Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/NxdaGfdpZ1XEjn0DkWeSp0z0LTY.roa
File: NxdaGfdpZ1XEjn0DkWeSp0z0LTY.roa (raw, json)
Hash identifier: hlQH8rRLr5LsaIJ36s8Ua3igyz8dWYr54Q7W76Um/Vw=
Subject key identifier: 37:17:5A:19:F7:69:67:55:C4:8E:7D:03:91:67:92:A7:4C:F4:2D:36
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0AB1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/NxdaGfdpZ1XEjn0DkWeSp0z0LTY.roa
Signing time: Thu 15 Sep 2022 02:41:45 +0000
ROA not before: Thu 15 Sep 2022 02:41:45 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18419
IP address blocks: 203.121.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2737 (0xab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 15 02:41:45 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=37175A19F7696755C48E7D03916792A74CF42D36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:24:fd:be:9c:65:69:54:16:92:cd:ef:d4:b2:
76:64:ee:c1:52:65:8a:3a:7a:ea:71:4b:c0:be:39:
c5:54:01:b8:89:6c:f5:ac:4e:53:1b:58:07:77:98:
01:04:0c:45:c9:38:1a:fc:7b:4f:84:f9:fd:1a:58:
22:e1:02:24:96:96:cc:4b:cc:79:a4:d2:e9:b8:fd:
c3:b2:c7:d8:d5:57:c2:ae:4a:6d:47:49:82:e3:19:
eb:9d:27:5a:df:8f:8b:c3:54:c0:f1:2f:5e:5b:46:
d1:cf:b2:b4:84:18:b2:5c:cf:58:3d:6b:66:13:ce:
0f:c2:e9:e1:d4:e3:f0:d3:c3:34:a1:d6:25:6e:11:
84:66:2d:87:5a:db:88:5c:f8:81:4c:bc:15:0a:c2:
bd:88:95:a6:c9:aa:4a:7f:be:40:a1:97:14:88:e7:
a4:6c:92:b0:de:1e:ad:4a:c4:72:63:20:56:60:7e:
24:ed:47:96:1c:e4:a2:b4:8e:95:ea:03:08:13:0d:
ca:59:11:3a:e4:d2:75:73:84:06:b0:88:c3:c8:d3:
be:f9:e7:e1:12:90:19:bb:5b:a2:df:22:a0:bd:ba:
e3:58:f9:ad:5b:4c:30:cb:de:ec:7b:c9:0e:35:86:
6e:c7:c5:65:93:ab:86:cb:ba:36:26:c3:72:ff:f6:
b6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:17:5A:19:F7:69:67:55:C4:8E:7D:03:91:67:92:A7:4C:F4:2D:36
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/NxdaGfdpZ1XEjn0DkWeSp0z0LTY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.240.0/20
Signature Algorithm: sha256WithRSAEncryption
11:1b:d9:8d:6f:8c:8d:b4:b5:27:7a:3e:58:aa:bb:a6:18:5a:
b7:53:2f:a2:14:52:ae:cf:63:be:b2:e1:dd:3b:ff:25:73:78:
7b:b1:c2:a4:96:73:7c:43:9b:9e:04:da:a4:f7:95:fd:e8:90:
12:73:07:2e:6e:de:23:88:0d:88:46:68:a2:d9:a7:99:ff:b2:
71:43:a8:b8:a1:60:05:f7:19:23:4b:83:28:b5:cd:59:c6:c2:
83:0c:04:12:68:3d:aa:32:e4:34:1a:03:09:e7:43:d4:70:cd:
c8:0f:53:44:60:e8:cd:d0:11:48:60:8d:a1:87:70:5b:e8:1f:
7d:f6:16:d9:4e:4d:fe:81:55:b1:67:f0:fe:8c:a6:d9:87:57:
a7:76:0f:90:71:f3:62:ba:ba:0a:b6:72:c2:2f:59:db:d4:0c:
42:c7:71:27:d7:95:49:a5:41:f3:00:36:39:b4:f8:47:3f:ab:
30:ab:f5:7a:ee:d9:a8:e4:c6:85:77:89:6a:38:75:f8:dd:5b:
89:b4:03:b2:7a:ea:99:ce:14:e5:f9:52:e2:9f:20:de:fb:16:
33:c5:2b:64:23:bf:6b:73:55:8f:30:27:94:ac:38:db:86:3a:
c0:cc:f3:20:83:62:73:d0:ba:b7:6d:c2:6a:b4:b3:fb:3a:7a:
8c:2c:a0:84
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMjA5MTUw
MjQxNDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM3MTc1QTE5Rjc2OTY3
NTVDNDhFN0QwMzkxNjc5MkE3NENGNDJEMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtJP2+nGVpVBaSze/UsnZk7sFSZYo6eupxS8C+OcVUAbiJbPWs
TlMbWAd3mAEEDEXJOBr8e0+E+f0aWCLhAiSWlsxLzHmk0um4/cOyx9jVV8KuSm1H
SYLjGeudJ1rfj4vDVMDxL15bRtHPsrSEGLJcz1g9a2YTzg/C6eHU4/DTwzSh1iVu
EYRmLYda24hc+IFMvBUKwr2IlabJqkp/vkChlxSI56RskrDeHq1KxHJjIFZgfiTt
R5Yc5KK0jpXqAwgTDcpZETrk0nVzhAawiMPI07755+ESkBm7W6LfIqC9uuNY+a1b
TDDL3ux7yQ41hm7HxWWTq4bLujYmw3L/9rYPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUNxdaGfdpZ1XEjn0DkWeSp0z0LTYwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9OeGRhR2ZkcFoxWEVqbjBEa1dl
U3AwejBMVFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3nw
MA0GCSqGSIb3DQEBCwUAA4IBAQARG9mNb4yNtLUnej5YqrumGFq3Uy+iFFKuz2O+
suHdO/8lc3h7scKklnN8Q5ueBNqk95X96JAScwcubt4jiA2IRmii2aeZ/7JxQ6i4
oWAF9xkjS4Motc1ZxsKDDAQSaD2qMuQ0GgMJ50PUcM3ID1NEYOjN0BFIYI2hh3Bb
6B999hbZTk3+gVWxZ/D+jKbZh1endg+QcfNiuroKtnLCL1nb1AxCx3En15VJpUHz
ADY5tPhHP6swq/V67tmo5MaFd4lqOHX43VuJtAOyeuqZzhTl+VLinyDe+xYzxStk
I79rc1WPMCeUrDjbhjrAzPMgg2Jz0Lq3bcJqtLP7OnqMLKCE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org