Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHINETEL/-YtoPf8wxNsCnj5K8GRRvBvb62w.roa
File: -YtoPf8wxNsCnj5K8GRRvBvb62w.roa (raw, json)
Hash identifier: NlAVyEELsEC2HmVg6g3uu/GWUApJaFZ5vx6+1Qp4Qls=
Subject key identifier: F9:8B:68:3D:FF:30:C4:DB:02:9E:3E:4A:F0:64:51:BC:1B:DB:EB:6C
Certificate issuer: /CN=DDA2DA33DF9088B68EDC6F74EA8B1C0EEE2E26C1
Certificate serial: 05
Authority key identifier: DD:A2:DA:33:DF:90:88:B6:8E:DC:6F:74:EA:8B:1C:0E:EE:2E:26:C1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3aLaM9-QiLaO3G906oscDu4uJsE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINETEL/-YtoPf8wxNsCnj5K8GRRvBvb62w.roa
Signing time: Thu 03 Nov 2022 11:40:17 +0000
ROA not before: Thu 03 Nov 2022 11:40:17 +0000
ROA not after: Fri 03 Nov 2023 01:32:49 +0000
asID: 63902
IP address blocks: 103.116.14.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DDA2DA33DF9088B68EDC6F74EA8B1C0EEE2E26C1
Validity
Not Before: Nov 3 11:40:17 2022 GMT
Not After : Nov 3 01:32:49 2023 GMT
Subject: CN=F98B683DFF30C4DB029E3E4AF06451BC1BDBEB6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1f:0a:1c:b6:05:63:90:02:43:a5:e4:bc:1d:
89:92:8b:d4:c6:c6:3a:e3:79:45:e5:08:1b:13:aa:
38:ba:90:ae:9a:e1:3a:73:aa:c2:ce:d4:e3:f2:dc:
a2:60:23:23:63:49:1d:5f:c1:4c:d9:77:1a:a5:79:
d3:73:6c:5a:81:c3:d7:41:2f:72:47:36:bc:91:a7:
fb:86:4a:21:a1:66:ea:25:13:8e:14:d6:6c:a2:bc:
93:03:13:8f:52:93:ad:1c:cb:a4:3b:38:30:48:3a:
e3:5c:e9:b9:96:27:52:2d:30:3f:cc:a3:07:fc:4c:
0c:8c:6b:e4:84:5a:10:4a:94:e7:c6:ae:8c:e3:61:
35:18:b5:0f:7f:78:aa:1a:d8:0c:64:88:6f:48:bc:
a5:b3:f6:1a:43:38:6c:94:fd:b0:24:e2:8a:8e:c1:
dc:ee:db:fd:56:86:28:e0:96:fb:7c:05:37:dd:1c:
cd:81:75:9c:73:fb:41:4a:9e:02:9e:21:6b:02:aa:
bf:e3:bc:ca:6c:f7:07:d5:a7:04:5c:1e:b8:64:77:
8e:af:c2:67:95:fe:74:53:f0:ef:ed:70:be:c7:8f:
10:9f:4f:6b:57:4d:bf:f1:73:9b:20:6a:cf:f7:f1:
e7:2e:00:c6:e7:75:ed:91:7c:33:01:3c:23:1d:da:
89:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8B:68:3D:FF:30:C4:DB:02:9E:3E:4A:F0:64:51:BC:1B:DB:EB:6C
X509v3 Authority Key Identifier:
keyid:DD:A2:DA:33:DF:90:88:B6:8E:DC:6F:74:EA:8B:1C:0E:EE:2E:26:C1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINETEL/3aLaM9-QiLaO3G906oscDu4uJsE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3aLaM9-QiLaO3G906oscDu4uJsE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINETEL/-YtoPf8wxNsCnj5K8GRRvBvb62w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.14.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:c6:64:88:37:ac:1a:ac:45:1d:53:0e:0e:7f:dd:29:d5:7c:
