Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/LbPmO60v8lDneRyG8KldaOtOLIk.roa
File: LbPmO60v8lDneRyG8KldaOtOLIk.roa (raw, json)
Hash identifier: qFTpM6bByo3oBc3HWP/7rJVAJDUZSUJSpjZCFRHf81M=
Subject key identifier: 2D:B3:E6:3B:AD:2F:F2:50:E7:79:1C:86:F0:A9:5D:68:EB:4E:2C:89
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0776
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LbPmO60v8lDneRyG8KldaOtOLIk.roa
Signing time: Tue 29 Sep 2020 10:00:48 +0000
ROA not before: Tue 29 Sep 2020 10:00:48 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131639
IP address blocks: 103.129.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1910 (0x776)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 29 10:00:48 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=2DB3E63BAD2FF250E7791C86F0A95D68EB4E2C89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fa:5e:27:38:a2:66:dc:a3:d5:24:1f:08:bb:
ce:cf:bd:78:98:e2:4a:e9:da:f9:a2:3d:35:cb:4d:
3f:74:6d:e2:e5:54:84:d1:96:eb:41:01:d0:d5:43:
71:91:1a:f8:15:6f:12:7d:64:c8:3f:5b:75:10:63:
c8:c9:10:36:cb:82:73:bb:2e:bc:68:a3:da:5f:1b:
6c:cf:b9:0b:55:37:3a:77:fc:e3:4d:91:c5:c8:1b:
26:72:ad:1e:8e:36:04:2c:86:f4:c0:a3:e9:f3:fa:
62:fe:5f:b8:02:56:d4:6f:9f:33:7d:f6:9f:a7:58:
d5:a5:ec:34:1c:d3:d1:d3:be:15:50:21:04:e4:2d:
d7:b4:37:43:65:83:c6:6b:a7:e4:13:26:02:1c:a5:
11:65:2c:be:c8:38:ec:c1:a5:eb:e7:21:3f:81:bf:
64:bb:c0:fe:46:61:95:26:2c:39:97:57:98:4f:14:
68:fa:e8:ff:7f:37:07:ed:57:3f:63:9d:ef:ff:d6:
7a:98:a4:d8:0c:5e:6e:54:32:f1:fd:74:38:01:1d:
21:1d:f0:62:e1:9b:53:04:14:b8:97:c7:f1:4a:06:
2a:52:1a:15:93:a1:36:3b:c2:50:91:17:c0:3e:96:
0f:6a:4d:ff:e5:61:02:74:cf:7b:72:7d:4d:a0:e0:
64:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B3:E6:3B:AD:2F:F2:50:E7:79:1C:86:F0:A9:5D:68:EB:4E:2C:89
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LbPmO60v8lDneRyG8KldaOtOLIk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.146.0/24
Signature Algorithm: sha256WithRSAEncryption
08:cb:5f:c4:16:6f:bf:c0:9e:9e:0a:b2:0b:f9:2f:ff:e2:0b:
d6:e5:06:9b:49:df:67:94:2f:1b:04:e8:9c:95:8c:ba:d7:e8:
88:f3:7c:fe:e4:07:c4:eb:57:4e:11:1a:05:f7:f9:6c:5e:63:
4c:40:20:72:83:47:d9:8b:34:42:ca:96:9a:a7:72:1b:c6:c1:
8c:48:86:2c:5c:98:1f:c6:da:0f:66:98:40:5f:8d:45:ec:3b:
0d:88:ab:bf:75:1f:6e:b9:c5:77:81:99:b7:38:24:e5:d5:5f:
91:6b:4d:0d:44:36:d0:04:b6:56:44:58:00:98:77:5d:37:97:
c3:e1:1d:8f:fa:21:fb:f2:2e:0c:95:09:30:ad:87:e7:60:c1:
00:69:7f:71:e7:08:79:0e:a8:97:a1:8f:63:1e:b3:94:da:36:
00:3f:92:62:4d:de:10:41:45:83:38:38:3f:3e:f3:bf:e7:3d:
89:95:93:6a:d2:3f:3a:e4:e2:2b:0e:12:13:53:aa:b2:fd:b2:
53:5c:dc:55:fb:1c:5f:4c:7a:e6:b2:cc:7c:16:80:1b:28:d7:
41:bc:57:bb:93:49:e1:dd:09:e5:df:28:25:39:48:ea:df:a6:
8f:f6:8b:4a:13:54:b8:48:a1:91:8b:8e:d7:dd:b0:7a:09:10:
d9:cb:46:07
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMDA5Mjkx
MDAwNDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJEQjNFNjNCQUQyRkYy
NTBFNzc5MUM4NkYwQTk1RDY4RUI0RTJDODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT+l4nOKJm3KPVJB8Iu87PvXiY4krp2vmiPTXLTT90beLlVITR
lutBAdDVQ3GRGvgVbxJ9ZMg/W3UQY8jJEDbLgnO7Lrxoo9pfG2zPuQtVNzp3/ONN
kcXIGyZyrR6ONgQshvTAo+nz+mL+X7gCVtRvnzN99p+nWNWl7DQc09HTvhVQIQTk
Lde0N0Nlg8Zrp+QTJgIcpRFlLL7IOOzBpevnIT+Bv2S7wP5GYZUmLDmXV5hPFGj6
6P9/NwftVz9jne//1nqYpNgMXm5UMvH9dDgBHSEd8GLhm1MEFLiXx/FKBipSGhWT
oTY7wlCRF8A+lg9qTf/lYQJ0z3tyfU2g4GSBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQULbPmO60v8lDneRyG8KldaOtOLIkwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xiUG1PNjB2OGxEbmVSeUc4S2xkYU90
T0xJay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZIwDQYJ
KoZIhvcNAQELBQADggEBAAjLX8QWb7/Anp4Ksgv5L//iC9blBptJ32eULxsE6JyV
jLrX6IjzfP7kB8TrV04RGgX3+WxeY0xAIHKDR9mLNELKlpqnchvGwYxIhixcmB/G
2g9mmEBfjUXsOw2Iq791H265xXeBmbc4JOXVX5FrTQ1ENtAEtlZEWACYd103l8Ph
HY/6IfvyLgyVCTCth+dgwQBpf3HnCHkOqJehj2Mes5TaNgA/kmJN3hBBRYM4OD8+
87/nPYmVk2rSPzrk4isOEhNTqrL9slNc3FX7HF9MeuayzHwWgBso10G8V7uTSeHd
CeXfKCU5SOrfpo/2i0oTVLhIoZGLjtfdsHoJENnLRgc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org