Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/uus9fE02lvHd6aizu5WbO-YNnjM.roa
File: uus9fE02lvHd6aizu5WbO-YNnjM.roa (raw, json)
Hash identifier: H/WSZmM10LX9mT6gzT7x2NpyOX51PCgTvCphpBmun2E=
Subject key identifier: BA:EB:3D:7C:4D:36:96:F1:DD:E9:A8:B3:BB:95:9B:3B:E6:0D:9E:33
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/uus9fE02lvHd6aizu5WbO-YNnjM.roa
Signing time: Thu 15 Sep 2022 02:42:33 +0000
ROA not before: Thu 15 Sep 2022 02:42:33 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 223.27.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:33 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=BAEB3D7C4D3696F1DDE9A8B3BB959B3BE60D9E33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:54:69:d2:a2:24:37:05:5c:01:9a:db:2e:34:
00:b9:1a:d9:96:96:a7:b4:81:e1:3c:7d:c9:5b:8c:
43:92:0d:29:e2:8d:ba:77:6f:b9:3f:f9:4d:60:e7:
03:34:72:e9:1d:61:29:6e:58:82:2f:e2:0c:82:9b:
91:86:02:d1:42:df:4d:ae:75:38:43:23:aa:b9:5d:
ea:ba:9a:5e:78:6c:b1:a7:78:1e:67:0b:28:1e:66:
bb:69:c9:e3:9e:79:f1:87:16:93:cb:57:58:92:28:
99:87:d9:72:49:63:9b:ef:f9:e8:e9:37:25:a2:96:
fe:3a:8c:53:91:55:8e:63:78:9c:97:3d:08:9d:4b:
15:d6:9d:33:b9:35:3e:ab:78:15:e5:41:33:f8:51:
bd:33:16:48:1e:94:66:47:7d:67:eb:50:5a:85:e4:
de:37:81:63:aa:27:2e:6c:42:cd:bf:b3:2d:78:80:
2a:10:cc:a3:50:c3:63:ee:74:a9:49:e2:1d:c4:15:
52:5c:e8:0b:2d:d2:6d:f5:e9:91:60:6c:bf:21:e1:
c8:f3:2b:bb:0b:bf:35:8f:c8:bc:23:4f:98:1b:b6:
75:40:b4:2c:b4:e4:74:d9:f3:4e:0b:70:b9:91:d6:
a1:f0:18:1b:5c:14:6d:7a:90:49:3f:69:13:95:b8:
36:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:EB:3D:7C:4D:36:96:F1:DD:E9:A8:B3:BB:95:9B:3B:E6:0D:9E:33
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/uus9fE02lvHd6aizu5WbO-YNnjM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.43.0/24
Signature Algorithm: sha256WithRSAEncryption
71:3d:3a:b2:eb:4b:b5:53:c9:a8:ce:e1:90:30:53:83:2f:fb:
7f:7c:3d:24:bc:02:88:28:f1:58:ae:8a:5a:ad:86:c5:cb:f3:
ce:49:9d:7e:95:9b:ca:1b:02:3d:f7:54:34:96:89:4d:af:da:
30:34:8f:c9:be:8a:f1:a4:18:18:1d:db:2a:82:fd:98:87:f3:
22:c5:6b:0b:08:47:b7:e9:fe:60:b1:2f:99:34:87:1b:40:98:
2f:8a:ae:51:a0:e9:c3:63:aa:42:ca:d0:90:4e:a8:36:ac:f0:
e2:4e:c1:ba:9a:d6:8a:7a:7e:b1:42:db:69:92:dd:d0:35:12:
f3:28:7f:94:b6:33:ab:16:19:c8:6a:98:c7:1b:98:a8:13:66:
f7:cd:6f:82:4f:49:91:b6:cf:e1:9a:0c:12:67:e6:62:d0:7a:
be:ce:36:c0:77:17:c9:23:2e:15:8b:90:6e:41:4e:4c:cb:8f:
d3:71:77:94:74:ff:36:28:0c:6a:07:fb:d9:57:68:92:de:50:
b2:24:a7:5b:41:c4:75:05:dd:a3:b6:ed:db:4a:ac:ed:01:36:
30:59:35:1e:80:80:c8:be:c9:fe:72:52:64:6a:85:40:8b:84:
67:4c:00:76:52:4d:35:79:45:3a:6c:d8:34:59:4f:41:71:50:
77:80:46:8d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMzNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJBRUIzRDdDNEQzNjk2
RjFEREU5QThCM0JCOTU5QjNCRTYwRDlFMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsVGnSoiQ3BVwBmtsuNAC5GtmWlqe0geE8fclbjEOSDSnijbp3
b7k/+U1g5wM0cukdYSluWIIv4gyCm5GGAtFC302udThDI6q5Xeq6ml54bLGneB5n
CygeZrtpyeOeefGHFpPLV1iSKJmH2XJJY5vv+ejpNyWilv46jFORVY5jeJyXPQid
SxXWnTO5NT6reBXlQTP4Ub0zFkgelGZHfWfrUFqF5N43gWOqJy5sQs2/sy14gCoQ
zKNQw2PudKlJ4h3EFVJc6Ast0m316ZFgbL8h4cjzK7sLvzWPyLwjT5gbtnVAtCy0
5HTZ804LcLmR1qHwGBtcFG16kEk/aROVuDYLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUuus9fE02lvHd6aizu5WbO+YNnjMwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vdXVzOWZFMDJsdkhkNmFpenU1V2JP
LVlObmpNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKzAN
BgkqhkiG9w0BAQsFAAOCAQEAcT06sutLtVPJqM7hkDBTgy/7f3w9JLwCiCjxWK6K
Wq2GxcvzzkmdfpWbyhsCPfdUNJaJTa/aMDSPyb6K8aQYGB3bKoL9mIfzIsVrCwhH
t+n+YLEvmTSHG0CYL4quUaDpw2OqQsrQkE6oNqzw4k7BuprWinp+sULbaZLd0DUS
8yh/lLYzqxYZyGqYxxuYqBNm981vgk9JkbbP4ZoMEmfmYtB6vs42wHcXySMuFYuQ
bkFOTMuP03F3lHT/NigMagf72Vdokt5QsiSnW0HEdQXdo7bt20qs7QE2MFk1HoCA
yL7J/nJSZGqFQIuEZ0wAdlJNNXlFOmzYNFlPQXFQd4BGjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org