Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/snumYqQsS_6vgh-01VEh-0rwfOM.roa
File: snumYqQsS_6vgh-01VEh-0rwfOM.roa (raw, json)
Hash identifier: rQLiVpez+AkDGNfq59KkoxCqwzVZ9BXTm7ilnqoz9aI=
Subject key identifier: B2:7B:A6:62:A4:2C:4B:FE:AF:82:1F:B4:D5:51:21:FB:4A:F0:7C:E3
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0A91
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/snumYqQsS_6vgh-01VEh-0rwfOM.roa
Signing time: Wed 06 Oct 2021 07:06:44 +0000
ROA not before: Wed 06 Oct 2021 07:06:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38843
IP address blocks: 223.27.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2705 (0xa91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Oct 6 07:06:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=B27BA662A42C4BFEAF821FB4D55121FB4AF07CE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c3:58:57:c7:3d:4e:d1:24:10:c1:fc:b5:43:
9a:a6:2c:db:a0:17:b9:5b:32:5e:b8:e3:87:b8:82:
68:46:75:47:15:8d:f6:a1:b3:0d:95:89:4b:c9:ca:
b3:af:92:4e:b2:ab:2e:1b:46:4e:13:8d:72:60:78:
0a:eb:f6:d3:ff:af:2f:6c:9d:a5:bf:e1:19:99:9b:
70:fe:4c:bc:02:4f:4d:17:5a:54:fa:18:ed:ab:0a:
34:a8:df:f6:2b:15:6e:b8:ae:2a:e8:26:4c:fa:80:
61:59:3a:0f:06:ff:e4:36:92:5f:12:c2:25:f7:2f:
29:72:3e:a0:da:db:77:63:15:82:cb:81:24:4f:7b:
22:12:1e:03:df:8e:fc:97:eb:37:aa:49:40:7d:db:
36:4a:a4:ee:01:80:71:e1:73:1f:4f:11:e7:47:c5:
3e:4b:87:47:41:4d:fe:d8:d1:6e:92:c7:c6:64:06:
7d:22:91:df:1b:66:4b:df:b0:f6:b9:3c:88:73:71:
9b:e6:ee:2c:6f:17:42:9f:33:ec:1e:1b:49:59:e1:
e5:97:4a:04:65:7f:cf:eb:87:b7:ed:e8:aa:25:87:
c6:dc:05:eb:3a:dc:4e:a4:ea:70:65:42:62:e3:10:
69:12:3e:68:44:45:a3:e4:90:96:1f:8e:2d:08:61:
b1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7B:A6:62:A4:2C:4B:FE:AF:82:1F:B4:D5:51:21:FB:4A:F0:7C:E3
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/snumYqQsS_6vgh-01VEh-0rwfOM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.44.0/22
Signature Algorithm: sha256WithRSAEncryption
16:f2:ed:d4:51:57:53:a1:5b:ff:7f:cc:98:32:c3:c8:58:02:
a4:43:73:68:00:45:48:db:b2:d8:68:e1:06:bd:6b:82:37:cf:
05:62:18:42:74:3e:e6:a0:54:a6:ef:1f:11:67:82:64:df:ab:
ca:6e:27:e1:29:cc:73:5c:6d:4a:7e:30:53:69:b4:61:f9:07:
7d:a4:1d:f8:cd:f9:c0:27:92:d4:29:84:86:28:e5:9d:11:80:
62:16:54:0f:45:d5:72:4a:3e:10:41:c7:a4:98:e6:18:f0:bb:
80:8b:5d:83:74:4b:3a:5c:ca:c0:a5:72:57:94:6e:8d:19:b0:
72:3f:7e:42:f2:8d:73:0d:0f:d0:1f:1d:e4:70:cc:7a:21:42:
d3:4a:a8:40:98:dc:55:8e:c9:6c:a2:1d:79:e6:5d:4a:5e:d2:
c6:9d:e5:fa:f6:1c:22:23:16:32:50:dc:76:20:8a:21:c7:56:
f6:9e:5f:51:dd:0f:38:7d:c4:ed:b0:3f:d4:56:0b:cb:e2:93:
6e:8c:35:40:ec:eb:20:41:d6:83:1d:29:a4:8d:7e:cd:00:62:
75:40:74:a8:17:06:82:b8:24:99:1d:3b:b4:04:d0:d7:af:32:
92:8f:83:00:61:80:3e:ee:64:2e:ee:36:e8:e9:b0:d3:10:32:
f0:3d:6d:c5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCpEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTEwMDYw
NzA2NDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEIyN0JBNjYyQTQyQzRC
RkVBRjgyMUZCNEQ1NTEyMUZCNEFGMDdDRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6w1hXxz1O0SQQwfy1Q5qmLNugF7lbMl6444e4gmhGdUcVjfah
sw2ViUvJyrOvkk6yqy4bRk4TjXJgeArr9tP/ry9snaW/4RmZm3D+TLwCT00XWlT6
GO2rCjSo3/YrFW64riroJkz6gGFZOg8G/+Q2kl8SwiX3LylyPqDa23djFYLLgSRP
eyISHgPfjvyX6zeqSUB92zZKpO4BgHHhcx9PEedHxT5Lh0dBTf7Y0W6Sx8ZkBn0i
kd8bZkvfsPa5PIhzcZvm7ixvF0KfM+weG0lZ4eWXSgRlf8/rh7ft6Kolh8bcBes6
3E6k6nBlQmLjEGkSPmhERaPkkJYfji0IYbGVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUsnumYqQsS/6vgh+01VEh+0rwfOMwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vc251bVlxUXNTXzZ2Z2gtMDFWRWgt
MHJ3Zk9NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8bLDAN
BgkqhkiG9w0BAQsFAAOCAQEAFvLt1FFXU6Fb/3/MmDLDyFgCpENzaABFSNuy2Gjh
Br1rgjfPBWIYQnQ+5qBUpu8fEWeCZN+rym4n4SnMc1xtSn4wU2m0YfkHfaQd+M35
wCeS1CmEhijlnRGAYhZUD0XVcko+EEHHpJjmGPC7gItdg3RLOlzKwKVyV5RujRmw
cj9+QvKNcw0P0B8d5HDMeiFC00qoQJjcVY7JbKIdeeZdSl7Sxp3l+vYcIiMWMlDc
diCKIcdW9p5fUd0POH3E7bA/1FYLy+KTbow1QOzrIEHWgx0ppI1+zQBidUB0qBcG
grgkmR07tATQ168yko+DAGGAPu5kLu426Omw0xAy8D1txQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org