Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/S8WSlSFf9jKzQ5OhGZ72FhEfiso.roa
File: S8WSlSFf9jKzQ5OhGZ72FhEfiso.roa (raw, json)
Hash identifier: jQfq5eb2nRZ8gJgE8x65+VUMUMkbiCK9FqasGpcNBYg=
Subject key identifier: 4B:C5:92:95:21:5F:F6:32:B3:43:93:A1:19:9E:F6:16:11:1F:8A:CA
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0A9D
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/S8WSlSFf9jKzQ5OhGZ72FhEfiso.roa
Signing time: Wed 29 Sep 2021 02:41:27 +0000
ROA not before: Wed 29 Sep 2021 02:41:27 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24167
IP address blocks: 140.109.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2717 (0xa9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 29 02:41:27 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4BC59295215FF632B34393A1199EF616111F8ACA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:bc:3d:7e:21:00:99:39:78:62:a7:44:c6:
75:42:1c:e5:6f:02:53:f3:f8:34:c5:a2:72:b9:09:
81:d1:0e:b2:14:2a:dc:d1:6a:8d:8a:eb:22:7f:47:
27:77:c4:cf:09:55:5e:7f:50:4c:0c:81:5d:a7:44:
36:75:e4:1e:7f:a8:d4:e3:7b:15:77:b4:b8:a5:28:
af:d3:0f:56:9e:29:38:ab:05:2e:7f:03:97:e3:e6:
27:d6:c7:00:25:9c:f4:de:49:99:d3:30:99:3d:82:
fe:67:5b:f3:59:34:6c:53:4c:29:e3:a9:dd:12:f7:
68:56:60:74:57:aa:ce:d7:19:06:93:1c:65:a3:43:
93:88:30:f0:59:06:e9:ab:68:d6:d0:7c:c8:44:40:
99:c8:b3:0a:66:15:d8:09:dc:63:68:d5:de:29:a6:
e5:c7:5b:fa:17:f5:16:08:db:b8:13:f8:79:34:a1:
1b:c2:1c:58:ae:45:4b:e4:32:a7:96:dd:79:ff:2b:
e2:c6:7a:41:f5:ed:a9:10:fa:4e:b5:a1:ef:61:34:
3c:51:8e:a2:77:b8:61:c5:2b:f5:82:5f:d4:64:76:
95:eb:1f:a0:5b:9d:0c:8e:06:01:16:20:de:54:81:
ac:f3:7a:09:73:f8:a2:32:af:34:10:5e:17:21:61:
71:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C5:92:95:21:5F:F6:32:B3:43:93:A1:19:9E:F6:16:11:1F:8A:CA
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/S8WSlSFf9jKzQ5OhGZ72FhEfiso.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.109.98.0/24
Signature Algorithm: sha256WithRSAEncryption
84:0d:83:7c:78:fb:cc:9a:0c:d8:03:4c:53:c1:22:24:ab:e8:
5f:49:9f:e4:e6:da:d9:a1:2c:be:cb:b0:2e:ac:9f:03:7d:b4:
78:92:5b:be:0e:e2:83:b2:6b:ce:33:82:26:04:1b:42:d8:79:
b9:1b:c8:27:e4:6e:91:99:5d:fc:61:a0:c4:c7:6f:5c:84:e1:
57:b4:1f:f8:10:bf:e4:1b:4e:3e:2a:6a:31:4b:a1:90:9b:00:
67:99:01:28:ef:89:7e:45:65:db:6a:30:0a:02:97:3f:ff:29:
32:e8:c0:44:6c:e8:e6:b7:76:d8:ee:46:d9:15:63:2d:23:97:
86:01:b2:7a:ab:33:9b:fa:7f:6b:40:40:f5:af:9a:50:16:1b:
4d:63:05:df:d8:8d:de:2a:02:d6:80:ee:02:7c:20:5e:b0:ca:
2c:50:e6:2d:4b:ec:f7:b2:8c:65:8e:99:28:f2:e8:33:fa:00:
38:fb:11:b6:a8:64:0d:26:a7:e1:3f:43:33:7f:79:4a:12:8c:
14:a0:af:bc:e7:ee:e8:dc:20:0b:52:e0:f2:0d:93:11:a1:1d:
70:9d:0e:a8:2b:87:a8:58:55:8b:21:33:e2:99:74:a2:50:29:
a4:9e:ec:67:64:85:b6:8a:b2:2b:06:ff:3c:fd:1d:2f:55:e1:
aa:f9:75:b0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCp0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDRCQzU5Mjk1MjE1RkY2
MzJCMzQzOTNBMTE5OUVGNjE2MTExRjhBQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRhbw9fiEAmTl4YqdExnVCHOVvAlPz+DTFonK5CYHRDrIUKtzR
ao2K6yJ/Ryd3xM8JVV5/UEwMgV2nRDZ15B5/qNTjexV3tLilKK/TD1aeKTirBS5/
A5fj5ifWxwAlnPTeSZnTMJk9gv5nW/NZNGxTTCnjqd0S92hWYHRXqs7XGQaTHGWj
Q5OIMPBZBumraNbQfMhEQJnIswpmFdgJ3GNo1d4ppuXHW/oX9RYI27gT+Hk0oRvC
HFiuRUvkMqeW3Xn/K+LGekH17akQ+k61oe9hNDxRjqJ3uGHFK/WCX9RkdpXrH6Bb
nQyOBgEWIN5Ugazzeglz+KIyrzQQXhchYXGRAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUS8WSlSFf9jKzQ5OhGZ72FhEfisowHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9TOFdTbFNGZjlqS3pRNU9oR1o3
MkZoRWZpc28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjG1i
MA0GCSqGSIb3DQEBCwUAA4IBAQCEDYN8ePvMmgzYA0xTwSIkq+hfSZ/k5trZoSy+
y7AurJ8DfbR4klu+DuKDsmvOM4ImBBtC2Hm5G8gn5G6RmV38YaDEx29chOFXtB/4
EL/kG04+KmoxS6GQmwBnmQEo74l+RWXbajAKApc//yky6MBEbOjmt3bY7kbZFWMt
I5eGAbJ6qzOb+n9rQED1r5pQFhtNYwXf2I3eKgLWgO4CfCBesMosUOYtS+z3soxl
jpko8ugz+gA4+xG2qGQNJqfhP0Mzf3lKEowUoK+85+7o3CALUuDyDZMRoR1wnQ6o
K4eoWFWLITPimXSiUCmknuxnZIW2irIrBv88/R0vVeGq+XWw
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org