Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/RoCZjgeRcUn3dIFMFSkLHFNjhlU.roa
File: RoCZjgeRcUn3dIFMFSkLHFNjhlU.roa (raw, json)
Hash identifier: dIlvNAUwDWG/G/aP3woqbv74LFlxRHTW+nPSrwkQ1Ng=
Subject key identifier: 46:80:99:8E:07:91:71:49:F7:74:81:4C:15:29:0B:1C:53:63:86:55
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0A8C
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RoCZjgeRcUn3dIFMFSkLHFNjhlU.roa
Signing time: Wed 29 Sep 2021 02:41:21 +0000
ROA not before: Wed 29 Sep 2021 02:41:21 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 1659
IP address blocks: 192.83.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2700 (0xa8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 29 02:41:21 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4680998E07917149F774814C15290B1C53638655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:91:09:9d:44:f6:af:e8:64:db:24:31:52:4a:
44:3c:91:f9:d3:79:f9:4b:94:d1:4d:65:b9:b3:2d:
40:4a:09:3b:8f:60:3b:ff:dd:3a:9a:d1:58:d1:c5:
24:a5:25:9b:99:94:dd:ea:6b:63:70:86:f0:a0:82:
83:ad:09:85:e2:4f:81:0b:ee:04:39:12:26:87:ee:
a6:b6:e3:e4:10:b4:07:b5:d7:a3:46:a4:0e:4b:3a:
81:77:b9:59:6f:46:29:b7:ba:08:91:b5:1c:cc:61:
f6:40:52:32:eb:7c:86:47:07:7a:96:18:70:b4:fd:
b1:53:f2:53:47:c5:7f:93:22:75:b2:60:cd:3a:f5:
53:94:1a:5e:dd:c7:bd:eb:93:3d:ce:00:5a:dd:70:
59:ed:e6:07:82:ca:a4:76:69:d5:05:2c:d0:f7:e8:
5e:7e:64:8b:26:0d:bb:d6:1b:d6:5b:f1:1c:3e:0f:
6c:d7:3a:77:f2:38:8d:6a:a7:61:11:07:1a:29:14:
e1:62:13:a0:2f:fa:da:a6:10:c7:1e:0c:f7:f1:31:
22:47:87:3d:5a:10:31:4a:63:95:70:db:23:77:39:
e3:0a:46:f9:ea:ce:eb:aa:ac:73:c9:09:4d:f9:71:
23:62:06:bc:a0:30:05:44:bb:79:76:5e:bc:f4:6e:
8a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:80:99:8E:07:91:71:49:F7:74:81:4C:15:29:0B:1C:53:63:86:55
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RoCZjgeRcUn3dIFMFSkLHFNjhlU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.83.166.0/23
Signature Algorithm: sha256WithRSAEncryption
03:a1:0f:6a:cb:84:69:f5:03:b7:36:78:a1:ee:97:80:0a:4e:
5d:fb:f4:a5:02:fe:07:b4:a7:8b:de:f0:21:84:49:31:19:e3:
28:f3:72:f3:60:36:5c:b7:5a:c1:58:30:c4:c3:43:35:81:5b:
a9:52:5a:a6:51:a1:40:4b:ec:f5:e2:b2:9c:3b:23:54:a9:b6:
72:0a:ee:c9:e9:5a:55:d9:0f:37:d1:3b:21:13:5b:7e:9c:66:
64:5a:32:46:e9:86:8e:67:68:8f:4f:71:90:27:19:8b:a2:33:
03:8b:5e:7f:67:ba:22:4f:19:53:b0:33:43:9e:a3:88:91:b5:
03:30:88:75:8f:47:25:13:5e:2b:b7:e2:79:85:17:1c:93:b2:
c9:96:43:1e:5c:81:06:fb:69:16:86:28:79:f1:2b:04:94:58:
75:66:9e:58:75:5c:c5:de:53:e6:3b:18:8b:42:a0:ba:fe:9e:
a2:76:91:d7:aa:98:ad:a8:0f:90:81:eb:e3:da:e1:bf:dd:37:
80:62:ad:34:18:0e:1c:d0:40:7b:87:27:c5:27:c8:69:be:e3:
de:99:06:96:40:cc:a2:fe:96:21:60:0c:97:a9:18:1d:42:29:
dd:09:15:b8:0f:74:1e:11:b5:88:83:f0:36:72:ee:46:5b:1a:
06:2d:05:52
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQ2ODA5OThFMDc5MTcx
NDlGNzc0ODE0QzE1MjkwQjFDNTM2Mzg2NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5kQmdRPav6GTbJDFSSkQ8kfnTeflLlNFNZbmzLUBKCTuPYDv/
3Tqa0VjRxSSlJZuZlN3qa2NwhvCggoOtCYXiT4EL7gQ5EiaH7qa24+QQtAe116NG
pA5LOoF3uVlvRim3ugiRtRzMYfZAUjLrfIZHB3qWGHC0/bFT8lNHxX+TInWyYM06
9VOUGl7dx73rkz3OAFrdcFnt5geCyqR2adUFLND36F5+ZIsmDbvWG9Zb8Rw+D2zX
OnfyOI1qp2ERBxopFOFiE6Av+tqmEMceDPfxMSJHhz1aEDFKY5Vw2yN3OeMKRvnq
zuuqrHPJCU35cSNiBrygMAVEu3l2Xrz0bopLAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQURoCZjgeRcUn3dIFMFSkLHFNjhlUwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9Sb0NaamdlUmNVbjNkSUZNRlNr
TEhGTmpobFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwFOm
MA0GCSqGSIb3DQEBCwUAA4IBAQADoQ9qy4Rp9QO3Nnih7peACk5d+/SlAv4HtKeL
3vAhhEkxGeMo83LzYDZct1rBWDDEw0M1gVupUlqmUaFAS+z14rKcOyNUqbZyCu7J
6VpV2Q830TshE1t+nGZkWjJG6YaOZ2iPT3GQJxmLojMDi15/Z7oiTxlTsDNDnqOI
kbUDMIh1j0clE14rt+J5hRcck7LJlkMeXIEG+2kWhih58SsElFh1Zp5YdVzF3lPm
OxiLQqC6/p6idpHXqpitqA+Qgevj2uG/3TeAYq00GA4c0EB7hyfFJ8hpvuPemQaW
QMyi/pYhYAyXqRgdQindCRW4D3QeEbWIg/A2cu5GWxoGLQVS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org