Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/7vDemVBplpURWsbm2aj8iHWQfj4.roa
File: 7vDemVBplpURWsbm2aj8iHWQfj4.roa (raw, json)
Hash identifier: 4MZW6YMUG6yslirAP+4dxGFy7uiUDYH7X/Rn/bWVA5M=
Subject key identifier: EE:F0:DE:99:50:69:96:95:11:5A:C6:E6:D9:A8:FC:88:75:90:7E:3E
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0A94
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/7vDemVBplpURWsbm2aj8iHWQfj4.roa
Signing time: Wed 29 Sep 2021 02:41:23 +0000
ROA not before: Wed 29 Sep 2021 02:41:23 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38845
IP address blocks: 140.136.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2708 (0xa94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 29 02:41:23 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=EEF0DE9950699695115AC6E6D9A8FC8875907E3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:4a:9e:ba:9a:95:84:22:a2:de:b3:42:ad:
21:b6:30:5e:e2:cd:55:75:bd:b6:1a:8b:20:a1:68:
84:65:a9:98:86:12:00:c0:8a:27:1e:77:68:79:68:
2d:d9:f6:11:7f:e1:2c:94:d8:36:98:07:64:41:a8:
1c:59:62:1f:fb:af:73:d5:c8:48:61:5f:58:dd:34:
07:3e:84:b5:ca:c5:fa:65:6b:45:d6:d3:03:5c:1d:
62:96:3c:2f:4c:1e:c1:b0:04:29:f6:0a:1b:5d:e3:
6e:63:54:ab:36:ba:c9:25:cb:ca:96:09:65:41:10:
09:04:f4:c7:1a:2d:4b:42:d1:21:88:ef:27:69:28:
85:33:92:3a:38:e9:69:6b:28:33:2e:a1:62:bf:61:
4c:2c:d2:54:36:4d:79:14:7c:9c:a7:5e:17:4a:20:
45:26:3e:8e:7e:28:87:76:56:e4:53:39:d4:ea:55:
af:76:fc:b7:fa:17:10:6e:5c:d3:9e:50:2d:20:a0:
30:c3:7e:1f:d5:1c:2a:a0:31:c1:d5:4a:2a:6b:59:
af:40:ab:ef:44:68:ee:ad:f8:db:06:8d:59:38:95:
5d:54:30:67:c4:fa:1d:53:22:8d:8a:2c:00:01:43:
7f:3c:4c:29:b1:70:c0:98:49:ea:ef:12:64:42:ff:
bd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F0:DE:99:50:69:96:95:11:5A:C6:E6:D9:A8:FC:88:75:90:7E:3E
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/7vDemVBplpURWsbm2aj8iHWQfj4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.136.160.0/22
Signature Algorithm: sha256WithRSAEncryption
18:4d:a2:2f:9c:ed:44:22:7b:dc:36:47:63:18:a8:80:b0:99:
c5:14:ca:2d:73:b3:94:6e:59:c9:61:91:5c:fe:21:54:ab:d9:
fc:00:1d:6d:fb:e0:ed:dc:cd:1f:d6:8b:cf:d0:d2:7c:8e:c4:
30:45:42:8b:4c:27:97:43:41:cb:b4:b2:59:06:d3:22:4b:eb:
e4:1c:23:27:fa:b3:41:79:6f:19:ce:d4:71:9e:a6:60:c0:91:
44:e8:3b:ea:a5:c8:2e:ee:48:8a:ad:d3:ed:12:2d:b1:81:96:
fd:5e:36:bf:7d:f4:bd:10:c4:a3:fb:87:24:05:d2:80:a2:28:
8a:ac:de:d2:2c:96:f3:15:2d:2d:ea:71:55:6e:8a:12:64:05:
21:dc:bd:37:be:cf:5a:2d:6c:8f:27:17:b3:77:a9:32:ed:d7:
d7:67:78:c6:7b:ee:03:ba:68:5e:61:a5:a4:cb:03:ca:5d:70:
85:f1:d6:85:ae:b6:f4:e3:8a:b9:00:13:32:6d:05:89:92:9b:
5e:02:5e:48:d0:80:05:0f:02:52:b0:bd:80:fb:9e:82:90:72:
ba:1b:51:a8:99:57:b0:62:da:56:be:ee:94:bb:97:3b:60:c9:
ed:5d:a7:8c:37:92:70:af:e2:6b:f7:21:07:87:ec:2f:13:63:
ff:13:fe:2a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCpQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEVFRjBERTk5NTA2OTk2
OTUxMTVBQzZFNkQ5QThGQzg4NzU5MDdFM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJQUqeupqVhCKi3rNCrSG2MF7izVV1vbYaiyChaIRlqZiGEgDA
iiced2h5aC3Z9hF/4SyU2DaYB2RBqBxZYh/7r3PVyEhhX1jdNAc+hLXKxfpla0XW
0wNcHWKWPC9MHsGwBCn2Chtd425jVKs2uskly8qWCWVBEAkE9McaLUtC0SGI7ydp
KIUzkjo46WlrKDMuoWK/YUws0lQ2TXkUfJynXhdKIEUmPo5+KId2VuRTOdTqVa92
/Lf6FxBuXNOeUC0goDDDfh/VHCqgMcHVSiprWa9Aq+9EaO6t+NsGjVk4lV1UMGfE
+h1TIo2KLAABQ388TCmxcMCYServEmRC/73JAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU7vDemVBplpURWsbm2aj8iHWQfj4wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC83dkRlbVZCcGxwVVJXc2JtMmFq
OGlIV1FmajQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjIig
MA0GCSqGSIb3DQEBCwUAA4IBAQAYTaIvnO1EInvcNkdjGKiAsJnFFMotc7OUblnJ
YZFc/iFUq9n8AB1t++Dt3M0f1ovP0NJ8jsQwRUKLTCeXQ0HLtLJZBtMiS+vkHCMn
+rNBeW8ZztRxnqZgwJFE6Dvqpcgu7kiKrdPtEi2xgZb9Xja/ffS9EMSj+4ckBdKA
oiiKrN7SLJbzFS0t6nFVbooSZAUh3L03vs9aLWyPJxezd6ky7dfXZ3jGe+4Dumhe
YaWkywPKXXCF8daFrrb044q5ABMybQWJkpteAl5I0IAFDwJSsL2A+56CkHK6G1Go
mVewYtpWvu6Uu5c7YMntXaeMN5Jwr+Jr9yEHh+wvE2P/E/4q
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org