Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SYSNET/wOnSL2ejr8GHDr0IrAs0efafqak.roa
File: wOnSL2ejr8GHDr0IrAs0efafqak.roa (raw, json)
Hash identifier: TYgu7zrm2NQJnfjrywsssozMbPUfgVgJv8+1R+Kzyw4=
Subject key identifier: C0:E9:D2:2F:67:A3:AF:C1:87:0E:BD:08:AC:0B:34:79:F6:9F:A9:A9
Certificate issuer: /CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC
Certificate serial: 097E
Authority key identifier: 96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/wOnSL2ejr8GHDr0IrAs0efafqak.roa
Signing time: Wed 29 Sep 2021 02:36:38 +0000
ROA not before: Wed 29 Sep 2021 02:36:38 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4783
IP address blocks: 202.39.96.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2430 (0x97e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC
Validity
Not Before: Sep 29 02:36:38 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=C0E9D22F67A3AFC1870EBD08AC0B3479F69FA9A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dc:49:53:be:4c:39:98:b8:88:b0:c9:21:5b:
ec:a3:8a:dc:81:98:81:2d:e0:f3:16:7c:0a:0d:2c:
f1:48:92:b1:da:46:ea:5a:a6:15:7a:85:87:24:08:
aa:a5:6c:2f:05:5e:f3:a9:dc:0d:c8:eb:08:33:7c:
76:48:e2:00:7c:f7:e8:f2:d1:7b:f7:83:73:3f:ca:
52:e8:9f:20:41:02:57:08:6e:11:01:82:5b:cc:d0:
38:43:15:78:f3:f8:42:bf:51:a1:de:1c:e5:e7:92:
89:11:e4:97:98:8b:9f:9c:66:d3:02:31:ce:93:36:
37:68:10:9c:46:bd:b4:c5:ee:a8:d7:48:ba:59:f0:
db:32:15:b6:41:53:f4:86:90:16:e0:18:a6:8d:37:
93:5c:37:49:e7:cb:25:4b:99:8d:a5:91:b1:d3:e8:
ee:8e:8a:b4:5f:b4:f8:88:48:24:cb:2d:d9:9e:c4:
ce:d2:73:b0:78:a0:80:f8:eb:5e:d2:bb:06:c1:81:
a2:c7:47:3b:cc:eb:ab:d7:67:04:72:52:cd:a1:9a:
77:3a:58:c8:9c:fe:a5:52:16:c8:3b:44:36:7f:0c:
d0:72:76:5d:fe:b1:8c:cc:19:21:88:cd:49:fa:50:
67:40:ad:37:b1:6c:a6:fd:c1:06:c8:f7:a4:e0:12:
26:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E9:D2:2F:67:A3:AF:C1:87:0E:BD:08:AC:0B:34:79:F6:9F:A9:A9
X509v3 Authority Key Identifier:
keyid:96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/wOnSL2ejr8GHDr0IrAs0efafqak.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.39.96.0/20
Signature Algorithm: sha256WithRSAEncryption
94:82:11:89:4b:7e:9b:30:eb:16:de:b1:cb:04:cb:f5:7a:7e:
1d:22:11:5f:92:e5:6d:09:71:e8:97:bc:8f:3a:87:6c:71:08:
be:46:8f:a3:4d:9e:47:05:8f:51:72:a5:08:d1:70:cc:4a:f6:
2c:fc:14:c8:bd:63:9b:89:84:d6:06:7d:94:d9:83:f4:f8:5e:
48:5e:23:ae:a2:d4:10:9e:3e:0d:74:62:35:98:5c:eb:d8:4b:
eb:1e:e8:18:75:b0:f9:1e:a6:23:0c:43:ea:38:7e:49:ba:88:
a4:2e:6d:48:82:c6:6e:5b:ee:78:8d:e3:ba:39:d7:db:0f:11:
48:fa:de:53:9c:55:5a:f5:bb:c9:d3:ad:89:01:cc:15:45:a9:
cd:0c:e2:1a:c1:f7:07:99:57:bd:25:3d:ac:0c:4a:9f:36:b5:
3f:27:2a:6b:6a:c7:93:55:e4:fd:b5:48:c8:18:f7:3a:1e:05:
d1:e7:92:9e:41:b0:82:8d:6f:03:eb:b0:4e:d6:bd:c6:26:11:
e1:52:42:a6:32:0d:d0:49:7f:9c:60:93:e3:d3:7b:a6:f3:e6:
a1:5f:8f:ce:42:4d:10:ba:d5:8c:52:31:95:f2:d4:c2:d4:9e:
28:0f:11:6c:95:f8:03:92:6a:76:b1:58:ab:57:7a:25:08:b5:
85:c9:94:77
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCX4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTZC
Qjk0QjQ1N0Y5RDgyQTI5QjVCMkZEOUYzQTQ0MTg4OTlFNzFFQzAeFw0yMTA5Mjkw
MjM2MzhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEMwRTlEMjJGNjdBM0FG
QzE4NzBFQkQwOEFDMEIzNDc5RjY5RkE5QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG3ElTvkw5mLiIsMkhW+yjityBmIEt4PMWfAoNLPFIkrHaRupa
phV6hYckCKqlbC8FXvOp3A3I6wgzfHZI4gB89+jy0Xv3g3M/ylLonyBBAlcIbhEB
glvM0DhDFXjz+EK/UaHeHOXnkokR5JeYi5+cZtMCMc6TNjdoEJxGvbTF7qjXSLpZ
8NsyFbZBU/SGkBbgGKaNN5NcN0nnyyVLmY2lkbHT6O6OirRftPiISCTLLdmexM7S
c7B4oID4617SuwbBgaLHRzvM66vXZwRyUs2hmnc6WMic/qVSFsg7RDZ/DNBydl3+
sYzMGSGIzUn6UGdArTexbKb9wQbI96TgEibJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwOnSL2ejr8GHDr0IrAs0efafqakwHwYDVR0jBBgwFoAUlruUtFf52CoptbL9
nzpEGImecewwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVU
L2xydVV0RmY1MkNvcHRiTDluenBFR0ltZWNldy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbHJ1VXRGZjUyQ29wdGJMOW56cEVHSW1lY2V3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVUL3dPblNMMmVqcjhHSERyMEly
QXMwZWZhZnFhay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATK
J2AwDQYJKoZIhvcNAQELBQADggEBAJSCEYlLfpsw6xbescsEy/V6fh0iEV+S5W0J
ceiXvI86h2xxCL5Gj6NNnkcFj1FypQjRcMxK9iz8FMi9Y5uJhNYGfZTZg/T4Xkhe
I66i1BCePg10YjWYXOvYS+se6Bh1sPkepiMMQ+o4fkm6iKQubUiCxm5b7niN47o5
19sPEUj63lOcVVr1u8nTrYkBzBVFqc0M4hrB9weZV70lPawMSp82tT8nKmtqx5NV
5P21SMgY9zoeBdHnkp5BsIKNbwPrsE7WvcYmEeFSQqYyDdBJf5xgk+PTe6bz5qFf
j85CTRC61YxSMZXy1MLUnigPEWyV+AOSanaxWKtXeiUItYXJlHc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:05 2023 by rpki-client on console-ams.rpki-client.org