Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/CXllr3d98TbWvfB0a1CxqO-8bA8.roa
File: CXllr3d98TbWvfB0a1CxqO-8bA8.roa (raw, json)
Hash identifier: 6UF3hIlJFHFAxYRjl93VBIedK/yMoikntAVdYSaJXt8=
Subject key identifier: 09:79:65:AF:77:7D:F1:36:D6:BD:F0:74:6B:50:B1:A8:EF:BC:6C:0F
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 09C1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/CXllr3d98TbWvfB0a1CxqO-8bA8.roa
Signing time: Wed 29 Sep 2021 02:41:59 +0000
ROA not before: Wed 29 Sep 2021 02:41:59 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18419
IP address blocks: 150.129.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2497 (0x9c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 29 02:41:59 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=097965AF777DF136D6BDF0746B50B1A8EFBC6C0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9e:3f:65:61:6d:3a:11:68:9f:50:e1:8c:19:
4b:8f:df:8d:8e:df:96:e9:1c:10:a8:65:10:ca:a3:
96:8a:5b:94:08:6a:dc:45:1b:d7:00:8b:23:c8:82:
d0:b8:44:ef:88:ed:3b:4f:90:a3:48:31:1e:9b:ae:
86:64:20:ae:60:32:15:30:2d:89:48:d5:6f:bb:62:
b7:a8:fc:70:b0:52:a8:80:5c:36:8e:3d:a0:8e:1a:
d5:e1:94:6e:08:2f:9a:c1:7f:b5:06:5c:20:85:74:
b6:26:ba:e6:fa:10:7b:76:5e:65:3a:26:4e:13:cc:
2a:fd:49:7b:ed:cb:5f:7d:f9:9e:28:b4:28:f7:51:
22:1a:13:ed:a0:58:05:9a:0b:48:36:d2:82:53:05:
be:5d:ed:3d:25:f7:eb:8f:4c:f6:00:d4:db:3d:9a:
fd:46:4a:b3:70:a8:f2:66:7a:61:00:89:e8:45:cf:
34:f4:cb:79:70:e3:b3:36:7a:cc:8c:3f:f5:ea:b8:
2d:97:a7:d6:29:da:ad:ad:99:58:92:cd:05:9a:2f:
85:e4:1a:9c:1e:51:61:70:83:a9:6c:da:93:78:1b:
74:06:ba:5d:65:d5:cb:c5:af:7b:b9:15:0c:ce:98:
23:a0:bb:69:7a:2c:5f:ed:f3:1d:60:ce:42:80:9a:
ed:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:79:65:AF:77:7D:F1:36:D6:BD:F0:74:6B:50:B1:A8:EF:BC:6C:0F
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/CXllr3d98TbWvfB0a1CxqO-8bA8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.129.72.0/22
Signature Algorithm: sha256WithRSAEncryption
37:fe:66:fd:17:a8:18:c7:36:38:8e:56:f5:13:92:9f:6a:48:
ef:58:d5:81:93:65:35:d1:5b:94:6e:fb:4f:40:6c:0c:c0:67:
38:e3:4f:ab:64:3e:0f:45:c8:be:48:53:63:07:74:92:3b:c1:
d7:0e:3a:73:33:b5:5f:27:a4:3f:ae:d0:22:2f:42:09:28:e3:
d6:32:83:53:de:0e:8f:43:05:69:be:c7:18:82:d9:90:13:61:
93:43:b8:ea:ae:4c:f8:5a:04:b3:1e:3c:85:f5:06:c0:e4:84:
2e:e3:5d:58:bc:06:94:b0:0f:11:31:e7:7f:8a:b1:e7:35:a4:
1a:0b:69:7c:d7:da:e5:cd:23:27:d7:ca:b6:e8:48:23:ec:95:
4a:9b:64:c4:c1:6e:19:fd:3c:89:df:9e:57:e7:5e:79:f8:0b:
ef:1c:ff:cb:60:c8:88:e7:cb:3b:28:35:cf:ea:ef:a3:2c:b8:
43:29:f1:20:1b:a8:86:ab:81:9c:19:e3:c8:7b:32:6c:7e:df:
a8:8d:cf:6b:9a:ba:d0:3a:98:b5:c5:0c:54:ad:cc:05:6e:83:
98:74:25:25:f7:25:f6:ce:dc:d5:db:9a:82:20:48:df:23:7b:
c7:4e:e1:43:b7:b3:72:35:1e:b8:3f:c0:d6:d6:31:19:20:74:
e0:2e:cc:1a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCcEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMTA5Mjkw
MjQxNTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA5Nzk2NUFGNzc3REYx
MzZENkJERjA3NDZCNTBCMUE4RUZCQzZDMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1nj9lYW06EWifUOGMGUuP342O35bpHBCoZRDKo5aKW5QIatxF
G9cAiyPIgtC4RO+I7TtPkKNIMR6broZkIK5gMhUwLYlI1W+7Yreo/HCwUqiAXDaO
PaCOGtXhlG4IL5rBf7UGXCCFdLYmuub6EHt2XmU6Jk4TzCr9SXvty199+Z4otCj3
USIaE+2gWAWaC0g20oJTBb5d7T0l9+uPTPYA1Ns9mv1GSrNwqPJmemEAiehFzzT0
y3lw47M2esyMP/XquC2Xp9Yp2q2tmViSzQWaL4XkGpweUWFwg6ls2pN4G3QGul1l
1cvFr3u5FQzOmCOgu2l6LF/t8x1gzkKAmu3TAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUCXllr3d98TbWvfB0a1CxqO+8bA8wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9DWGxscjNkOThUYld2ZkIwYTFD
eHFPLThiQTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloFI
MA0GCSqGSIb3DQEBCwUAA4IBAQA3/mb9F6gYxzY4jlb1E5KfakjvWNWBk2U10VuU
bvtPQGwMwGc440+rZD4PRci+SFNjB3SSO8HXDjpzM7VfJ6Q/rtAiL0IJKOPWMoNT
3g6PQwVpvscYgtmQE2GTQ7jqrkz4WgSzHjyF9QbA5IQu411YvAaUsA8RMed/irHn
NaQaC2l819rlzSMn18q26Egj7JVKm2TEwW4Z/TyJ355X5155+AvvHP/LYMiI58s7
KDXP6u+jLLhDKfEgG6iGq4GcGePIezJsft+ojc9rmrrQOpi1xQxUrcwFboOYdCUl
9yX2ztzV25qCIEjfI3vHTuFDt7NyNR64P8DW1jEZIHTgLswa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org