Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/JiJZb8alKmTF7Ikv9vLjhjEv-4w.roa
File: JiJZb8alKmTF7Ikv9vLjhjEv-4w.roa (raw, json)
Hash identifier: iU0Qt7C6iJ5/C/3FMueX5Jnju4sDo1O3QNeeJoBGB8Q=
Subject key identifier: 26:22:59:6F:C6:A5:2A:64:C5:EC:89:2F:F6:F2:E3:86:31:2F:FB:8C
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 08CC
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/JiJZb8alKmTF7Ikv9vLjhjEv-4w.roa
Signing time: Sun 07 Feb 2021 11:49:05 +0000
ROA not before: Sun 07 Feb 2021 11:49:05 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131590
IP address blocks: 103.227.224.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2252 (0x8cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Feb 7 11:49:05 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=2622596FC6A52A64C5EC892FF6F2E386312FFB8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:48:00:35:4c:e7:c9:02:b3:15:6f:e4:d9:1e:
bd:87:74:ec:b9:e3:68:b3:d9:2a:e7:ef:b5:15:63:
e2:ca:1a:29:18:df:80:30:c6:f9:15:51:4d:c1:a3:
6b:e8:57:20:18:42:5a:df:b4:eb:40:54:2d:86:6c:
05:fd:45:1a:40:31:51:ac:fd:87:b6:e2:e2:4e:f0:
dd:a4:58:44:a8:c7:54:0e:6a:b9:2d:a0:3e:f9:9f:
56:e3:13:54:6a:62:4d:3e:03:fd:5c:af:50:d6:84:
69:2d:c2:8d:33:1b:56:b7:7d:ed:e2:af:b7:de:a6:
b9:36:74:0d:21:f3:88:ff:43:38:4e:5b:90:3c:c2:
d2:b2:e6:f2:aa:17:ce:1b:d7:b8:bf:26:2b:72:e9:
05:1f:bc:c8:b5:c4:38:88:fc:b6:f7:8b:4d:ce:10:
bf:69:e5:72:f5:6d:0d:78:05:71:30:c3:47:0a:6b:
69:f4:06:81:d5:7e:35:ad:58:9a:dd:d4:94:96:3b:
15:71:00:79:84:2e:19:d5:17:1c:d9:ce:0d:0e:cf:
2b:55:cf:bc:cb:19:5d:a3:93:3f:99:ec:04:8d:7c:
75:3a:bf:a2:b7:e4:97:30:10:59:cd:c4:7c:6f:9f:
59:09:a5:24:f8:18:98:cc:21:10:47:28:f5:25:89:
e3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:22:59:6F:C6:A5:2A:64:C5:EC:89:2F:F6:F2:E3:86:31:2F:FB:8C
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/JiJZb8alKmTF7Ikv9vLjhjEv-4w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.227.224.0/23
Signature Algorithm: sha256WithRSAEncryption
49:92:d7:d9:3a:81:7c:83:fc:fa:27:2f:b8:c2:2c:f4:af:21:
85:08:df:3a:45:3a:75:72:4a:6f:b8:84:b8:63:28:44:05:44:
79:3d:5f:b8:b5:4e:23:0d:71:b7:d8:9a:21:aa:ac:c0:c5:0a:
7c:06:6a:eb:dd:bc:05:3b:f3:8e:82:1d:d5:d5:e7:4e:3e:27:
44:57:05:ac:bf:3a:b0:c6:fc:7d:ff:56:f9:9d:a5:ea:53:c1:
cb:28:86:9c:f5:47:b3:28:86:95:b8:3a:97:57:25:82:ea:fe:
e6:f2:cc:b5:cb:cd:33:92:a1:88:50:87:ac:77:2c:98:d6:32:
2e:a4:1f:d0:2b:d0:af:fb:e8:29:20:60:9e:42:e6:ff:6d:9f:
4f:83:a5:0a:de:ff:80:40:db:b4:be:43:8d:56:7c:6c:8c:5f:
c8:e6:44:d3:34:d6:0c:7d:46:d0:29:18:28:2e:cc:a4:bf:fb:
8a:c7:4d:ed:e6:80:bd:83:0e:d6:11:46:5c:76:ef:f5:05:16:
1e:0a:2b:e4:4e:e2:80:5f:2b:b5:c8:ae:42:cc:12:a7:85:ed:
52:9c:eb:5c:6b:69:2f:97:9a:6a:79:f9:ca:1a:ca:7c:17:47:
66:0c:82:a0:d5:a0:a7:75:88:72:6a:72:f4:0c:db:ea:65:30:
f4:81:4d:31
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMTAyMDcx
MTQ5MDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI2MjI1OTZGQzZBNTJB
NjRDNUVDODkyRkY2RjJFMzg2MzEyRkZCOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2SAA1TOfJArMVb+TZHr2HdOy542iz2Srn77UVY+LKGikY34Aw
xvkVUU3Bo2voVyAYQlrftOtAVC2GbAX9RRpAMVGs/Ye24uJO8N2kWESox1QOarkt
oD75n1bjE1RqYk0+A/1cr1DWhGktwo0zG1a3fe3ir7feprk2dA0h84j/QzhOW5A8
wtKy5vKqF84b17i/Jity6QUfvMi1xDiI/Lb3i03OEL9p5XL1bQ14BXEww0cKa2n0
BoHVfjWtWJrd1JSWOxVxAHmELhnVFxzZzg0OzytVz7zLGV2jkz+Z7ASNfHU6v6K3
5JcwEFnNxHxvn1kJpST4GJjMIRBHKPUlieMxAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUJiJZb8alKmTF7Ikv9vLjhjEv+4wwHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL0ppSlpiOGFsS21URjdJa3Y5dkxqaGpF
di00dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn4+AwDQYJ
KoZIhvcNAQELBQADggEBAEmS19k6gXyD/PonL7jCLPSvIYUI3zpFOnVySm+4hLhj
KEQFRHk9X7i1TiMNcbfYmiGqrMDFCnwGauvdvAU7846CHdXV504+J0RXBay/OrDG
/H3/VvmdpepTwcsohpz1R7MohpW4OpdXJYLq/ubyzLXLzTOSoYhQh6x3LJjWMi6k
H9Ar0K/76CkgYJ5C5v9tn0+DpQre/4BA27S+Q41WfGyMX8jmRNM01gx9RtApGCgu
zKS/+4rHTe3mgL2DDtYRRlx27/UFFh4KK+RO4oBfK7XIrkLMEqeF7VKc61xraS+X
mmp5+coaynwXR2YMgqDVoKd1iHJqcvQM2+plMPSBTTE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org