Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SPETW/KR8ANgLcUtcb2FOC4I0IG9x3uVw.roa
File: KR8ANgLcUtcb2FOC4I0IG9x3uVw.roa (raw, json)
Hash identifier: F/nH1ln0vElmRCZt+wUxX3HnGCCeyKRBFiVsKux3Gpc=
Subject key identifier: 29:1F:00:36:02:DC:52:D7:1B:D8:53:82:E0:8D:08:1B:DC:77:B9:5C
Certificate issuer: /CN=6F8C92DFC78CBFE8C5EFD6BA5A37A1628221FFE2
Certificate serial: 0A1A
Authority key identifier: 6F:8C:92:DF:C7:8C:BF:E8:C5:EF:D6:BA:5A:37:A1:62:82:21:FF:E2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/b4yS38eMv-jF79a6WjehYoIh_-I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SPETW/KR8ANgLcUtcb2FOC4I0IG9x3uVw.roa
Signing time: Thu 15 Sep 2022 02:50:10 +0000
ROA not before: Thu 15 Sep 2022 02:50:10 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131634
IP address blocks: 103.117.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2586 (0xa1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6F8C92DFC78CBFE8C5EFD6BA5A37A1628221FFE2
Validity
Not Before: Sep 15 02:50:10 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=291F003602DC52D71BD85382E08D081BDC77B95C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fb:55:0d:04:8c:63:2a:e8:f2:c7:e9:20:22:
c2:5c:19:6b:30:88:a5:f0:69:42:f4:ec:db:f5:a3:
bd:97:06:18:c4:c8:be:67:e4:5e:b9:83:e5:07:f0:
61:93:6a:a1:ba:5a:0c:98:ee:aa:eb:5a:bb:e9:d3:
6b:fa:4d:d4:a5:86:b8:9b:00:e9:d8:ea:33:10:3e:
08:a1:23:59:4c:43:a8:31:56:22:e7:09:6f:f7:20:
c7:8f:79:ed:77:84:76:fb:1a:79:b1:11:33:57:a0:
4c:b7:f5:f4:c8:50:66:e7:e0:a2:d1:3c:40:43:d9:
7c:0e:cc:81:6f:08:83:60:59:70:98:0d:b3:fc:35:
e0:dc:9c:6e:e2:16:17:2c:5b:60:ec:2b:fb:3d:da:
6e:cf:0e:94:25:b8:bd:eb:c0:e2:c1:de:89:6d:52:
83:1f:8d:b0:e1:75:c0:57:4a:db:82:19:d8:3b:a8:
0d:71:09:33:17:02:66:93:86:1d:9d:a1:2f:3c:3b:
3e:62:9a:a7:d5:2b:49:83:1e:d1:f4:52:df:79:b0:
95:52:37:e4:03:35:a3:f9:9b:1d:0e:c0:0f:21:8d:
40:ee:4a:9a:a4:d5:59:5c:2d:14:4c:3b:1b:8b:39:
77:27:2e:e8:25:0f:6a:c9:33:45:37:c6:7e:ff:58:
b3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1F:00:36:02:DC:52:D7:1B:D8:53:82:E0:8D:08:1B:DC:77:B9:5C
X509v3 Authority Key Identifier:
keyid:6F:8C:92:DF:C7:8C:BF:E8:C5:EF:D6:BA:5A:37:A1:62:82:21:FF:E2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SPETW/b4yS38eMv-jF79a6WjehYoIh_-I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/b4yS38eMv-jF79a6WjehYoIh_-I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SPETW/KR8ANgLcUtcb2FOC4I0IG9x3uVw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.4.0/22
