Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/_DS-h5MdnXbcu_n4GtvqRg4rtXg.roa
File: _DS-h5MdnXbcu_n4GtvqRg4rtXg.roa (raw, json)
Hash identifier: dLDiVEK3huW4w7WfVvuaO+s3Do+7/4TSCLoN49KjttQ=
Subject key identifier: FC:34:BE:87:93:1D:9D:76:DC:BB:F9:F8:1A:DB:EA:46:0E:2B:B5:78
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 08F8
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/_DS-h5MdnXbcu_n4GtvqRg4rtXg.roa
Signing time: Sun 07 Feb 2021 11:49:15 +0000
ROA not before: Sun 07 Feb 2021 11:49:15 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18419
IP address blocks: 124.109.112.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2296 (0x8f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Feb 7 11:49:15 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=FC34BE87931D9D76DCBBF9F81ADBEA460E2BB578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:4f:bf:4e:c1:d2:39:fe:2b:a1:e0:9f:54:8f:
a2:5e:f4:71:ee:88:1c:c3:f5:ae:85:4a:8c:e1:b7:
bc:4c:db:66:f4:98:08:e2:46:c0:55:c5:81:58:25:
79:f1:43:f9:bb:f3:97:2e:6c:c0:91:2e:b5:c3:0a:
f4:d4:37:ca:f8:19:c7:aa:c7:a3:ae:4f:6c:1c:7c:
26:ad:ca:f8:5d:cd:1d:30:03:26:01:b0:b7:80:38:
68:1d:89:24:41:94:44:d3:e1:c6:1d:28:09:0a:38:
7f:bf:73:79:7f:ee:b8:88:e6:df:b6:80:a5:77:b3:
83:55:59:9c:42:ba:1f:f3:1f:94:c6:51:41:81:b6:
0e:64:29:fa:7e:0d:ef:9b:7e:f0:50:7c:7b:55:39:
9e:82:1e:f3:22:9e:73:41:ac:37:3c:a9:2f:6a:45:
80:be:14:98:e7:dd:f2:92:dc:48:a3:7a:dd:41:77:
f5:89:b3:79:89:d0:6b:a0:8e:2b:66:5e:9d:0e:3e:
18:ae:52:44:a4:72:46:02:c0:bf:0c:ad:71:08:e6:
20:78:6e:9b:e7:2a:84:5f:55:11:69:b6:02:39:c9:
fc:8b:49:46:d7:cc:9d:c1:59:17:3d:b1:65:0d:99:
24:d1:2b:96:72:74:bb:0d:18:bb:4b:77:e4:c4:5f:
a2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:34:BE:87:93:1D:9D:76:DC:BB:F9:F8:1A:DB:EA:46:0E:2B:B5:78
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/_DS-h5MdnXbcu_n4GtvqRg4rtXg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.109.112.0/20
Signature Algorithm: sha256WithRSAEncryption
44:3e:05:73:7b:1d:f9:eb:65:5a:2d:a3:bc:58:9f:0a:bd:46:
cb:c6:ae:0d:1e:ff:2d:3d:55:c4:de:f9:e1:10:da:ad:3a:ad:
ca:b1:85:dc:82:ae:ad:84:fc:77:8b:1f:55:5c:44:4f:bd:e9:
e4:de:a3:ca:16:fe:94:d6:0d:a1:28:f3:b5:49:0e:65:77:c4:
83:cd:a8:a1:4a:86:9d:eb:86:e7:56:7e:be:2b:4c:e2:9e:f4:
be:c8:47:fe:c3:6d:8a:18:25:87:2a:34:3f:6a:d4:b2:d6:a9:
e1:70:04:25:b6:c4:7b:33:f1:bf:7b:13:2e:3d:b4:03:1d:4f:
d1:0b:44:59:9f:e2:9c:78:a5:47:dc:09:7e:ce:c7:a6:49:ed:
31:fc:fa:a0:b5:b1:7e:a3:c2:e5:c3:c5:cc:db:57:02:6d:c3:
73:70:10:6b:61:dc:cd:c3:de:e1:45:3b:95:61:fb:04:9d:ce:
78:02:4e:ff:e9:46:4b:64:bf:c1:c9:cb:5b:7f:61:f7:77:25:
5c:77:2c:ba:56:e3:e2:d0:34:1b:b7:77:7b:de:ee:61:02:68:
cd:87:21:59:2b:ce:40:7d:d9:2b:02:5c:ce:d3:f0:79:6f:2d:
56:67:03:3b:95:95:31:cf:e6:f1:38:e2:83:dc:11:a6:3d:65:
45:ab:f0:7b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMTAyMDcx
MTQ5MTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEZDMzRCRTg3OTMxRDlE
NzZEQ0JCRjlGODFBREJFQTQ2MEUyQkI1NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlT79OwdI5/iuh4J9Uj6Je9HHuiBzD9a6FSozht7xM22b0mAji
RsBVxYFYJXnxQ/m785cubMCRLrXDCvTUN8r4Gceqx6OuT2wcfCatyvhdzR0wAyYB
sLeAOGgdiSRBlETT4cYdKAkKOH+/c3l/7riI5t+2gKV3s4NVWZxCuh/zH5TGUUGB
tg5kKfp+De+bfvBQfHtVOZ6CHvMinnNBrDc8qS9qRYC+FJjn3fKS3Eijet1Bd/WJ
s3mJ0GugjitmXp0OPhiuUkSkckYCwL8MrXEI5iB4bpvnKoRfVRFptgI5yfyLSUbX
zJ3BWRc9sWUNmSTRK5ZydLsNGLtLd+TEX6JtAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU/DS+h5MdnXbcu/n4GtvqRg4rtXgwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9fRFMtaDVNZG5YYmN1X240R3R2
cVJnNHJ0WGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEfG1w
MA0GCSqGSIb3DQEBCwUAA4IBAQBEPgVzex3562VaLaO8WJ8KvUbLxq4NHv8tPVXE
3vnhENqtOq3KsYXcgq6thPx3ix9VXERPvenk3qPKFv6U1g2hKPO1SQ5ld8SDzaih
Soad64bnVn6+K0zinvS+yEf+w22KGCWHKjQ/atSy1qnhcAQltsR7M/G/exMuPbQD
HU/RC0RZn+KceKVH3Al+zsemSe0x/PqgtbF+o8Llw8XM21cCbcNzcBBrYdzNw97h
RTuVYfsEnc54Ak7/6UZLZL/Byctbf2H3dyVcdyy6VuPi0DQbt3d73u5hAmjNhyFZ
K85AfdkrAlzO0/B5by1WZwM7lZUxz+bxOOKD3BGmPWVFq/B7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org