Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/M-MC7Fg3MmqVWLEfAcBEhNdAoHU.roa
File: M-MC7Fg3MmqVWLEfAcBEhNdAoHU.roa (raw, json)
Hash identifier: N4GVGBGlyq+SivCBRum98YsNj/qr2GkSt1lp4XpWog4=
Subject key identifier: 33:E3:02:EC:58:37:32:6A:95:58:B1:1F:01:C0:44:84:D7:40:A0:75
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 09B4
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/M-MC7Fg3MmqVWLEfAcBEhNdAoHU.roa
Signing time: Sun 07 Feb 2021 12:38:30 +0000
ROA not before: Sun 07 Feb 2021 12:38:30 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18185
IP address blocks: 120.117.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2484 (0x9b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Feb 7 12:38:30 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=33E302EC5837326A9558B11F01C04484D740A075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:44:64:8d:76:d6:59:64:dd:2d:f1:74:84:6e:
63:90:bc:b2:4c:a6:9a:93:56:49:4a:8f:ac:28:0d:
45:cb:05:cc:eb:0d:51:04:8d:aa:61:c4:3a:d4:8d:
29:b4:aa:0b:eb:2e:47:47:56:55:83:7c:32:04:62:
44:ff:64:e8:7d:ff:2e:98:53:07:79:f3:38:1f:46:
84:27:3b:34:52:ae:79:cc:93:ba:ba:36:84:1f:ac:
d8:f8:45:41:2f:50:02:31:7f:83:66:46:e8:80:4b:
f9:47:8f:e1:8b:4f:93:d9:d5:aa:cf:50:d3:6a:e3:
44:36:23:fe:43:97:9a:9b:b8:c3:b9:2c:db:02:49:
c7:b1:74:ac:a9:06:51:08:6f:87:10:c3:c5:70:99:
72:ed:d5:f0:51:47:9b:45:2d:f8:53:be:68:8e:71:
01:38:aa:13:ed:b3:e9:ee:1c:f0:17:b8:66:83:16:
50:47:3e:d1:3a:26:e4:b4:ba:e9:d4:e8:0b:2c:36:
1b:f5:5b:73:2f:75:b4:14:4d:29:88:a3:45:42:e1:
cd:5e:70:c1:2c:b9:dc:9e:f7:1e:9f:e2:e9:cc:a3:
58:2c:0c:fa:30:3f:e3:f4:f8:c2:76:69:85:b8:31:
9c:40:0a:60:6a:f2:4f:05:2a:79:1f:11:23:9f:a3:
f4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E3:02:EC:58:37:32:6A:95:58:B1:1F:01:C0:44:84:D7:40:A0:75
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/M-MC7Fg3MmqVWLEfAcBEhNdAoHU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
120.117.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0d:02:f0:28:1a:01:3c:1a:88:33:f7:23:2d:90:c8:d5:fa:
cf:a3:49:1f:bf:a5:21:0b:c9:58:ab:71:b4:25:4a:7b:d0:36:
36:2c:63:e7:81:b6:17:51:21:5a:af:70:d9:a1:47:9e:ff:25:
35:fb:e5:d2:d8:39:a5:c6:6f:95:d9:e5:88:ef:8c:3f:36:ef:
55:c9:0f:99:5b:00:97:1e:76:c8:fe:17:a4:b4:1f:25:33:b6:
2c:b6:8f:4f:7c:e2:41:3d:98:6c:7f:ec:5f:7b:3f:6d:2c:b5:
8a:2b:04:60:51:7f:91:df:17:b9:e0:32:82:da:dd:48:25:4e:
85:3c:d3:84:c5:c7:9e:a2:18:5b:e7:ab:b0:45:15:fb:73:ed:
e3:17:99:1d:74:17:c5:1c:fd:c4:c3:01:04:51:55:7f:2c:82:
bd:42:81:26:37:e7:c5:31:dd:a7:39:af:b4:a0:ef:0f:60:24:
41:b8:8a:d6:f5:05:a4:6b:43:08:d7:66:ac:9a:c6:e2:ce:e5:
5a:4e:48:3d:62:df:7b:e1:c8:d4:3e:9c:5b:fb:b6:a7:32:20:
c8:da:d8:47:df:36:c8:a4:0a:9d:6b:98:85:b0:91:76:10:f5:
68:71:c2:6a:5c:26:e0:1b:cd:63:0e:26:1e:23:da:1f:c3:a5:
a2:6e:58:5a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTAyMDcx
MjM4MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDMzRTMwMkVDNTgzNzMy
NkE5NTU4QjExRjAxQzA0NDg0RDc0MEEwNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsRGSNdtZZZN0t8XSEbmOQvLJMppqTVklKj6woDUXLBczrDVEE
japhxDrUjSm0qgvrLkdHVlWDfDIEYkT/ZOh9/y6YUwd58zgfRoQnOzRSrnnMk7q6
NoQfrNj4RUEvUAIxf4NmRuiAS/lHj+GLT5PZ1arPUNNq40Q2I/5Dl5qbuMO5LNsC
ScexdKypBlEIb4cQw8VwmXLt1fBRR5tFLfhTvmiOcQE4qhPts+nuHPAXuGaDFlBH
PtE6JuS0uunU6AssNhv1W3MvdbQUTSmIo0VC4c1ecMEsudye9x6f4unMo1gsDPow
P+P0+MJ2aYW4MZxACmBq8k8FKnkfESOfo/TRAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUM+MC7Fg3MmqVWLEfAcBEhNdAoHUwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9NLU1DN0ZnM01tcVZXTEVmQWNC
RWhOZEFvSFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeHUD
MA0GCSqGSIb3DQEBCwUAA4IBAQBaDQLwKBoBPBqIM/cjLZDI1frPo0kfv6UhC8lY
q3G0JUp70DY2LGPngbYXUSFar3DZoUee/yU1++XS2Dmlxm+V2eWI74w/Nu9VyQ+Z
WwCXHnbI/hektB8lM7Ysto9PfOJBPZhsf+xfez9tLLWKKwRgUX+R3xe54DKC2t1I
JU6FPNOExceeohhb56uwRRX7c+3jF5kddBfFHP3EwwEEUVV/LIK9QoEmN+fFMd2n
Oa+0oO8PYCRBuIrW9QWka0MI12asmsbizuVaTkg9Yt974cjUPpxb+7anMiDI2thH
3zbIpAqda5iFsJF2EPVoccJqXCbgG81jDiYeI9ofw6Wiblha
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org