Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/XnQ-MkdA-9j66tcN5Tb6rs4k4CQ.roa
File: XnQ-MkdA-9j66tcN5Tb6rs4k4CQ.roa (raw, json)
Hash identifier: qzrdSdZNzc+obPNs6sXotZtO3hqm1tzlU9mF5y5adoQ=
Subject key identifier: 5E:74:3E:32:47:40:FB:D8:FA:EA:D7:0D:E5:36:FA:AE:CE:24:E0:24
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0AB1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/XnQ-MkdA-9j66tcN5Tb6rs4k4CQ.roa
Signing time: Thu 15 Sep 2022 02:41:48 +0000
ROA not before: Thu 15 Sep 2022 02:41:48 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18419
IP address blocks: 103.234.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2737 (0xab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 15 02:41:48 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5E743E324740FBD8FAEAD70DE536FAAECE24E024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:51:ed:15:b7:48:ec:87:2d:4d:eb:23:45:15:
32:3d:ce:6f:55:78:0a:90:3e:37:ef:6d:72:5e:df:
51:f9:9e:82:ac:56:d0:40:59:39:9e:51:69:bd:2f:
85:3a:f4:fe:fc:6f:10:7b:47:20:a3:a5:b3:98:1a:
8c:0e:8b:5c:69:db:83:ee:72:07:8d:ae:72:8d:9f:
c2:d4:af:2e:08:82:a8:ab:fe:1e:96:a8:f1:7c:73:
1b:63:3b:9c:96:19:71:3b:b5:cd:79:cc:30:64:f0:
36:b1:69:77:ed:a8:87:76:6f:27:09:a7:fb:5d:96:
71:95:42:11:76:ac:4a:ec:bc:61:ea:3e:8c:35:b5:
bd:81:c0:5e:ad:04:3b:91:6d:39:92:9c:ca:35:08:
4f:94:5e:e1:12:df:bc:b2:ec:94:fd:4d:e9:e5:e6:
7e:0a:51:a9:ba:d5:a4:fe:ba:ee:8a:c9:d0:54:ba:
42:5f:08:77:42:40:5d:f2:1c:de:86:93:ca:2d:3e:
f1:ac:ee:91:30:ef:e0:4f:86:bb:cc:a3:57:56:5e:
91:d7:d7:b3:d2:5c:d8:1b:02:2e:49:f5:c3:b8:90:
50:6c:a7:f5:80:2d:24:25:b7:fe:5d:68:0d:b6:0a:
7d:cb:bf:da:78:f2:ae:f3:71:23:f6:3d:07:1d:ff:
fb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:74:3E:32:47:40:FB:D8:FA:EA:D7:0D:E5:36:FA:AE:CE:24:E0:24
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/XnQ-MkdA-9j66tcN5Tb6rs4k4CQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.234.204.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:b9:0b:58:16:67:aa:09:7f:71:48:0a:90:ef:21:90:ff:a9:
44:32:6c:79:4e:76:02:a9:b9:20:aa:fd:f3:7e:fa:28:1c:9b:
94:6a:ab:e5:66:f9:9b:a5:3b:67:4f:a9:41:3e:c2:97:d7:27:
55:f0:81:59:d4:34:f9:d4:d9:c0:a2:94:86:dc:97:43:5a:e6:
bd:81:86:f3:8d:48:04:6e:03:fc:ad:bc:db:30:8a:91:a1:48:
a3:77:56:ba:13:5c:15:f8:01:a4:e7:86:d6:78:df:65:f6:88:
42:dc:92:32:bc:4c:d3:51:24:86:87:e9:6a:01:55:4f:dc:91:
ac:6a:63:a6:1d:64:80:47:2f:c6:3f:cb:b1:71:98:fb:7b:75:
cc:b3:54:36:fb:83:b8:6d:91:22:5e:f9:05:0b:71:7f:80:89:
10:8f:63:68:fb:b1:3a:21:fc:ec:d0:e8:4d:93:a9:70:29:6e:
1e:0f:6c:61:75:6b:fa:01:fc:35:58:08:11:2f:77:60:4d:16:
58:7e:1f:6e:4d:79:95:6e:9a:25:6b:bb:05:30:e7:05:26:78:
4f:56:65:e3:d7:36:1f:5f:73:5e:b5:33:a6:80:66:6d:1a:b4:
a8:bf:32:1c:53:ed:a6:9e:d5:dc:78:b3:a5:0f:30:2e:c8:60:
5c:38:cb:55
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMjA5MTUw
MjQxNDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVFNzQzRTMyNDc0MEZC
RDhGQUVBRDcwREU1MzZGQUFFQ0UyNEUwMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWUe0Vt0jshy1N6yNFFTI9zm9VeAqQPjfvbXJe31H5noKsVtBA
WTmeUWm9L4U69P78bxB7RyCjpbOYGowOi1xp24PucgeNrnKNn8LUry4Igqir/h6W
qPF8cxtjO5yWGXE7tc15zDBk8DaxaXftqId2bycJp/tdlnGVQhF2rErsvGHqPow1
tb2BwF6tBDuRbTmSnMo1CE+UXuES37yy7JT9Tenl5n4KUam61aT+uu6KydBUukJf
CHdCQF3yHN6Gk8otPvGs7pEw7+BPhrvMo1dWXpHX17PSXNgbAi5J9cO4kFBsp/WA
LSQlt/5daA22Cn3Lv9p48q7zcSP2PQcd//tvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUXnQ+MkdA+9j66tcN5Tb6rs4k4CQwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9YblEtTWtkQS05ajY2dGNONVRi
NnJzNGs0Q1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+rM
MA0GCSqGSIb3DQEBCwUAA4IBAQCfuQtYFmeqCX9xSAqQ7yGQ/6lEMmx5TnYCqbkg
qv3zfvooHJuUaqvlZvmbpTtnT6lBPsKX1ydV8IFZ1DT51NnAopSG3JdDWua9gYbz
jUgEbgP8rbzbMIqRoUijd1a6E1wV+AGk54bWeN9l9ohC3JIyvEzTUSSGh+lqAVVP
3JGsamOmHWSARy/GP8uxcZj7e3XMs1Q2+4O4bZEiXvkFC3F/gIkQj2No+7E6Ifzs
0OhNk6lwKW4eD2xhdWv6Afw1WAgRL3dgTRZYfh9uTXmVbpola7sFMOcFJnhPVmXj
1zYfX3NetTOmgGZtGrSovzIcU+2mntXceLOlDzAuyGBcOMtV
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org