Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/tYQy0LYsqaABC8x27wm8US2xVhU.roa
File: tYQy0LYsqaABC8x27wm8US2xVhU.roa (raw, json)
Hash identifier: QZF3g0/ES2GSBTZrcZXXDLao9Niclf+egkDF/YFd0jU=
Subject key identifier: B5:84:32:D0:B6:2C:A9:A0:01:0B:CC:76:EF:09:BC:51:2D:B1:56:15
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 08D6
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/tYQy0LYsqaABC8x27wm8US2xVhU.roa
Signing time: Fri 11 Dec 2020 09:04:47 +0000
ROA not before: Fri 11 Dec 2020 09:04:47 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38843
IP address blocks: 223.27.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2262 (0x8d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Dec 11 09:04:47 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=B58432D0B62CA9A0010BCC76EF09BC512DB15615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:76:f4:d2:32:8e:a4:8f:5f:9a:d3:73:c8:eb:
5e:35:33:50:ad:80:84:24:5a:87:a4:94:6d:4b:a8:
42:ae:91:0a:5c:18:b0:10:8c:a4:c8:34:6b:cf:bb:
a9:48:da:08:05:00:44:22:ac:e3:d2:04:8a:44:dc:
7c:e6:d0:e4:4f:f4:17:f2:d5:61:8a:4a:52:96:0d:
43:c2:e5:c7:7c:10:1e:d3:61:a8:82:09:a0:c1:4a:
17:77:45:99:5c:8b:12:18:af:48:de:cc:89:71:80:
e6:cd:23:b3:75:d1:5c:d2:5c:32:f2:a4:a4:4f:64:
11:dc:73:c0:30:e5:e5:f2:2e:7b:7c:27:89:8e:cc:
b2:11:64:77:76:84:40:90:ba:3d:a1:35:c5:3d:8b:
3f:89:de:5f:8c:69:9c:5b:2f:45:35:03:c0:dc:ec:
a4:17:a5:32:bc:5a:0f:fd:88:11:92:79:b5:ac:d9:
31:51:8c:64:ea:40:34:da:dc:18:77:ac:ab:51:91:
2b:13:07:8b:a4:ad:70:c5:a8:c2:9f:6f:5e:27:a2:
e8:49:d9:c3:35:c7:bd:3b:c1:99:0c:76:51:e5:36:
73:7d:20:c2:8f:af:4a:60:5e:67:38:80:27:7c:d1:
aa:8b:bf:2b:a4:e2:90:c7:b8:29:9a:0d:71:40:11:
61:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:84:32:D0:B6:2C:A9:A0:01:0B:CC:76:EF:09:BC:51:2D:B1:56:15
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/tYQy0LYsqaABC8x27wm8US2xVhU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.36.0/24
Signature Algorithm: sha256WithRSAEncryption
37:3e:5f:e2:d7:62:2d:78:9b:f1:94:e4:63:cf:df:6d:f2:cb:
2a:5e:1a:5c:40:a2:7e:fd:40:22:1c:96:64:ee:b6:aa:4f:22:
25:cb:a0:6c:8f:0c:a8:ed:44:19:be:0c:1d:e6:9c:14:9e:2e:
d7:ae:6e:1b:66:62:27:75:a5:f6:b6:53:ff:3e:e5:08:7e:f2:
38:3e:57:8d:f4:f6:ca:95:e3:8d:76:88:e8:0c:4d:2c:94:37:
57:f0:9b:21:03:86:68:d9:74:11:c8:b5:24:64:f9:69:24:7f:
1d:d1:34:91:b1:f0:c5:8c:88:cf:7b:02:5e:2e:8b:c6:13:2d:
b9:4d:1a:7b:e0:59:0f:ff:0d:c4:c2:05:cd:02:00:fe:9d:aa:
64:f9:8a:e0:91:d3:a9:cc:f1:b0:7d:a8:b9:df:0d:8b:ba:b3:
2b:2d:86:9c:da:df:09:2e:7a:38:86:41:e9:3e:d4:cc:8a:f7:
06:0d:34:24:2b:2a:91:b9:90:82:f9:2d:16:1d:4c:58:05:f5:
e9:51:25:8b:61:d3:d4:49:fc:8e:42:67:35:3b:80:14:c8:2c:
7d:f0:06:05:96:d4:45:c3:ce:08:19:5c:5d:9c:19:00:37:57:
48:b4:03:72:3f:33:da:32:92:66:0a:9f:f0:d0:13:28:db:db:
0d:88:c3:ce
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
OTA0NDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEI1ODQzMkQwQjYyQ0E5
QTAwMTBCQ0M3NkVGMDlCQzUxMkRCMTU2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmdvTSMo6kj1+a03PI6141M1CtgIQkWoeklG1LqEKukQpcGLAQ
jKTINGvPu6lI2ggFAEQirOPSBIpE3Hzm0ORP9Bfy1WGKSlKWDUPC5cd8EB7TYaiC
CaDBShd3RZlcixIYr0jezIlxgObNI7N10VzSXDLypKRPZBHcc8Aw5eXyLnt8J4mO
zLIRZHd2hECQuj2hNcU9iz+J3l+MaZxbL0U1A8Dc7KQXpTK8Wg/9iBGSebWs2TFR
jGTqQDTa3Bh3rKtRkSsTB4ukrXDFqMKfb14nouhJ2cM1x707wZkMdlHlNnN9IMKP
r0pgXmc4gCd80aqLvyuk4pDHuCmaDXFAEWEbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUtYQy0LYsqaABC8x27wm8US2xVhUwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vdFlReTBMWXNxYUFCQzh4Mjd3bThV
UzJ4VmhVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bJDAN
BgkqhkiG9w0BAQsFAAOCAQEANz5f4tdiLXib8ZTkY8/fbfLLKl4aXECifv1AIhyW
ZO62qk8iJcugbI8MqO1EGb4MHeacFJ4u165uG2ZiJ3Wl9rZT/z7lCH7yOD5XjfT2
ypXjjXaI6AxNLJQ3V/CbIQOGaNl0Eci1JGT5aSR/HdE0kbHwxYyIz3sCXi6LxhMt
uU0ae+BZD/8NxMIFzQIA/p2qZPmK4JHTqczxsH2oud8Ni7qzKy2GnNrfCS56OIZB
6T7UzIr3Bg00JCsqkbmQgvktFh1MWAX16VEli2HT1En8jkJnNTuAFMgsffAGBZbU
RcPOCBlcXZwZADdXSLQDcj8z2jKSZgqf8NATKNvbDYjDzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org