20:e8:77:fc:c8:87:4c:91:56:eb:2d:63:14:c3:70:92:13:b6:
43:c1:b7:d7:51:57:56:d6:26:b1:cf:53:f4:56:b6:bc:3b:6f:
0d:53:6e:02:13:a8:8a:77:4d:e6:9c:76:34:73:e8:9a:92:2f:
cf:6b:fb:fc:23:e1:85:cf:86:07:9f:ca:d1:07:40:57:39:a4:
d1:71:2a:69:a2:23:d5:a1:62:98:1f:7c:4e:87:68:5e:79:2f:
7c:af:6d:a4:43:84:57:46:f9:9b:f7:5f:b5:83:75:ac:89:24:
3b:42:4a:6e:89:8d:c6:fc:40:11:4b:44:9f:48:67:68:ca:24:
c6:92:f5:fd:1e:90:80:c8:9e:fe:f7:a2:7f:0a:4f:f7:a3:be:
d1:16:e9:a7:84:a2:9f:b0:a6:11:c3:f7:01:ed:9d:e2:79:57:
bd:5c:5d:a1:e5:34:a9:13:bd:5d:23:c1:31:c2:49:40:0d:80:
0c:28:6b:a5:c4:35:c2:18:89:9a:90:e5:df:c9:6f:5e:ca:14:
1d:fc:22:14:dc:61:1c:e5:97:24:63:70:8c:5f:7b:5b:17:8f:
aa:62:3e:e7:b3:e5:34:d8:77:67:f2:47:d4:68:5a:f3:31:0b:
e8:92:15:00
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEREEy
REEzM0RGOTA4OEI2OEVEQzZGNzRFQThCMUMwRUVFMkUyNkMxMB4XDTIyMTEwMzEx
NDAxN1oXDTIzMTEwMzAxMzI0OVowMzExMC8GA1UEAxMoRjk4QjY4M0RGRjMwQzRE
QjAyOUUzRTRBRjA2NDUxQkMxQkRCRUI2QzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKUfChy2BWOQAkOl5LwdiZKL1MbGOuN5ReUIGxOqOLqQrprhOnOq
ws7U4/LcomAjI2NJHV/BTNl3GqV503NsWoHD10Evckc2vJGn+4ZKIaFm6iUTjhTW
bKK8kwMTj1KTrRzLpDs4MEg641zpuZYnUi0wP8yjB/xMDIxr5IRaEEqU58aujONh
NRi1D394qhrYDGSIb0i8pbP2GkM4bJT9sCTiio7B3O7b/VaGKOCW+3wFN90czYF1
nHP7QUqeAp4hawKqv+O8ymz3B9WnBFweuGR3jq/CZ5X+dFPw7+1wvsePEJ9Pa1dN
v/FzmyBqz/fx5y4Axud17ZF8MwE8Ix3aiZ0CAwEAAaOCAfIwggHuMB0GA1UdDgQW
BBT5i2g9/zDE2wKePkrwZFG8G9vrbDAfBgNVHSMEGDAWgBTdotoz35CIto7cb3Tq
ixwO7i4mwTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GA1UdHwRXMFUwU6BR
oE+GTXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSElORVRF
TC8zYUxhTTktUWlMYU8zRzkwNm9zY0R1NHVKc0UuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzNhTGFNOS1RaUxhTzNHOTA2b3NjRHU0dUpzRS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGeBggrBgEFBQcBCwSBkTCBjjBZBggrBgEFBQcwC4ZNcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NISU5FVEVMLy1ZdG9QZjh3eE5zQ25q
NUs4R1JSdkJ2YjYydy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25p
Yy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFndA4wDQYJKoZIhvcNAQELBQADggEBALPGZIg3rBqsRR1TDg5/3SnVfCDod/zI
h0yRVustYxTDcJITtkPBt9dRV1bWJrHPU/RWtrw7bw1TbgITqIp3TeacdjRz6JqS
L89r+/wj4YXPhgefytEHQFc5pNFxKmmiI9WhYpgffE6HaF55L3yvbaRDhFdG+Zv3
X7WDdayJJDtCSm6Jjcb8QBFLRJ9IZ2jKJMaS9f0ekIDInv73on8KT/ejvtEW6aeE
op+wphHD9wHtneJ5V71cXaHlNKkTvV0jwTHCSUANgAwoa6XENcIYiZqQ5d/Jb17K
FB38IhTcYRzllyRjcIxfe1sXj6piPuez5TTYd2fyR9RoWvMxC+iSFQA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org