29j46mi3v4WziIwP6zdThR6wboiee6mRHJpRekTtpVTcGm8CtuSQVy2Ubv
zTYBUplRplX0mfZQSA2O93ut7j+J/OexsLIMNSQQZvm1XiesS+WD0GwiJKH3QFM/
+GyrGqu0OVLIOrtgVx1cS5CJgXx3Cs3onm1kQum+5r7ubx/v4v5iJ8PhdWU+VFEe
wlp8jhj3P7wt1d3glxti4Ed95Vrl0DluE6rMuMi2XhNjf47mNgZWvrjZeHQYMEO9
7dvfXGZhCJ4+fKwrgApLEji9yzXv1yegOfczvZSfj4qxAg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org