Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/o6xcY12yppUh1j-ShknNz-czQ2s.roa
File: o6xcY12yppUh1j-ShknNz-czQ2s.roa (raw, json)
Hash identifier: JchnC+IaPIUaL6HYA7bRV7WFhc5n8zUiCAEg6aWWRyg=
Subject key identifier: A3:AC:5C:63:5D:B2:A6:95:21:D6:3F:92:86:49:CD:CF:E7:33:43:6B
Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9
Certificate serial: 098A
Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/o6xcY12yppUh1j-ShknNz-czQ2s.roa
Signing time: Thu 28 Oct 2021 06:22:34 +0000
ROA not before: Thu 28 Oct 2021 06:22:34 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 101.3.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2442 (0x98a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9
Validity
Not Before: Oct 28 06:22:34 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A3AC5C635DB2A69521D63F928649CDCFE733436B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c6:98:a9:ae:a9:35:6d:b8:4f:4f:aa:44:5d:
80:a8:1e:3c:30:0d:74:f3:01:66:5c:f9:b7:b8:0e:
23:0b:46:81:81:0e:ca:72:2d:2f:ac:05:09:ca:70:
1d:23:62:23:c0:b6:19:83:20:c1:a2:e6:a2:4c:a2:
43:bd:c5:29:fb:59:dd:6c:2a:2e:78:4f:13:49:a3:
ae:39:8f:a7:fa:c0:d9:dd:03:51:0c:26:32:1c:1d:
10:80:ab:8c:c4:e4:d6:57:6c:0c:a3:a1:b1:ac:b0:
fb:3b:8e:61:e3:38:d6:57:60:95:fd:8c:ad:c7:f9:
93:15:59:27:62:be:34:1d:03:47:4e:3d:5e:a4:64:
cb:d2:29:24:ea:80:b5:af:71:fc:f9:cd:7d:d6:35:
52:66:e2:ca:d7:97:87:b9:66:dc:c1:26:3f:e2:69:
dc:c0:6c:b6:0f:53:92:77:28:b1:d5:e9:b6:fe:f1:
5d:e1:1f:e0:0e:30:cd:bc:0e:de:d1:96:52:17:87:
f8:0b:35:d2:ae:a1:bc:a1:03:dd:c2:90:5c:4b:bf:
c8:f3:5a:82:48:9d:ee:a5:9a:16:5f:b1:f3:73:54:
2d:1b:90:9a:4c:52:58:3b:e2:43:34:4a:0b:c6:3a:
70:86:fe:b2:3d:c7:25:06:d3:63:f2:38:de:52:fc:
37:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AC:5C:63:5D:B2:A6:95:21:D6:3F:92:86:49:CD:CF:E7:33:43:6B
X509v3 Authority Key Identifier:
keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/o6xcY12yppUh1j-ShknNz-czQ2s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.3.108.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:7a:08:d6:f6:63:53:88:b4:bc:03:34:f5:66:a9:36:37:b8:
9d:09:43:0d:6a:72:f3:97:b1:5b:fe:a1:e6:5c:07:5e:84:ca:
89:32:27:81:42:10:be:5e:fb:87:95:7c:36:25:0b:be:5e:90:
f7:ff:22:6e:1c:4e:0d:81:4b:b6:16:08:fe:b9:eb:ad:6e:63:
a9:50:00:c1:f0:d7:79:95:bd:d9:9d:17:22:fe:25:93:36:c6:
a7:70:84:14:e0:d9:f4:59:69:b9:7e:c9:d1:08:bb:b9:0b:60:
15:24:06:f5:5e:7e:14:36:48:88:83:25:0b:68:5c:3d:f5:20:
fb:eb:f3:94:92:c0:f4:12:93:61:18:f0:cd:7c:d2:57:2d:a9:
c2:15:c4:98:e1:5d:f1:9d:65:76:84:8e:9e:b2:24:49:ac:2d:
9b:66:bd:49:57:4e:bb:ff:5d:66:97:57:be:3c:88:eb:c9:8c:
11:fb:9a:d6:84:81:a4:9c:19:35:f8:6e:6d:66:ab:6a:f6:fc:
7d:f0:ac:ea:19:64:a6:e0:6e:f1:f5:44:cc:5c:5f:07:66:5f:
83:da:26:6a:53:2b:a9:bd:ca:0c:98:96:a9:3c:5d:c8:b3:25:
4c:e5:21:83:bf:cc:b9:c0:f7:0b:78:0f:d4:42:96:bd:ba:13:
43:66:b8:6c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICCYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1
NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yMTEwMjgw
NjIyMzRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEzQUM1QzYzNURCMkE2
OTUyMUQ2M0Y5Mjg2NDlDRENGRTczMzQzNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzxpiprqk1bbhPT6pEXYCoHjwwDXTzAWZc+be4DiMLRoGBDspy
LS+sBQnKcB0jYiPAthmDIMGi5qJMokO9xSn7Wd1sKi54TxNJo645j6f6wNndA1EM
JjIcHRCAq4zE5NZXbAyjobGssPs7jmHjONZXYJX9jK3H+ZMVWSdivjQdA0dOPV6k
ZMvSKSTqgLWvcfz5zX3WNVJm4srXl4e5ZtzBJj/iadzAbLYPU5J3KLHV6bb+8V3h
H+AOMM28Dt7RllIXh/gLNdKuobyhA93CkFxLv8jzWoJIne6lmhZfsfNzVC0bkJpM
Ulg74kM0SgvGOnCG/rI9xyUG02PyON5S/Dc1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUo6xcY12yppUh1j+ShknNz+czQ2swHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N
UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83
NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L282eGNZMTJ5cHBV
aDFqLVNoa25Oei1jelEycy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJlA2wwDQYJKoZIhvcNAQELBQADggEBAMt6CNb2Y1OItLwDNPVmqTY3uJ0J
Qw1qcvOXsVv+oeZcB16EyokyJ4FCEL5e+4eVfDYlC75ekPf/Im4cTg2BS7YWCP65
661uY6lQAMHw13mVvdmdFyL+JZM2xqdwhBTg2fRZabl+ydEIu7kLYBUkBvVefhQ2
SIiDJQtoXD31IPvr85SSwPQSk2EY8M180lctqcIVxJjhXfGdZXaEjp6yJEmsLZtm
vUlXTrv/XWaXV748iOvJjBH7mtaEgaScGTX4bm1mq2r2/H3wrOoZZKbgbvH1RMxc
XwdmX4PaJmpTK6m9ygyYlqk8XcizJUzlIYO/zLnA9wt4D9RClr26E0NmuGw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org