Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/0JRcEm3Ka7xgZGSE9L7PpTkz5ww.roa
File: 0JRcEm3Ka7xgZGSE9L7PpTkz5ww.roa (raw, json)
Hash identifier: VlClO9pmu+jS6RvG3G79Ajuz/SJl8iM+meCZbBod4QY=
Subject key identifier: D0:94:5C:12:6D:CA:6B:BC:60:64:64:84:F4:BE:CF:A5:39:33:E7:0C
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0968
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0JRcEm3Ka7xgZGSE9L7PpTkz5ww.roa
Signing time: Wed 29 Sep 2021 02:53:11 +0000
ROA not before: Wed 29 Sep 2021 02:53:11 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131639
IP address blocks: 103.129.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2408 (0x968)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 29 02:53:11 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=D0945C126DCA6BBC60646484F4BECFA53933E70C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:92:43:d4:a5:05:9d:5c:00:15:1c:64:63:2d:
4a:11:96:50:c2:a4:e6:21:bb:e8:01:e7:08:fb:af:
67:5e:62:44:a4:43:ac:d6:4f:9a:b1:d4:41:35:ff:
a7:3c:4c:15:e0:60:a0:8e:03:5f:cf:1e:73:60:90:
d8:66:5b:ee:63:67:1f:bb:2f:72:95:ad:99:15:bb:
eb:bc:42:93:19:27:20:0b:8c:51:b2:87:9d:c9:50:
5f:6c:b8:d3:9a:e6:ec:65:fc:96:1e:0b:a0:33:99:
eb:49:b4:92:e9:8b:44:dd:f4:7f:ff:2c:83:7f:03:
d7:d7:6f:98:86:6e:72:57:9a:7f:99:a3:64:60:31:
0e:cb:d5:05:59:0e:80:07:ac:02:ae:e4:e6:37:58:
4d:3a:40:43:ee:f4:00:eb:f2:4c:52:3f:09:31:84:
c4:43:3c:4c:e2:8c:61:b9:bb:c1:36:b4:2e:e0:7a:
27:be:68:7b:e6:90:46:d6:6f:70:e2:53:9a:83:b7:
cc:0d:13:97:cb:0c:3b:39:18:42:9c:7e:13:bc:6e:
0e:1b:12:cc:19:42:a0:1d:a1:12:a9:4d:e0:12:21:
28:f2:75:c1:1f:0a:c9:44:33:5d:33:b2:37:aa:54:
85:47:1a:58:05:f4:4b:39:ba:82:82:cc:6b:37:10:
f8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:94:5C:12:6D:CA:6B:BC:60:64:64:84:F4:BE:CF:A5:39:33:E7:0C
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0JRcEm3Ka7xgZGSE9L7PpTkz5ww.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.146.0/24
Signature Algorithm: sha256WithRSAEncryption
23:51:07:5f:f5:84:19:a2:0e:1e:ba:41:21:8a:11:ce:8d:59:
cf:4a:b4:1b:90:1b:05:01:6e:44:99:7d:4c:61:71:05:31:80:
98:36:03:99:7b:31:02:f2:bb:d0:9c:8e:e9:5a:65:fd:b8:b3:
6e:8f:0d:51:8e:66:eb:e4:e9:d2:a4:28:1a:2e:b9:53:9a:9a:
33:25:cb:60:a7:af:3b:f0:59:54:15:08:3f:70:69:e5:59:ff:
a4:c9:ab:fd:f2:4e:f8:40:f3:e4:1f:cc:6a:2d:e7:30:a6:0f:
9f:6c:a1:fd:25:bb:9b:b2:eb:42:cc:97:cc:d2:19:92:fe:f7:
f4:89:49:29:f6:86:b6:2b:37:16:9c:72:35:51:9b:1d:42:c9:
b6:81:dc:a3:94:66:c7:65:6c:bb:8f:81:24:ec:65:1a:34:9e:
91:66:ae:98:f3:fe:91:ce:8a:73:14:a2:ad:5b:2b:c1:4e:e4:
12:e5:70:ee:f0:ca:70:1d:e1:cf:90:b9:1e:c3:b5:a7:3e:04:
e6:7a:45:f2:00:8f:92:3b:24:25:32:51:60:56:96:d3:9e:a8:
ac:9e:3a:0e:da:7e:f7:a2:ef:48:81:a1:bc:91:5c:40:9c:61:
bb:94:fb:1d:64:4f:b7:eb:40:54:fe:10:88:af:4f:d0:16:fb:
88:31:49:e4
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMTA5Mjkw
MjUzMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQwOTQ1QzEyNkRDQTZC
QkM2MDY0NjQ4NEY0QkVDRkE1MzkzM0U3MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4kkPUpQWdXAAVHGRjLUoRllDCpOYhu+gB5wj7r2deYkSkQ6zW
T5qx1EE1/6c8TBXgYKCOA1/PHnNgkNhmW+5jZx+7L3KVrZkVu+u8QpMZJyALjFGy
h53JUF9suNOa5uxl/JYeC6AzmetJtJLpi0Td9H//LIN/A9fXb5iGbnJXmn+Zo2Rg
MQ7L1QVZDoAHrAKu5OY3WE06QEPu9ADr8kxSPwkxhMRDPEzijGG5u8E2tC7geie+
aHvmkEbWb3DiU5qDt8wNE5fLDDs5GEKcfhO8bg4bEswZQqAdoRKpTeASISjydcEf
CslEM10zsjeqVIVHGlgF9Es5uoKCzGs3EPhbAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU0JRcEm3Ka7xgZGSE9L7PpTkz5wwwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzBKUmNFbTNLYTd4Z1pHU0U5TDdQcFRr
ejV3dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZIwDQYJ
KoZIhvcNAQELBQADggEBACNRB1/1hBmiDh66QSGKEc6NWc9KtBuQGwUBbkSZfUxh
cQUxgJg2A5l7MQLyu9CcjulaZf24s26PDVGOZuvk6dKkKBouuVOamjMly2Cnrzvw
WVQVCD9waeVZ/6TJq/3yTvhA8+QfzGot5zCmD59sof0lu5uy60LMl8zSGZL+9/SJ
SSn2hrYrNxaccjVRmx1CybaB3KOUZsdlbLuPgSTsZRo0npFmrpjz/pHOinMUoq1b
K8FO5BLlcO7wynAd4c+QuR7Dtac+BOZ6RfIAj5I7JCUyUWBWltOeqKyeOg7afvei
70iBobyRXECcYbuU+x1kT7frQFT+EIivT9AW+4gxSeQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:22 2024 by rpki-client on console-ams.rpki-client.org