Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/OH1tBBDwfH6PyAsLl_3E04cbnnQ.roa
File: OH1tBBDwfH6PyAsLl_3E04cbnnQ.roa (raw, json)
Hash identifier: vCIR60/tO8xyelVGl7LJmuQj6zTCIXdq/AJyvibcZ9Q=
Subject key identifier: 38:7D:6D:04:10:F0:7C:7E:8F:C8:0B:0B:97:FD:C4:D3:87:1B:9E:74
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0AB1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/OH1tBBDwfH6PyAsLl_3E04cbnnQ.roa
Signing time: Thu 15 Sep 2022 02:41:48 +0000
ROA not before: Thu 15 Sep 2022 02:41:48 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18419
IP address blocks: 150.129.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2737 (0xab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 15 02:41:48 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=387D6D0410F07C7E8FC80B0B97FDC4D3871B9E74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d7:35:42:6c:2a:4b:6e:35:47:8b:82:a1:9e:
6d:a1:bb:ba:cb:39:42:f3:c2:c6:15:19:96:47:27:
e8:ef:13:38:a3:75:6a:fe:c3:7e:94:a5:f6:69:82:
2a:0b:ef:49:aa:51:bf:9c:f7:e2:62:54:68:04:ea:
2c:5a:56:29:fd:61:77:59:a6:52:17:d7:8d:1b:49:
f5:4b:e7:59:a0:9b:d8:fa:6f:82:71:cb:71:a7:8e:
4f:ec:cb:87:9a:3f:06:3b:22:59:4f:66:e2:e9:70:
01:3c:ec:dd:3d:9d:92:a2:5a:48:cc:52:17:d8:63:
35:6f:ef:cb:1e:1c:8d:ed:b0:f3:f4:62:31:1b:07:
37:b2:30:26:c8:81:e3:ee:d8:af:8a:2d:92:6a:97:
4d:43:dd:9d:34:46:51:40:4e:ec:f9:60:eb:fc:03:
35:38:8e:19:67:9f:a1:86:43:f3:18:32:76:8c:1c:
e0:29:49:af:58:30:27:62:b6:e5:38:9d:27:88:a0:
16:56:1e:48:1a:8c:cb:24:5a:67:3c:ed:19:bf:be:
63:25:0c:87:8f:ad:a6:eb:04:33:df:72:13:bf:ba:
28:c0:4a:22:04:c4:32:bb:fd:36:fc:98:6d:32:09:
79:20:15:a3:44:84:5b:bc:81:ac:5d:46:00:23:a2:
75:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7D:6D:04:10:F0:7C:7E:8F:C8:0B:0B:97:FD:C4:D3:87:1B:9E:74
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/OH1tBBDwfH6PyAsLl_3E04cbnnQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.129.72.0/22
Signature Algorithm: sha256WithRSAEncryption
46:32:e7:49:b3:1d:d7:df:b9:fd:9a:6a:64:13:c4:ef:88:88:
71:86:5c:db:7a:d3:2d:b9:3d:3e:96:a3:ee:c5:d3:5d:12:62:
d1:f0:0b:ff:c5:c3:de:07:ba:2a:8a:05:50:2d:e0:50:c3:75:
cc:1b:25:43:62:e8:da:aa:ec:07:ef:76:9d:0b:64:cc:03:da:
9b:3b:26:f3:17:0a:37:3d:b0:a2:64:36:00:d4:14:b9:d5:dc:
84:5a:04:02:9d:a7:7a:cd:1c:d1:1e:00:05:49:f0:cb:75:7b:
5e:57:c7:fb:2e:a7:7c:8e:c5:d1:6d:47:c0:74:75:14:37:5f:
b6:51:b7:86:f1:4b:fb:d8:0f:7e:12:c8:2e:06:7a:45:5e:f1:
34:66:dc:f8:32:e5:c6:40:77:2b:49:12:06:23:eb:4e:d1:91:
32:6e:46:d0:64:5e:9d:66:c6:b3:c9:e9:d1:e4:fb:63:ae:29:
a4:bd:e5:26:33:11:04:e3:68:41:36:79:07:dd:06:94:ec:a6:
25:df:e0:a4:a9:75:f5:b9:cd:dc:a1:c0:40:27:6d:7c:e3:a1:
f7:06:92:f2:e9:4a:0e:d6:23:59:55:1f:6a:7d:63:cb:60:96:
d4:f7:92:8e:b0:fa:b8:8f:1c:39:71:bf:38:8b:f9:d4:e2:8f:
87:9d:74:ca
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMjA5MTUw
MjQxNDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM4N0Q2RDA0MTBGMDdD
N0U4RkM4MEIwQjk3RkRDNEQzODcxQjlFNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC31zVCbCpLbjVHi4Khnm2hu7rLOULzwsYVGZZHJ+jvEzijdWr+
w36UpfZpgioL70mqUb+c9+JiVGgE6ixaVin9YXdZplIX140bSfVL51mgm9j6b4Jx
y3Gnjk/sy4eaPwY7IllPZuLpcAE87N09nZKiWkjMUhfYYzVv78seHI3tsPP0YjEb
BzeyMCbIgePu2K+KLZJql01D3Z00RlFATuz5YOv8AzU4jhlnn6GGQ/MYMnaMHOAp
Sa9YMCdituU4nSeIoBZWHkgajMskWmc87Rm/vmMlDIePrabrBDPfchO/uijASiIE
xDK7/Tb8mG0yCXkgFaNEhFu8gaxdRgAjonWRAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUOH1tBBDwfH6PyAsLl/3E04cbnnQwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9PSDF0QkJEd2ZINlB5QXNMbF8z
RTA0Y2JublEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloFI
MA0GCSqGSIb3DQEBCwUAA4IBAQBGMudJsx3X37n9mmpkE8TviIhxhlzbetMtuT0+
lqPuxdNdEmLR8Av/xcPeB7oqigVQLeBQw3XMGyVDYujaquwH73adC2TMA9qbOybz
Fwo3PbCiZDYA1BS51dyEWgQCnad6zRzRHgAFSfDLdXteV8f7Lqd8jsXRbUfAdHUU
N1+2UbeG8Uv72A9+EsguBnpFXvE0Ztz4MuXGQHcrSRIGI+tO0ZEybkbQZF6dZsaz
yenR5PtjrimkveUmMxEE42hBNnkH3QaU7KYl3+CkqXX1uc3cocBAJ21846H3BpLy
6UoO1iNZVR9qfWPLYJbU95KOsPq4jxw5cb84i/nU4o+HnXTK
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org