Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/HJLao0Ft3inBDQCAe-x4z4QRlbs.roa
File: HJLao0Ft3inBDQCAe-x4z4QRlbs.roa (raw, json)
Hash identifier: BEVv5ICtcenMwtoJPR+RF4G42Q+R7L9IEQoxrO4fLTI=
Subject key identifier: 1C:92:DA:A3:41:6D:DE:29:C1:0D:00:80:7B:EC:78:CF:84:11:95:BB
Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial: 0CA6
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/HJLao0Ft3inBDQCAe-x4z4QRlbs.roa
Signing time: Tue 24 Sep 2024 11:01:35 +0000
ROA not before: Tue 24 Sep 2024 11:01:35 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9922
IP address blocks: 39.1.64.0/20 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3238 (0xca6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Validity
Not Before: Sep 24 11:01:35 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1C92DAA3416DDE29C10D00807BEC78CF841195BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c1:87:b3:a2:ab:02:d1:83:8e:cd:39:2e:ea:
49:a1:1f:12:47:76:d9:a6:74:b6:d4:36:c8:38:4d:
52:74:35:1c:f8:7a:78:6e:b2:40:0b:65:3b:f0:76:
fb:13:14:13:4e:3f:57:0c:99:ce:41:34:69:66:49:
3d:1b:10:22:bf:41:fc:ce:a4:0b:54:81:04:64:64:
77:51:dd:ad:b8:ef:95:56:ff:4f:d0:0a:c1:58:95:
29:1e:e7:20:6e:49:57:e3:b0:6f:b4:14:ad:99:62:
ee:d0:61:5b:fd:78:87:35:b2:6b:b0:fb:3b:b9:e1:
67:42:f8:51:3b:8d:43:e3:c9:50:c3:74:55:93:fc:
83:2b:46:cc:cf:69:3f:dc:2a:47:a8:1a:b9:3c:b4:
72:3c:86:ab:56:13:3a:49:98:72:dd:46:b2:9e:60:
9e:d7:57:dd:c8:54:a5:88:2f:8b:d8:37:9b:35:16:
c8:c6:e4:d8:af:14:7b:23:d4:fa:0b:01:8b:82:7d:
37:fa:79:49:06:55:d0:fe:12:8f:f8:98:f9:ca:e1:
16:75:8e:71:59:5a:aa:77:f1:de:ad:ea:99:43:ea:
bd:a2:46:65:4b:3d:68:c6:c2:75:65:6e:8d:f6:66:
2d:7b:ea:36:cc:6e:86:c2:18:8a:86:45:3a:c2:be:
fd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:92:DA:A3:41:6D:DE:29:C1:0D:00:80:7B:EC:78:CF:84:11:95:BB
X509v3 Authority Key Identifier:
keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/HJLao0Ft3inBDQCAe-x4z4QRlbs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
39.1.64.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:a8:96:47:aa:7b:30:13:2b:41:c1:a2:97:bc:fe:15:7d:7f:
a4:f6:f2:7a:c5:22:6f:ba:85:17:82:39:bf:cc:dc:47:26:22:
06:53:47:9b:5b:ca:f0:57:1c:a2:db:ac:c9:9b:7a:45:3e:2e:
96:0f:a0:64:f1:ea:9e:d1:c6:ad:42:48:00:be:63:52:52:e5:
8e:fe:48:ee:19:1c:9f:5b:53:8e:61:9e:2c:aa:70:fe:9b:ee:
72:c5:73:e1:0e:32:df:7a:ec:2e:a9:fe:87:1d:4f:32:48:8b:
b8:cb:0b:b9:0e:a4:f3:d0:fc:45:c9:bb:4e:b2:7c:e1:2b:1c:
be:09:fb:01:f6:d0:e0:c1:b1:82:a8:6e:ac:8d:10:b8:dc:05:
08:4e:c8:4e:11:54:65:f1:0a:b2:aa:54:a6:ca:d6:03:5b:68:
d1:71:b3:6f:0d:40:0a:f3:97:c7:71:34:04:1f:0b:2f:04:93:
50:a8:6a:4b:85:6e:b8:1f:01:a2:ac:de:a5:48:e1:2f:d7:e9:
ba:d1:0e:30:95:35:28:7f:dd:9b:d2:fe:a0:af:71:1c:fa:bc:
63:41:a2:51:f6:4d:46:a3:ea:3e:97:96:29:ee:83:3f:88:b9:
14:8e:41:a4:b9:16:a8:6f:17:cc:5d:7a:50:44:9f:a3:58:f1:
49:ec:be:b6
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yNDA5MjQx
MTAxMzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFDOTJEQUEzNDE2RERF
MjlDMTBEMDA4MDdCRUM3OENGODQxMTk1QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqwYezoqsC0YOOzTku6kmhHxJHdtmmdLbUNsg4TVJ0NRz4enhu
skALZTvwdvsTFBNOP1cMmc5BNGlmST0bECK/QfzOpAtUgQRkZHdR3a2475VW/0/Q
CsFYlSke5yBuSVfjsG+0FK2ZYu7QYVv9eIc1smuw+zu54WdC+FE7jUPjyVDDdFWT
/IMrRszPaT/cKkeoGrk8tHI8hqtWEzpJmHLdRrKeYJ7XV93IVKWIL4vYN5s1FsjG
5NivFHsj1PoLAYuCfTf6eUkGVdD+Eo/4mPnK4RZ1jnFZWqp38d6t6plD6r2iRmVL
PWjGwnVlbo32Zi176jbMbobCGIqGRTrCvv2RAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHJLao0Ft3inBDQCAe+x4z4QRlbswHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9ISkxhbzBGdDNpbkJEUUNBZS14
NHo0UVJsYnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJwFA
MA0GCSqGSIb3DQEBCwUAA4IBAQBcqJZHqnswEytBwaKXvP4VfX+k9vJ6xSJvuoUX
gjm/zNxHJiIGU0ebW8rwVxyi26zJm3pFPi6WD6Bk8eqe0catQkgAvmNSUuWO/kju
GRyfW1OOYZ4sqnD+m+5yxXPhDjLfeuwuqf6HHU8ySIu4ywu5DqTz0PxFybtOsnzh
Kxy+CfsB9tDgwbGCqG6sjRC43AUITshOEVRl8QqyqlSmytYDW2jRcbNvDUAK85fH
cTQEHwsvBJNQqGpLhW64HwGirN6lSOEv1+m60Q4wlTUof92b0v6gr3Ec+rxjQaJR
9k1Go+o+l5Yp7oM/iLkUjkGkuRaobxfMXXpQRJ+jWPFJ7L62
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:46 2025 by rpki-client