Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/4j0ZjPeyPcJ6BtFlNtF5V8-GFog.roa
File: 4j0ZjPeyPcJ6BtFlNtF5V8-GFog.roa (raw, json)
Hash identifier: oXvAaHcIKgJo2LzYN/8Js5hXaLiV3KRcCyHEyEbQP70=
Subject key identifier: E2:3D:19:8C:F7:B2:3D:C2:7A:06:D1:65:36:D1:79:57:CF:86:16:88
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0AB1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/4j0ZjPeyPcJ6BtFlNtF5V8-GFog.roa
Signing time: Thu 15 Sep 2022 02:41:43 +0000
ROA not before: Thu 15 Sep 2022 02:41:43 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18419
IP address blocks: 203.121.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2737 (0xab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 15 02:41:43 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E23D198CF7B23DC27A06D16536D17957CF861688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:08:0d:b4:e6:58:7a:86:40:2d:8b:8b:d7:d3:
30:24:a3:91:62:5b:1e:2e:3a:bc:22:c7:5b:37:6d:
49:be:e3:6c:9c:80:dc:4b:cb:8c:30:09:39:80:b7:
2e:7b:09:2d:27:88:0a:b1:29:19:0a:2e:87:1d:00:
02:cc:4a:ce:0f:16:ae:a2:02:de:d6:6d:d4:7a:94:
eb:cc:72:00:bc:f7:52:f4:67:47:f3:b2:0c:be:c8:
67:15:b5:30:68:d7:6c:19:15:96:d4:9b:c8:3f:13:
8a:5b:8b:81:53:74:85:81:d1:cf:13:b7:a2:58:fc:
e5:f6:d6:61:b3:69:31:8c:f0:d8:e5:b9:5a:91:df:
0a:c9:9b:01:f1:e4:9b:43:20:2e:1e:85:80:cc:c7:
e7:9c:97:74:6e:4b:24:6c:77:08:15:42:df:2d:f8:
fd:e2:87:56:d7:21:99:f8:b7:08:66:ea:5c:f3:43:
48:8d:47:be:db:64:4e:66:80:b6:16:8f:9c:8b:25:
fe:80:f0:fd:80:b0:d4:15:e8:8f:b0:16:ce:25:12:
8c:b6:09:e5:38:8d:60:1b:67:e6:df:92:cb:c6:61:
4c:c7:4f:76:bd:64:50:9d:6b:5d:4a:7e:97:70:2b:
87:8a:1f:6b:78:b6:ec:70:56:fd:ec:98:07:5b:51:
67:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3D:19:8C:F7:B2:3D:C2:7A:06:D1:65:36:D1:79:57:CF:86:16:88
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/4j0ZjPeyPcJ6BtFlNtF5V8-GFog.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.224.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:75:dc:02:d6:8e:78:c7:e9:fd:22:9b:66:89:3f:f9:da:66:
ba:15:76:e6:3c:3b:2a:2d:d4:c1:13:78:86:7d:03:ff:32:a5:
2f:99:e7:4a:fe:65:62:94:89:47:24:01:d6:6c:2a:66:43:66:
d5:02:9e:ae:eb:8d:e7:d3:d9:16:f7:72:99:31:8c:af:3f:83:
78:55:a3:64:67:98:9f:91:4e:c8:bb:47:88:79:e9:2c:2a:43:
5c:eb:82:a1:31:c9:d7:4b:87:d0:ac:93:ac:38:02:b8:44:33:
e6:84:6a:6c:7a:36:b5:14:d9:6d:a2:0a:b4:c8:42:30:43:15:
0a:58:65:a9:81:bb:0d:de:f2:93:0f:7b:5c:51:a6:52:70:d3:
e9:bd:0e:82:e4:fb:e6:a2:54:3b:4f:7a:ae:f9:3d:ab:77:13:
8b:59:4b:ae:f6:3e:bd:ea:ab:8a:a5:51:f0:32:4d:f5:1b:de:
25:60:6b:b1:eb:3d:4d:50:d9:8f:ee:19:79:61:ce:50:05:0e:
15:c3:cb:0a:a2:93:5a:1d:0d:cd:5e:ea:3f:b8:7d:a7:ad:90:
6f:3a:6f:51:9f:31:15:36:bf:12:32:ed:d1:b0:d8:c3:22:54:
87:dc:0b:ef:59:96:51:06:de:7e:3b:9f:05:20:6c:cd:e5:99:
e7:bd:51:d9
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMjA5MTUw
MjQxNDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUyM0QxOThDRjdCMjNE
QzI3QTA2RDE2NTM2RDE3OTU3Q0Y4NjE2ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNCA205lh6hkAti4vX0zAko5FiWx4uOrwix1s3bUm+42ycgNxL
y4wwCTmAty57CS0niAqxKRkKLocdAALMSs4PFq6iAt7WbdR6lOvMcgC891L0Z0fz
sgy+yGcVtTBo12wZFZbUm8g/E4pbi4FTdIWB0c8Tt6JY/OX21mGzaTGM8NjluVqR
3wrJmwHx5JtDIC4ehYDMx+ecl3RuSyRsdwgVQt8t+P3ih1bXIZn4twhm6lzzQ0iN
R77bZE5mgLYWj5yLJf6A8P2AsNQV6I+wFs4lEoy2CeU4jWAbZ+bfksvGYUzHT3a9
ZFCda11KfpdwK4eKH2t4tuxwVv3smAdbUWcxAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU4j0ZjPeyPcJ6BtFlNtF5V8+GFogwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS80ajBaalBleVBjSjZCdEZsTnRG
NVY4LUdGb2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3ng
MA0GCSqGSIb3DQEBCwUAA4IBAQALddwC1o54x+n9IptmiT/52ma6FXbmPDsqLdTB
E3iGfQP/MqUvmedK/mVilIlHJAHWbCpmQ2bVAp6u643n09kW93KZMYyvP4N4VaNk
Z5ifkU7Iu0eIeeksKkNc64KhMcnXS4fQrJOsOAK4RDPmhGpseja1FNltogq0yEIw
QxUKWGWpgbsN3vKTD3tcUaZScNPpvQ6C5PvmolQ7T3qu+T2rdxOLWUuu9j696quK
pVHwMk31G94lYGux6z1NUNmP7hl5Yc5QBQ4Vw8sKopNaHQ3NXuo/uH2nrZBvOm9R
nzEVNr8SMu3RsNjDIlSH3AvvWZZRBt5+O58FIGzN5ZnnvVHZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org