Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/o6wNbWNJ_Q7eYHRN0IadV3mOfoY.roa
File: o6wNbWNJ_Q7eYHRN0IadV3mOfoY.roa (raw, json)
Hash identifier: 8W8Pe45rT4sil2ryNpNLOc4zT3c0xbKBfDnHyi+nVkI=
Subject key identifier: A3:AC:0D:6D:63:49:FD:0E:DE:60:74:4D:D0:86:9D:57:79:8E:7E:86
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0CE4
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/o6wNbWNJ_Q7eYHRN0IadV3mOfoY.roa
Signing time: Fri 01 Sep 2023 09:39:53 +0000
ROA not before: Fri 01 Sep 2023 09:39:53 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38843
IP address blocks: 223.27.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3300 (0xce4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 1 09:39:53 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A3AC0D6D6349FD0EDE60744DD0869D57798E7E86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:17:9f:56:17:76:b9:29:09:e0:5b:19:48:04:
60:d9:80:cf:20:a8:fe:7e:b1:17:f1:b2:55:a2:45:
d9:a2:ee:e5:15:24:c0:3a:c5:f7:0c:b9:f0:e0:1c:
83:82:44:8a:23:10:80:2d:c2:49:b9:93:19:cf:73:
4e:3e:d2:9e:03:d3:3d:83:ba:7a:63:d6:e0:1f:b4:
84:b9:fa:a3:f7:f9:86:2f:5f:b4:08:74:42:28:bc:
d5:33:1d:1a:5a:cc:d6:9e:aa:01:fc:5d:8d:19:1d:
eb:3f:18:ff:6b:3b:c8:91:1e:0a:b1:b1:44:62:43:
fa:7f:8b:89:a4:b9:d6:79:35:2f:a6:c3:96:e6:2f:
41:26:ce:5f:00:e0:f5:1f:1f:be:a9:d9:e6:ad:55:
ae:84:ce:15:b5:bf:08:9b:49:ac:ff:06:6f:9c:3c:
34:65:5a:05:24:fc:88:e9:5f:69:8e:df:7e:3c:24:
5e:17:f8:83:13:23:98:95:83:9a:2e:e4:0e:d0:ec:
ec:07:cf:ba:87:f9:c9:79:0c:6a:32:32:32:4a:99:
43:42:b5:43:6f:2d:ed:b8:cb:ed:de:c0:33:49:53:
55:61:44:07:62:06:24:c6:12:f2:97:b8:11:43:c7:
b3:19:d9:3c:07:30:d6:db:96:40:38:c7:48:cd:64:
8e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AC:0D:6D:63:49:FD:0E:DE:60:74:4D:D0:86:9D:57:79:8E:7E:86
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/o6wNbWNJ_Q7eYHRN0IadV3mOfoY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.34.0/24
Signature Algorithm: sha256WithRSAEncryption
87:67:5f:08:36:40:3f:07:66:3c:aa:f4:2d:32:ff:91:26:26:
b0:4f:0b:7b:6a:46:5f:f3:ac:ec:d1:5a:ba:1d:43:8d:fd:08:
e4:8a:f4:80:76:c3:1a:79:5e:0b:8e:a8:52:0d:23:3f:e3:3b:
f1:ef:81:89:c0:d8:49:bd:3e:50:ca:01:6a:55:a0:83:8b:75:
77:7e:88:5d:af:e2:d8:05:87:95:21:e7:c0:b8:d0:b8:fe:a6:
5e:53:53:24:b1:93:b1:9b:42:3d:bf:1b:5a:b4:8a:10:d9:0f:
1d:0b:e5:a8:33:b7:00:5f:f7:78:2a:5b:b4:96:b5:6d:63:aa:
54:4e:04:de:56:5d:f2:66:0a:d8:40:86:c6:16:bf:3e:9b:2a:
dc:51:5f:48:6e:70:58:5c:ac:fb:05:d5:f7:c8:a0:1f:e7:84:
f6:d1:c9:ee:c6:a5:46:9b:98:1b:69:18:a3:c1:20:b0:90:e2:
e3:95:dd:95:eb:58:18:6d:45:84:90:e8:2f:7b:c5:9d:b4:84:
06:fd:d5:28:9f:69:26:80:8b:ab:99:a2:23:06:1c:41:22:d9:
6d:48:75:e8:08:d5:9e:11:ee:58:4b:b0:11:41:ea:4d:7e:24:
01:4b:99:a7:e4:a5:3a:28:b6:44:d2:fe:d2:1d:22:16:2b:2c:
f6:1b:80:8f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEzQUMwRDZENjM0OUZE
MEVERTYwNzQ0REQwODY5RDU3Nzk4RTdFODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+F59WF3a5KQngWxlIBGDZgM8gqP5+sRfxslWiRdmi7uUVJMA6
xfcMufDgHIOCRIojEIAtwkm5kxnPc04+0p4D0z2Dunpj1uAftIS5+qP3+YYvX7QI
dEIovNUzHRpazNaeqgH8XY0ZHes/GP9rO8iRHgqxsURiQ/p/i4mkudZ5NS+mw5bm
L0Emzl8A4PUfH76p2eatVa6EzhW1vwibSaz/Bm+cPDRlWgUk/IjpX2mO3348JF4X
+IMTI5iVg5ou5A7Q7OwHz7qH+cl5DGoyMjJKmUNCtUNvLe24y+3ewDNJU1VhRAdi
BiTGEvKXuBFDx7MZ2TwHMNbblkA4x0jNZI79AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUo6wNbWNJ/Q7eYHRN0IadV3mOfoYwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vbzZ3TmJXTkpfUTdlWUhSTjBJYWRW
M21PZm9ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bIjAN
BgkqhkiG9w0BAQsFAAOCAQEAh2dfCDZAPwdmPKr0LTL/kSYmsE8Le2pGX/Os7NFa
uh1Djf0I5Ir0gHbDGnleC46oUg0jP+M78e+BicDYSb0+UMoBalWgg4t1d36IXa/i
2AWHlSHnwLjQuP6mXlNTJLGTsZtCPb8bWrSKENkPHQvlqDO3AF/3eCpbtJa1bWOq
VE4E3lZd8mYK2ECGxha/Ppsq3FFfSG5wWFys+wXV98igH+eE9tHJ7salRpuYG2kY
o8EgsJDi45XdletYGG1FhJDoL3vFnbSEBv3VKJ9pJoCLq5miIwYcQSLZbUh16AjV
nhHuWEuwEUHqTX4kAUuZp+SlOii2RNL+0h0iFiss9huAjw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:31 2025 by rpki-client