Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/o985IWppiedcsdnsIp9H_Q2CqSA.roa
File: o985IWppiedcsdnsIp9H_Q2CqSA.roa (raw, json)
Hash identifier: +pZ27jiCqSbV2AZqWva8nAU07bXh0aF11u4SrducZD4=
Subject key identifier: A3:DF:39:21:6A:69:89:E7:5C:B1:D9:EC:22:9F:47:FD:0D:82:A9:20
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0AA7
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/o985IWppiedcsdnsIp9H_Q2CqSA.roa
Signing time: Wed 06 Oct 2021 07:13:01 +0000
ROA not before: Wed 06 Oct 2021 07:13:01 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 223.27.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2727 (0xaa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Oct 6 07:13:01 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A3DF39216A6989E75CB1D9EC229F47FD0D82A920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e5:8c:8e:34:2a:f2:9d:e1:e3:be:0e:3b:06:
53:89:4e:45:ea:48:e5:0f:7a:f8:02:ac:23:d3:9f:
b2:25:ec:7d:28:c0:5c:3c:63:f7:cd:8d:09:6a:ff:
12:a8:29:0a:da:34:31:e4:fe:27:12:c2:d5:dd:77:
33:2e:c4:84:75:4a:26:ee:5c:40:cb:7f:68:99:0a:
8a:41:28:5b:21:08:d3:25:5a:39:c5:b9:a3:42:09:
5e:3d:5b:a5:c4:b2:42:ec:ef:a7:ed:41:8d:7f:8b:
42:a6:63:6c:51:58:d9:cd:0c:56:85:89:f2:fb:30:
10:a4:54:ce:ce:df:c6:2d:50:e6:4c:3c:87:2b:1a:
4a:20:84:48:b0:6d:e5:ba:f1:49:9f:3d:79:92:7e:
5c:d4:55:19:53:2c:33:da:3c:64:11:82:93:57:ca:
03:d0:da:33:d2:62:55:c6:dc:c2:e1:19:a8:d4:15:
17:e7:1d:9f:3e:5a:e1:70:7d:32:e8:74:e3:df:8d:
cd:19:86:88:21:d1:f1:8d:5f:d8:95:a8:b0:4e:19:
52:e7:8e:19:61:79:b3:12:83:fd:db:49:df:e5:d3:
26:bb:97:ac:d4:9e:b2:e1:2f:f6:9b:78:ad:a0:e1:
fd:21:cb:6b:93:2a:df:a1:1d:e6:a7:2f:85:96:1e:
8f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DF:39:21:6A:69:89:E7:5C:B1:D9:EC:22:9F:47:FD:0D:82:A9:20
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/o985IWppiedcsdnsIp9H_Q2CqSA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.57.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ae:d6:aa:27:84:33:6a:65:70:df:3f:c0:50:49:27:c9:5a:
9c:b5:2b:fb:e5:6e:c2:5b:fc:b0:72:b4:34:80:be:8a:12:29:
11:86:eb:b3:0c:b5:9a:d0:81:9c:dc:42:e8:0e:3d:29:cf:4b:
01:f2:ab:c2:92:b6:f2:18:92:85:c9:e3:ea:0a:f1:92:66:db:
54:7e:29:71:6b:73:82:90:2d:4a:50:78:b8:83:72:de:59:a2:
fb:38:75:63:ed:05:41:ff:21:8a:f7:33:b8:93:9d:0c:b4:8b:
f1:c9:35:c5:f4:4f:f0:f4:25:1f:dd:b2:51:10:0b:d0:17:17:
ba:8b:d3:ce:4b:f4:19:1d:bf:a0:09:89:b0:35:a7:18:06:f6:
e4:6e:91:69:83:b7:62:55:a8:db:3f:c7:a6:17:59:d6:e0:06:
4a:af:ee:9a:f6:79:07:1e:20:c6:b7:1a:6d:c4:1c:17:6e:6f:
c1:dd:b4:32:6e:cf:9d:7d:39:45:86:25:78:fd:b5:4e:6d:d9:
0a:04:7f:60:6a:61:60:ce:f7:6f:7f:4e:20:11:43:da:88:ba:
e7:da:b3:16:53:df:fb:53:db:67:85:78:e3:52:97:d3:15:6d:
65:9f:a8:16:95:68:ad:bf:04:8d:ab:33:01:c2:7e:23:2f:ee:
56:d9:61:a5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCqcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTEwMDYw
NzEzMDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEzREYzOTIxNkE2OTg5
RTc1Q0IxRDlFQzIyOUY0N0ZEMEQ4MkE5MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS5YyONCryneHjvg47BlOJTkXqSOUPevgCrCPTn7Il7H0owFw8
Y/fNjQlq/xKoKQraNDHk/icSwtXddzMuxIR1SibuXEDLf2iZCopBKFshCNMlWjnF
uaNCCV49W6XEskLs76ftQY1/i0KmY2xRWNnNDFaFifL7MBCkVM7O38YtUOZMPIcr
GkoghEiwbeW68UmfPXmSflzUVRlTLDPaPGQRgpNXygPQ2jPSYlXG3MLhGajUFRfn
HZ8+WuFwfTLodOPfjc0Zhogh0fGNX9iVqLBOGVLnjhlhebMSg/3bSd/l0ya7l6zU
nrLhL/abeK2g4f0hy2uTKt+hHeanL4WWHo9PAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUo985IWppiedcsdnsIp9H/Q2CqSAwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vbzk4NUlXcHBpZWRjc2Ruc0lwOUhf
UTJDcVNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bOTAN
BgkqhkiG9w0BAQsFAAOCAQEAFa7WqieEM2plcN8/wFBJJ8lanLUr++Vuwlv8sHK0
NIC+ihIpEYbrswy1mtCBnNxC6A49Kc9LAfKrwpK28hiShcnj6grxkmbbVH4pcWtz
gpAtSlB4uINy3lmi+zh1Y+0FQf8hivczuJOdDLSL8ck1xfRP8PQlH92yURAL0BcX
uovTzkv0GR2/oAmJsDWnGAb25G6RaYO3YlWo2z/HphdZ1uAGSq/umvZ5Bx4gxrca
bcQcF25vwd20Mm7PnX05RYYleP21Tm3ZCgR/YGphYM73b39OIBFD2oi659qzFlPf
+1PbZ4V441KX0xVtZZ+oFpVorb8EjaszAcJ+Iy/uVtlhpQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org