Signature Algorithm: sha256WithRSAEncryption
45:5f:cf:c4:2e:0d:1a:b3:9b:65:b4:4a:25:52:37:1e:b9:ff:
75:ea:b7:7a:3a:94:be:0e:be:fd:9d:6a:d6:d3:5f:d8:3f:f6:
69:e6:b5:a7:c1:c4:af:b0:52:cb:1b:a4:25:f2:40:e0:11:56:
c0:52:fa:ef:14:91:fb:c8:e8:3a:ba:48:71:4f:b9:a2:f3:eb:
80:ab:07:11:a4:f0:66:64:c3:37:26:80:fb:1c:be:31:de:57:
af:5b:3a:08:8f:c1:3f:20:54:38:0c:6a:71:9b:eb:1a:2a:53:
4d:87:47:c4:55:2d:1d:84:bd:ed:99:a8:8f:d9:14:a1:45:85:
2d:8a:16:78:f5:c3:7a:f7:0d:84:2f:68:58:20:b1:4d:6f:32:
e1:51:d1:33:76:85:f0:03:1d:a6:34:8a:4c:70:fb:83:65:89:
50:af:a2:0c:ac:8a:66:af:24:00:b6:8a:76:9d:d5:a8:5f:60:
98:c5:3b:02:ef:03:23:a8:55:65:df:d0:23:7d:16:c5:8a:94:
27:d0:ab:b2:a5:38:0d:b7:71:ed:cf:b1:bb:d3:8e:ea:6a:9f:
e7:d2:f2:c0:05:a5:76:2c:46:8c:4d:5c:aa:ed:9b:f8:ef:b0:
8d:5f:31:83:2d:66:64:cf:78:b5:ed:65:aa:d2:44:cf:fb:33:
29:cc:ba:02
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICChowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkY4
QzkyREZDNzhDQkZFOEM1RUZENkJBNUEzN0ExNjI4MjIxRkZFMjAeFw0yMjA5MTUw
MjUwMTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDI5MUYwMDM2MDJEQzUy
RDcxQkQ4NTM4MkUwOEQwODFCREM3N0I5NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2+1UNBIxjKujyx+kgIsJcGWswiKXwaUL07Nv1o72XBhjEyL5n
5F65g+UH8GGTaqG6WgyY7qrrWrvp02v6TdSlhribAOnY6jMQPgihI1lMQ6gxViLn
CW/3IMePee13hHb7GnmxETNXoEy39fTIUGbn4KLRPEBD2XwOzIFvCINgWXCYDbP8
NeDcnG7iFhcsW2DsK/s92m7PDpQluL3rwOLB3oltUoMfjbDhdcBXStuCGdg7qA1x
CTMXAmaThh2doS88Oz5imqfVK0mDHtH0Ut95sJVSN+QDNaP5mx0OwA8hjUDuSpqk
1VlcLRRMOxuLOXcnLuglD2rJM0U3xn7/WLN7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKR8ANgLcUtcb2FOC4I0IG9x3uVwwHwYDVR0jBBgwFoAUb4yS38eMv+jF79a6
WjehYoIh/+IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1BFVFcv
YjR5UzM4ZU12LWpGNzlhNldqZWhZb0loXy1JLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9iNHlTMzhlTXYtakY3OWE2V2plaFlvSWhfLUkuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TUEVUVy9LUjhBTmdMY1V0Y2IyRk9DNEkw
SUc5eDN1Vncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ3UE
MA0GCSqGSIb3DQEBCwUAA4IBAQBFX8/ELg0as5tltEolUjceuf916rd6OpS+Dr79
nWrW01/YP/Zp5rWnwcSvsFLLG6Ql8kDgEVbAUvrvFJH7yOg6ukhxT7mi8+uAqwcR
pPBmZMM3JoD7HL4x3levWzoIj8E/IFQ4DGpxm+saKlNNh0fEVS0dhL3tmaiP2RSh
RYUtihZ49cN69w2EL2hYILFNbzLhUdEzdoXwAx2mNIpMcPuDZYlQr6IMrIpmryQA
top2ndWoX2CYxTsC7wMjqFVl39AjfRbFipQn0KuypTgNt3Htz7G7047qap/n0vLA
BaV2LEaMTVyq7Zv477CNXzGDLWZkz3i17WWq0kTP+zMpzLoC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org