Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/9D4mBvxbBT8Ot4Xv6CXTx4vEsko.roa
File: 9D4mBvxbBT8Ot4Xv6CXTx4vEsko.roa (raw, json)
Hash identifier: jT5B/Ympq+o6JpG+YuvF9fYjNDG3GK4e7DmArSATXQ4=
Subject key identifier: F4:3E:26:06:FC:5B:05:3F:0E:B7:85:EF:E8:25:D3:C7:8B:C4:B2:4A
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0BC1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/9D4mBvxbBT8Ot4Xv6CXTx4vEsko.roa
Signing time: Fri 01 Sep 2023 09:45:04 +0000
ROA not before: Fri 01 Sep 2023 09:45:04 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18419
IP address blocks: 61.60.192.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3009 (0xbc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 1 09:45:04 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F43E2606FC5B053F0EB785EFE825D3C78BC4B24A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:49:3a:ed:6d:0a:2e:1e:dc:f1:b9:47:9c:57:
dc:5c:65:1a:dd:a0:56:1a:81:99:19:bf:dd:bc:3e:
51:c1:bc:7f:c8:13:2e:13:4d:86:6c:27:4d:f3:18:
ed:ba:6b:a8:8f:bb:2a:91:e9:b6:b4:ac:99:e3:de:
f1:85:23:f4:33:eb:18:32:4a:3a:3f:9f:1c:63:c9:
6b:02:44:e5:e2:65:05:fc:40:7c:43:88:53:93:ee:
3d:25:ca:43:82:d0:28:9d:5f:ca:b6:61:ac:a6:f8:
fd:6b:f4:b5:98:83:d3:41:19:21:9c:f2:15:2e:33:
b5:25:05:70:87:e3:7c:f1:b7:13:38:fc:f2:d1:34:
eb:73:f3:52:08:36:4f:0f:6c:3b:c3:21:ab:60:d9:
2c:bb:5d:32:6a:c1:ff:d4:50:bf:4e:76:a1:af:05:
1d:d9:fd:8e:82:6f:76:e7:7b:40:91:d9:09:dc:7d:
7d:f9:c4:fb:cc:89:47:35:f1:cf:3b:3c:72:67:40:
7e:a0:0f:0e:a1:ee:64:06:38:cc:b4:7f:64:1e:08:
9d:93:24:ad:61:9b:c5:79:6b:95:24:0b:c1:a1:88:
62:10:0b:1d:52:1c:c0:4a:4d:39:a1:24:97:dd:9d:
db:81:08:8f:29:a4:e1:21:db:fb:7e:5b:0d:53:b6:
70:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3E:26:06:FC:5B:05:3F:0E:B7:85:EF:E8:25:D3:C7:8B:C4:B2:4A
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/9D4mBvxbBT8Ot4Xv6CXTx4vEsko.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.60.192.0/20
Signature Algorithm: sha256WithRSAEncryption
53:94:cc:3e:1c:bd:be:0d:02:5f:6b:7b:36:96:59:87:d1:96:
fe:ab:58:85:21:78:fa:3f:8e:a6:86:ff:09:d4:62:a2:5a:49:
ff:3d:36:5a:9a:60:2c:ea:ec:a8:aa:aa:2c:b2:48:30:8c:e4:
82:2d:43:85:a7:46:00:8b:60:6e:e5:86:19:30:e3:8c:3b:16:
38:ad:42:64:b8:de:df:14:30:33:b8:1f:07:51:84:90:3c:8b:
fd:b5:90:58:26:34:67:a2:81:64:27:2c:ee:65:b7:d2:8c:dc:
7e:47:8e:f8:e7:15:1c:74:b8:94:21:b4:a3:9a:69:02:9e:98:
9c:96:ed:7b:56:9f:47:d0:d8:8d:5f:12:4c:61:82:b5:f6:57:
da:c7:f4:55:81:1e:ac:f4:3d:9f:87:b2:d1:a7:21:c1:78:f6:
ea:3b:04:83:12:6b:f6:f6:d8:9b:73:98:64:3d:c9:d2:a9:cd:
88:32:fb:92:f5:01:58:ee:4b:9a:56:1a:8d:69:44:79:86:15:
42:79:2c:3b:38:24:77:03:60:ae:29:32:50:1d:cf:d0:72:d7:
4b:96:5d:c1:69:a1:8f:cf:5e:36:f9:6c:7b:ce:e1:e5:f4:4d:
6f:ce:06:02:0c:1a:08:7d:7b:a5:f2:53:3e:38:ea:14:19:68:
d3:15:34:92
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMzA5MDEw
OTQ1MDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEY0M0UyNjA2RkM1QjA1
M0YwRUI3ODVFRkU4MjVEM0M3OEJDNEIyNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCySTrtbQouHtzxuUecV9xcZRrdoFYagZkZv928PlHBvH/IEy4T
TYZsJ03zGO26a6iPuyqR6ba0rJnj3vGFI/Qz6xgySjo/nxxjyWsCROXiZQX8QHxD
iFOT7j0lykOC0CidX8q2Yaym+P1r9LWYg9NBGSGc8hUuM7UlBXCH43zxtxM4/PLR
NOtz81IINk8PbDvDIatg2Sy7XTJqwf/UUL9OdqGvBR3Z/Y6Cb3bne0CR2QncfX35
xPvMiUc18c87PHJnQH6gDw6h7mQGOMy0f2QeCJ2TJK1hm8V5a5UkC8GhiGIQCx1S
HMBKTTmhJJfdnduBCI8ppOEh2/t+Ww1TtnBJAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU9D4mBvxbBT8Ot4Xv6CXTx4vEskowHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS85RDRtQnZ4YkJUOE90NFh2NkNY
VHg0dkVza28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTzA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTlMw+HL2+DQJfa3s2llmH0Zb+q1iFIXj6P46m
hv8J1GKiWkn/PTZammAs6uyoqqosskgwjOSCLUOFp0YAi2Bu5YYZMOOMOxY4rUJk
uN7fFDAzuB8HUYSQPIv9tZBYJjRnooFkJyzuZbfSjNx+R4745xUcdLiUIbSjmmkC
npiclu17Vp9H0NiNXxJMYYK19lfax/RVgR6s9D2fh7LRpyHBePbqOwSDEmv29tib
c5hkPcnSqc2IMvuS9QFY7kuaVhqNaUR5hhVCeSw7OCR3A2CuKTJQHc/QctdLll3B
aaGPz142+Wx7zuHl9E1vzgYCDBoIfXul8lM+OOoUGWjTFTSS
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:24 2025 by rpki-client