Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/1GzZiXLlWmXGAnQO4Jq7Z8n4MGA.roa
File: 1GzZiXLlWmXGAnQO4Jq7Z8n4MGA.roa (raw, json)
Hash identifier: afr4YJv1QyB4XbtsOaAdmzGRIhYp+Mw0jSXBXwbRAyg=
Subject key identifier: D4:6C:D9:89:72:E5:5A:65:C6:02:74:0E:E0:9A:BB:67:C9:F8:30:60
Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9
Certificate serial: 0A6B
Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/1GzZiXLlWmXGAnQO4Jq7Z8n4MGA.roa
Signing time: Thu 15 Sep 2022 02:42:04 +0000
ROA not before: Thu 15 Sep 2022 02:42:04 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131584
IP address blocks: 101.3.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2667 (0xa6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9
Validity
Not Before: Sep 15 02:42:04 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D46CD98972E55A65C602740EE09ABB67C9F83060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d3:cc:8d:b9:17:12:37:d8:b4:6a:62:93:f1:
0b:43:15:97:21:4a:13:2f:3f:f8:4d:cc:20:45:07:
2b:40:a0:9b:24:f0:c0:f8:4c:ff:34:6a:0a:a6:0c:
9d:f9:ce:ba:ad:f6:9f:08:64:64:68:c9:9f:aa:2c:
ea:d2:a1:69:b5:9a:10:46:12:cd:55:13:83:ed:5f:
20:a9:eb:db:1c:da:79:d0:c6:1b:3b:35:31:16:f6:
e6:bf:8f:ae:b7:9d:37:ac:13:74:59:aa:25:df:9a:
91:7e:cb:cc:8d:26:93:34:ff:0f:b6:41:33:46:4d:
93:d7:92:17:5f:df:19:a2:3e:7b:71:96:78:63:dc:
f6:a8:fc:19:67:7b:74:b5:fc:4c:79:ab:67:26:42:
0a:ec:ec:41:07:35:c1:70:13:a2:cb:04:10:68:94:
5c:2e:f8:4f:76:cb:08:e7:6a:8f:61:dd:b3:77:2c:
12:55:86:01:14:4e:b7:72:3e:f7:ce:3a:26:cd:10:
58:ce:a4:2e:34:9d:48:ed:fb:1d:ef:85:4b:d8:c5:
d0:d7:5d:3e:1f:f7:8a:b6:3c:2d:d2:25:02:1a:97:
d4:ad:09:7d:5e:20:71:4c:99:64:55:ad:96:e8:25:
bc:cc:d5:ec:72:65:63:81:e9:a5:46:17:17:6e:bd:
f6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6C:D9:89:72:E5:5A:65:C6:02:74:0E:E0:9A:BB:67:C9:F8:30:60
X509v3 Authority Key Identifier:
keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/1GzZiXLlWmXGAnQO4Jq7Z8n4MGA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:95:8b:fc:b8:a2:c9:7c:8b:a1:a6:c7:49:e5:e0:70:20:ff:
1a:28:f5:59:bb:ef:3b:9e:05:a9:9a:85:43:0f:e7:d8:90:35:
82:fc:51:7c:61:c2:cb:63:02:da:5a:67:b7:86:40:ba:5b:37:
01:8d:63:9c:63:9b:e7:de:9e:6d:97:00:6e:1c:1a:45:ae:71:
94:a2:e1:27:08:7d:f0:d9:c0:9d:94:73:3f:2c:0a:04:f0:c0:
4c:a9:bb:ef:26:df:ad:9f:84:87:5a:a0:22:5b:51:8e:f1:c7:
15:26:11:f7:b3:90:ca:82:54:04:fa:96:35:7b:4b:bc:53:66:
a9:88:a2:fc:77:69:42:2b:c7:46:4e:4c:d2:70:95:84:25:92:
96:b5:f7:90:77:87:04:92:9b:71:e3:f3:6a:cb:fc:aa:30:2e:
8e:39:30:99:7d:84:a1:70:c5:f0:28:06:d3:7c:26:0b:0a:57:
95:ad:91:ad:e6:b2:67:21:ce:e6:f0:94:f8:f0:88:76:12:ab:
fb:9c:de:a6:9d:15:e2:d9:ea:f8:3a:b4:d0:0b:54:a8:83:9a:
56:97:30:e5:f4:79:fe:bd:7a:2c:88:ea:bd:a1:4f:73:50:a3:
a8:90:02:40:3b:0f:fc:ba:d8:79:a9:92:e7:53:f6:f5:0d:bd:
f4:94:7d:41
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCmswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1
NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yMjA5MTUw
MjQyMDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ0NkNEOTg5NzJFNTVB
NjVDNjAyNzQwRUUwOUFCQjY3QzlGODMwNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP08yNuRcSN9i0amKT8QtDFZchShMvP/hNzCBFBytAoJsk8MD4
TP80agqmDJ35zrqt9p8IZGRoyZ+qLOrSoWm1mhBGEs1VE4PtXyCp69sc2nnQxhs7
NTEW9ua/j663nTesE3RZqiXfmpF+y8yNJpM0/w+2QTNGTZPXkhdf3xmiPntxlnhj
3Pao/Blne3S1/Ex5q2cmQgrs7EEHNcFwE6LLBBBolFwu+E92ywjnao9h3bN3LBJV
hgEUTrdyPvfOOibNEFjOpC40nUjt+x3vhUvYxdDXXT4f94q2PC3SJQIal9StCX1e
IHFMmWRVrZboJbzM1exyZWOB6aVGFxduvfYJAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU1GzZiXLlWmXGAnQO4Jq7Z8n4MGAwHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N
UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83
NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2LzFHelppWExsV21Y
R0FuUU80SnE3WjhuNE1HQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBlAzANBgkqhkiG9w0BAQsFAAOCAQEAj5WL/LiiyXyLoabHSeXgcCD/Gij1
WbvvO54FqZqFQw/n2JA1gvxRfGHCy2MC2lpnt4ZAuls3AY1jnGOb596ebZcAbhwa
Ra5xlKLhJwh98NnAnZRzPywKBPDATKm77ybfrZ+Eh1qgIltRjvHHFSYR97OQyoJU
BPqWNXtLvFNmqYii/HdpQivHRk5M0nCVhCWSlrX3kHeHBJKbcePzasv8qjAujjkw
mX2EoXDF8CgG03wmCwpXla2RreayZyHO5vCU+PCIdhKr+5zepp0V4tnq+Dq00AtU
qIOaVpcw5fR5/r16LIjqvaFPc1CjqJACQDsP/LrYeamS51P29Q299JR9QQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org