Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/_kDd1LQO9aiXGTyjOTFG7FvShO0.roa
File: _kDd1LQO9aiXGTyjOTFG7FvShO0.roa (raw, json)
Hash identifier: XP+1Q+/F3kz+YQmuVJCp6RNO9lfbXWnwJe9YpyK9ois=
Subject key identifier: FE:40:DD:D4:B4:0E:F5:A8:97:19:3C:A3:39:31:46:EC:5B:D2:84:ED
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0973
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/_kDd1LQO9aiXGTyjOTFG7FvShO0.roa
Signing time: Wed 29 Sep 2021 02:38:19 +0000
ROA not before: Wed 29 Sep 2021 02:38:19 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131590
IP address blocks: 103.227.224.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2419 (0x973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Sep 29 02:38:19 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=FE40DDD4B40EF5A897193CA3393146EC5BD284ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a7:1e:ce:d4:87:ce:20:19:51:98:d2:dd:9f:
76:86:43:f8:fb:8a:1f:11:c0:e3:1f:24:80:0b:da:
cd:12:3d:9d:c7:30:07:a3:73:62:86:43:88:57:b3:
b5:6a:3a:6d:33:ae:5b:84:d5:9a:93:75:8e:fa:9c:
e1:6d:f3:85:2f:b9:b3:33:6c:2e:28:89:07:e8:ae:
14:89:eb:4f:18:c1:38:e8:40:ab:87:ef:81:58:50:
79:83:75:a7:a9:53:82:c5:3a:65:9f:77:b8:f1:1d:
ba:02:83:76:a0:6f:8a:7c:31:4b:4e:6e:33:4d:62:
cf:f8:95:99:39:0d:43:9f:bd:b7:3a:ea:ef:4e:fd:
76:af:bf:89:36:df:43:8a:77:57:31:3b:f5:fb:c1:
ac:6a:58:27:80:ce:dc:3f:d3:0e:e8:6d:45:1d:f0:
af:7d:50:6a:a2:43:c0:61:ea:d3:ca:e1:63:08:74:
4b:6f:7f:29:cc:84:33:81:50:1e:66:a1:50:2a:42:
dd:b5:c9:49:7e:77:22:60:cb:aa:99:e0:79:7d:a9:
6c:b8:03:e0:82:e3:5b:0f:e7:c5:73:fe:6f:c0:ab:
9b:41:0a:50:f0:5c:c4:23:6f:4e:6e:d1:a7:55:0f:
c5:3a:5b:24:58:6c:9d:7c:29:fe:09:af:b1:20:27:
2d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:40:DD:D4:B4:0E:F5:A8:97:19:3C:A3:39:31:46:EC:5B:D2:84:ED
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/_kDd1LQO9aiXGTyjOTFG7FvShO0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.227.224.0/23
Signature Algorithm: sha256WithRSAEncryption
56:61:b9:27:8d:ea:82:41:7b:51:ac:05:6f:c9:94:74:6e:95:
4d:50:f9:08:d3:de:10:16:fe:35:50:ae:01:4a:eb:fe:44:7a:
6a:f1:4d:10:6e:51:9d:36:86:76:3e:87:25:94:10:bb:0b:d0:
00:cc:d8:c0:d4:85:bb:ed:3d:3d:23:45:ea:92:61:e3:74:88:
79:75:a8:3a:f4:85:1e:b4:6f:93:b8:21:0e:b4:30:57:36:1c:
a0:8f:e3:6e:39:c2:79:05:8a:9f:28:fb:f8:a1:57:c1:e5:92:
02:0b:12:ba:e6:c9:c4:8a:34:1f:5a:d5:ea:64:94:ff:ed:a2:
08:f0:6a:e2:eb:63:a0:f7:5b:1d:2b:2c:29:fc:48:d0:96:d1:
db:88:02:24:2f:bd:92:0e:e6:0d:a5:98:ef:94:f1:b0:1e:cc:
60:00:f3:19:33:2f:a3:ab:d8:e2:fb:65:e8:27:23:1a:62:b5:
c1:82:51:77:6b:b8:a9:1f:63:89:12:fb:b7:8b:a3:20:18:17:
a0:c0:25:25:44:89:00:26:a4:55:70:74:51:07:88:a0:c1:c3:
72:a4:0f:33:2e:b4:e2:9f:f8:b4:a1:f4:b7:22:a7:4d:2f:e9:
7e:b2:81:84:76:16:d0:1b:40:26:7b:67:82:0f:3b:b8:72:6c:
05:19:5d:eb
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCXMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMTA5Mjkw
MjM4MTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEZFNDBEREQ0QjQwRUY1
QTg5NzE5M0NBMzM5MzE0NkVDNUJEMjg0RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIpx7O1IfOIBlRmNLdn3aGQ/j7ih8RwOMfJIAL2s0SPZ3HMAej
c2KGQ4hXs7VqOm0zrluE1ZqTdY76nOFt84UvubMzbC4oiQforhSJ608YwTjoQKuH
74FYUHmDdaepU4LFOmWfd7jxHboCg3agb4p8MUtObjNNYs/4lZk5DUOfvbc66u9O
/Xavv4k230OKd1cxO/X7waxqWCeAztw/0w7obUUd8K99UGqiQ8Bh6tPK4WMIdEtv
fynMhDOBUB5moVAqQt21yUl+dyJgy6qZ4Hl9qWy4A+CC41sP58Vz/m/Aq5tBClDw
XMQjb05u0adVD8U6WyRYbJ18Kf4Jr7EgJy3HAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU/kDd1LQO9aiXGTyjOTFG7FvShO0wHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL19rRGQxTFFPOWFpWEdUeWpPVEZHN0Z2
U2hPMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn4+AwDQYJ
KoZIhvcNAQELBQADggEBAFZhuSeN6oJBe1GsBW/JlHRulU1Q+QjT3hAW/jVQrgFK
6/5EemrxTRBuUZ02hnY+hyWUELsL0ADM2MDUhbvtPT0jReqSYeN0iHl1qDr0hR60
b5O4IQ60MFc2HKCP4245wnkFip8o+/ihV8HlkgILErrmycSKNB9a1epklP/togjw
auLrY6D3Wx0rLCn8SNCW0duIAiQvvZIO5g2lmO+U8bAezGAA8xkzL6Or2OL7Zegn
IxpitcGCUXdruKkfY4kS+7eLoyAYF6DAJSVEiQAmpFVwdFEHiKDBw3KkDzMutOKf
+LSh9Lcip00v6X6ygYR2FtAbQCZ7Z4IPO7hybAUZXes=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org