Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/CZfmFp9TiGz1KjMseRPi7RySDCs.roa
File: CZfmFp9TiGz1KjMseRPi7RySDCs.roa (raw, json)
Hash identifier: TUMIOe/e50CE9vANm8QcJhnwYYDp2RXfMr0tzbjb3jA=
Subject key identifier: 09:97:E6:16:9F:53:88:6C:F5:2A:33:2C:79:13:E2:ED:1C:92:0C:2B
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0B8A
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CZfmFp9TiGz1KjMseRPi7RySDCs.roa
Signing time: Thu 15 Sep 2022 02:41:12 +0000
ROA not before: Thu 15 Sep 2022 02:41:12 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9916
IP address blocks: 140.129.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2954 (0xb8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 15 02:41:12 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0997E6169F53886CF52A332C7913E2ED1C920C2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:30:bc:3d:28:1d:e4:4b:2a:fa:09:e0:57:58:
3e:06:d5:af:d7:f1:34:8d:0f:26:fe:73:d6:62:2c:
05:b5:6e:95:1d:b1:e5:db:3d:b6:48:36:bf:35:71:
3d:3f:46:51:60:2a:37:93:23:7e:76:6d:14:74:17:
32:c4:a0:97:90:f8:4a:24:61:ac:ea:c8:da:c9:79:
0b:2b:dd:26:91:0a:86:26:6c:ac:f8:1b:ca:c1:a5:
b0:d1:62:e3:15:53:ea:85:e9:52:bf:3c:fd:d4:f9:
1b:53:33:60:31:f4:d4:78:5c:44:3f:07:c7:5f:e2:
3b:33:e8:8c:30:b2:5a:33:ad:dc:bd:27:06:93:15:
0f:22:1c:c9:5b:73:cc:f5:e2:c9:17:41:fe:21:bf:
fb:b4:f4:c7:52:c7:80:2a:7e:78:c8:8f:b5:76:80:
df:42:9c:9b:89:1c:61:a4:a5:73:db:80:24:d7:fe:
c3:a5:a2:49:bb:a7:6e:af:cd:30:b3:a4:23:b5:08:
4f:c8:e0:3f:36:b3:e0:3c:45:7c:cd:73:ac:1e:b6:
1d:02:54:b7:b8:7b:96:2d:64:77:3d:1d:df:fd:7d:
d4:14:bc:68:0b:2a:d7:37:45:a7:73:be:0f:84:e0:
c5:48:73:c5:e0:3d:85:1e:69:b2:6d:34:45:bd:7f:
8d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:97:E6:16:9F:53:88:6C:F5:2A:33:2C:79:13:E2:ED:1C:92:0C:2B
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CZfmFp9TiGz1KjMseRPi7RySDCs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.56.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:0e:03:b3:e1:5c:82:11:c1:1e:e2:17:16:a7:74:67:fa:16:
ad:06:f8:e7:9d:1d:d1:4a:7c:8d:9b:f6:80:8c:d5:33:47:26:
7d:07:2b:28:cb:5d:8f:0b:50:9a:af:19:7e:fa:89:83:a5:33:
5d:28:ee:d1:69:3e:36:89:55:92:5c:23:ea:2d:32:8f:4f:58:
cf:38:41:82:b6:c7:ea:96:06:40:2d:2e:79:68:d0:a9:84:45:
56:a8:f3:1a:d4:57:cf:04:c5:01:f0:77:8d:37:6a:69:be:26:
36:a7:7f:0b:46:01:43:9c:94:79:52:2f:79:04:dc:31:d6:aa:
2f:82:28:fa:02:a5:88:67:99:2e:da:2e:f0:0c:ff:9a:10:e1:
cc:92:9f:09:46:08:33:09:f8:e2:81:4f:b2:6d:b7:42:62:bb:
85:b9:7a:c0:7d:e3:06:2c:52:c3:e2:87:06:02:78:e4:1d:b9:
a5:89:0d:38:fe:50:6d:e2:d7:50:28:f9:38:ca:f2:c7:e6:7d:
bf:24:35:e0:0d:2b:4e:87:92:1c:74:84:0d:5f:b6:3f:9f:a8:
57:93:82:dc:6f:86:0d:92:f4:94:1c:4d:86:50:16:d3:10:98:
bd:9c:c7:d8:f8:ee:96:a4:56:7e:b7:05:52:79:f6:ad:af:60:
c5:c0:e6:c3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMjA5MTUw
MjQxMTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA5OTdFNjE2OUY1Mzg4
NkNGNTJBMzMyQzc5MTNFMkVEMUM5MjBDMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWMLw9KB3kSyr6CeBXWD4G1a/X8TSNDyb+c9ZiLAW1bpUdseXb
PbZINr81cT0/RlFgKjeTI352bRR0FzLEoJeQ+EokYazqyNrJeQsr3SaRCoYmbKz4
G8rBpbDRYuMVU+qF6VK/PP3U+RtTM2Ax9NR4XEQ/B8df4jsz6Iwwslozrdy9JwaT
FQ8iHMlbc8z14skXQf4hv/u09MdSx4AqfnjIj7V2gN9CnJuJHGGkpXPbgCTX/sOl
okm7p26vzTCzpCO1CE/I4D82s+A8RXzNc6weth0CVLe4e5YtZHc9Hd/9fdQUvGgL
Ktc3Radzvg+E4MVIc8XgPYUeabJtNEW9f43JAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUCZfmFp9TiGz1KjMseRPi7RySDCswHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9DWmZtRnA5VGlHejFLak1zZVJQ
aTdSeVNEQ3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDjIE4
MA0GCSqGSIb3DQEBCwUAA4IBAQAvDgOz4VyCEcEe4hcWp3Rn+hatBvjnnR3RSnyN
m/aAjNUzRyZ9Bysoy12PC1Carxl++omDpTNdKO7RaT42iVWSXCPqLTKPT1jPOEGC
tsfqlgZALS55aNCphEVWqPMa1FfPBMUB8HeNN2ppviY2p38LRgFDnJR5Ui95BNwx
1qovgij6AqWIZ5ku2i7wDP+aEOHMkp8JRggzCfjigU+ybbdCYruFuXrAfeMGLFLD
4ocGAnjkHbmliQ04/lBt4tdQKPk4yvLH5n2/JDXgDStOh5IcdIQNX7Y/n6hXk4Lc
b4YNkvSUHE2GUBbTEJi9nMfY+O6WpFZ+twVSefatr2DFwObD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org