Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/NT_fpZANNSkmpYSjl5r3NoQZaH8.roa
File: NT_fpZANNSkmpYSjl5r3NoQZaH8.roa (raw, json)
Hash identifier: CUBhcLKgPOvK2edrUQikZKJJA+Op6jdT+S1kSTwgGWU=
Subject key identifier: 35:3F:DF:A5:90:0D:35:29:26:A5:84:A3:97:9A:F7:36:84:19:68:7F
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0904
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/NT_fpZANNSkmpYSjl5r3NoQZaH8.roa
Signing time: Sun 07 Feb 2021 11:49:23 +0000
ROA not before: Sun 07 Feb 2021 11:49:23 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18419
IP address blocks: 203.121.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2308 (0x904)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Feb 7 11:49:23 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=353FDFA5900D352926A584A3979AF7368419687F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:64:7d:5b:31:e0:bf:29:d2:12:90:52:e9:ae:
d6:1a:a1:5c:31:a7:4f:84:e2:96:f6:5f:e3:09:5c:
8b:2a:af:cf:0e:a1:51:3a:35:fe:63:f0:b2:4e:3d:
d8:c3:1c:a5:bd:5c:8a:f0:9b:ba:a9:2f:cf:49:ce:
71:cb:90:fa:bb:89:52:3a:26:f8:a5:92:b7:27:12:
db:b2:c3:80:23:40:f0:35:2c:89:d9:c5:78:6a:db:
3f:48:32:b9:65:dd:ac:3f:9b:ea:43:7d:80:70:9d:
a2:7c:7e:28:49:2a:74:0a:ea:73:6f:21:18:27:88:
66:59:aa:64:f5:70:6f:8f:6b:e7:05:0a:21:da:2f:
e6:8d:a1:99:ed:0f:56:aa:85:ba:2a:8a:a5:74:bc:
52:8e:7c:06:d8:c6:62:6a:12:b4:40:ce:a6:58:bc:
5e:5e:b4:62:30:6b:07:0a:c6:b5:ec:f7:60:1d:a3:
33:d5:5b:ce:ba:0a:2b:1f:c3:5d:40:fa:3b:3a:94:
66:fa:87:71:51:88:33:f4:cb:75:58:61:8a:ca:1e:
a1:cb:9f:73:5b:0b:d1:ad:ed:eb:af:22:2f:92:ba:
da:30:eb:5a:64:76:80:52:84:2a:97:dc:e2:96:6a:
da:2c:f0:ce:d2:99:4e:f6:b9:8c:c1:ab:b8:89:04:
68:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3F:DF:A5:90:0D:35:29:26:A5:84:A3:97:9A:F7:36:84:19:68:7F
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/NT_fpZANNSkmpYSjl5r3NoQZaH8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.224.0/20
Signature Algorithm: sha256WithRSAEncryption
06:ca:fb:65:b3:39:7b:1c:7b:4c:21:a8:5b:30:22:35:a4:e8:
c3:85:3f:49:ae:f6:6b:4b:ac:a1:c4:1d:84:16:a3:e0:9c:21:
24:04:3b:58:1a:3a:e0:e6:ce:6c:75:b7:61:ac:d9:a6:dc:32:
23:73:62:ec:34:b4:3c:21:bb:ed:15:6f:f1:9f:a7:cb:d2:28:
b4:66:58:4e:41:30:11:96:f1:12:24:77:08:2c:ae:85:ab:51:
08:16:a0:df:83:9b:03:e2:8f:a8:30:2c:92:0c:42:7c:df:18:
f7:b5:80:74:00:ee:b2:dc:1a:1c:d9:5f:3d:b6:4b:94:d8:38:
42:e2:54:19:5b:4b:98:07:39:d4:a8:ab:15:05:d7:14:6b:e7:
f6:ba:ad:e0:26:f3:dc:67:c7:60:cb:5f:a4:01:49:b6:ba:fa:
2a:09:63:c1:76:dd:0e:a0:a3:93:87:4b:7b:a9:14:36:61:8e:
dc:62:a3:a6:f3:bd:a4:15:1c:30:0a:8d:ff:00:b5:65:ba:b0:
c0:e5:4d:63:b0:96:bb:75:59:9d:6a:a5:3f:73:ea:19:99:69:
58:f6:53:c1:2a:fd:a6:41:89:25:23:b8:65:9f:35:67:3e:0c:
2f:b8:97:04:78:a2:f7:3f:69:7e:79:74:2e:9a:01:03:c7:6d:
2a:70:9d:0c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMTAyMDcx
MTQ5MjNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM1M0ZERkE1OTAwRDM1
MjkyNkE1ODRBMzk3OUFGNzM2ODQxOTY4N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeZH1bMeC/KdISkFLprtYaoVwxp0+E4pb2X+MJXIsqr88OoVE6
Nf5j8LJOPdjDHKW9XIrwm7qpL89JznHLkPq7iVI6JvilkrcnEtuyw4AjQPA1LInZ
xXhq2z9IMrll3aw/m+pDfYBwnaJ8fihJKnQK6nNvIRgniGZZqmT1cG+Pa+cFCiHa
L+aNoZntD1aqhboqiqV0vFKOfAbYxmJqErRAzqZYvF5etGIwawcKxrXs92AdozPV
W866Cisfw11A+js6lGb6h3FRiDP0y3VYYYrKHqHLn3NbC9Gt7euvIi+Sutow61pk
doBShCqX3OKWatos8M7SmU72uYzBq7iJBGgJAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUNT/fpZANNSkmpYSjl5r3NoQZaH8wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9OVF9mcFpBTk5Ta21wWVNqbDVy
M05vUVphSDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3ng
MA0GCSqGSIb3DQEBCwUAA4IBAQAGyvtlszl7HHtMIahbMCI1pOjDhT9JrvZrS6yh
xB2EFqPgnCEkBDtYGjrg5s5sdbdhrNmm3DIjc2LsNLQ8IbvtFW/xn6fL0ii0ZlhO
QTARlvESJHcILK6Fq1EIFqDfg5sD4o+oMCySDEJ83xj3tYB0AO6y3Boc2V89tkuU
2DhC4lQZW0uYBznUqKsVBdcUa+f2uq3gJvPcZ8dgy1+kAUm2uvoqCWPBdt0OoKOT
h0t7qRQ2YY7cYqOm872kFRwwCo3/ALVlurDA5U1jsJa7dVmdaqU/c+oZmWlY9lPB
Kv2mQYklI7hlnzVnPgwvuJcEeKL3P2l+eXQumgEDx20qcJ0M
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:06:09 2025 by rpki-client