Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/hkv1sPFrX4qmKK6z-ZfJSXHXVZo.roa
File: hkv1sPFrX4qmKK6z-ZfJSXHXVZo.roa (raw, json)
Hash identifier: W25OMhNQO7qHYVEOT6NdghCCZuzW70/lrARuDkpAecw=
Subject key identifier: 86:4B:F5:B0:F1:6B:5F:8A:A6:28:AE:B3:F9:97:C9:49:71:D7:55:9A
Certificate issuer: /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial: 0E2D
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/hkv1sPFrX4qmKK6z-ZfJSXHXVZo.roa
Signing time: Tue 29 Sep 2020 09:58:12 +0000
ROA not before: Tue 29 Sep 2020 09:58:12 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 134098
IP address blocks: 103.123.216.0/24 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3629 (0xe2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Validity
Not Before: Sep 29 09:58:12 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=864BF5B0F16B5F8AA628AEB3F997C94971D7559A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a4:b4:02:ee:28:e1:27:df:af:b1:54:29:e4:
f0:b9:a3:f1:49:a4:d9:73:3a:3b:21:90:69:bb:6c:
92:24:13:03:4c:10:7c:a3:6c:53:ae:64:27:c8:47:
65:de:dd:29:59:fd:7b:1f:02:10:b9:7c:98:e2:69:
25:64:f3:96:88:e8:50:3b:cb:1e:a7:e5:0f:1d:da:
b9:52:a8:0d:0d:36:72:de:4c:c0:21:21:71:10:dd:
7b:b5:64:a6:83:59:8e:d0:b5:7f:56:5d:c2:e0:18:
64:24:e9:40:90:78:1d:d3:95:91:a6:c1:02:43:e8:
bf:55:d6:80:d1:42:ec:d2:48:cf:8a:3d:0e:86:47:
a7:ae:5b:55:5b:d2:81:17:b4:05:33:dc:f4:3e:44:
0b:b5:14:68:14:71:be:29:03:cf:39:7f:d1:b3:ec:
ba:45:19:ba:a8:58:ab:08:ec:77:6c:15:2f:4c:e6:
be:c4:e4:49:08:47:50:f6:01:e2:0b:05:ac:e8:75:
0f:4a:82:1d:39:b0:5c:8c:7f:2b:3a:55:dd:e0:96:
63:9f:f6:be:1c:05:43:03:9e:29:4a:18:44:ec:0c:
ba:d6:a8:1f:88:b7:0e:15:0d:1d:fc:6d:a8:56:51:
29:a7:81:37:c2:92:46:47:5e:29:fc:d0:2f:ed:55:
44:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4B:F5:B0:F1:6B:5F:8A:A6:28:AE:B3:F9:97:C9:49:71:D7:55:9A
X509v3 Authority Key Identifier:
keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/hkv1sPFrX4qmKK6z-ZfJSXHXVZo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.216.0/24
Signature Algorithm: sha256WithRSAEncryption
61:12:99:8a:f4:ca:42:9b:16:85:3c:68:3b:67:68:7e:d8:9e:
fe:c6:f9:c2:c1:79:de:fd:0a:42:cb:de:6f:bc:17:24:4d:2a:
03:80:3a:71:29:57:36:b0:7c:e7:61:74:29:97:b7:93:4e:13:
69:28:88:36:15:d6:4a:85:3e:b9:56:87:92:4a:59:87:8a:15:
5c:7a:32:6c:c8:8f:dc:92:18:8f:0c:d0:b4:05:d3:75:71:4c:
44:88:37:49:28:4f:01:9e:e4:2a:07:4a:9d:70:6b:a8:09:2b:
24:a0:54:c1:4f:aa:d2:62:7a:14:71:3f:70:27:e1:60:06:dc:
8b:f6:9f:be:70:da:3c:76:6b:9a:47:c8:dc:90:e1:96:95:4d:
33:38:0e:bc:88:7f:4b:82:82:40:55:6e:a8:d4:34:e9:2b:12:
5f:52:ac:e1:3e:8e:3e:42:36:26:af:83:e6:1f:10:37:cf:8b:
ed:79:e7:29:bb:a7:42:ea:a0:3b:04:ff:75:b4:fc:9a:20:19:
0d:a7:0e:7b:17:62:23:6d:f1:c1:2e:ac:7c:a3:47:d9:88:ae:
21:8d:ec:23:7f:ca:62:52:05:75:c8:b9:1f:59:8d:a5:4d:a3:
56:47:2b:ff:fa:93:62:50:c6:62:0e:bb:25:f6:8d:2d:df:1a:
3c:dd:ed:6e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDi0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yMDA5Mjkw
OTU4MTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg2NEJGNUIwRjE2QjVG
OEFBNjI4QUVCM0Y5OTdDOTQ5NzFENzU1OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGpLQC7ijhJ9+vsVQp5PC5o/FJpNlzOjshkGm7bJIkEwNMEHyj
bFOuZCfIR2Xe3SlZ/XsfAhC5fJjiaSVk85aI6FA7yx6n5Q8d2rlSqA0NNnLeTMAh
IXEQ3Xu1ZKaDWY7QtX9WXcLgGGQk6UCQeB3TlZGmwQJD6L9V1oDRQuzSSM+KPQ6G
R6euW1Vb0oEXtAUz3PQ+RAu1FGgUcb4pA885f9Gz7LpFGbqoWKsI7HdsFS9M5r7E
5EkIR1D2AeILBazodQ9Kgh05sFyMfys6Vd3glmOf9r4cBUMDnilKGETsDLrWqB+I
tw4VDR38bahWUSmngTfCkkZHXin80C/tVUQXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhkv1sPFrX4qmKK6z+ZfJSXHXVZowHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC9oa3Yxc1BGclg0cW1LSzZ6LVpm
SlNYSFhWWm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3vY
MA0GCSqGSIb3DQEBCwUAA4IBAQBhEpmK9MpCmxaFPGg7Z2h+2J7+xvnCwXne/QpC
y95vvBckTSoDgDpxKVc2sHznYXQpl7eTThNpKIg2FdZKhT65VoeSSlmHihVcejJs
yI/ckhiPDNC0BdN1cUxEiDdJKE8BnuQqB0qdcGuoCSskoFTBT6rSYnoUcT9wJ+Fg
BtyL9p++cNo8dmuaR8jckOGWlU0zOA68iH9LgoJAVW6o1DTpKxJfUqzhPo4+QjYm
r4PmHxA3z4vteecpu6dC6qA7BP91tPyaIBkNpw57F2IjbfHBLqx8o0fZiK4hjewj
f8piUgV1yLkfWY2lTaNWRyv/+pNiUMZiDrsl9o0t3xo83e1u
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org