Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/qgL_vEkwnc1eXlrROTwQjGshvC4.roa
File: qgL_vEkwnc1eXlrROTwQjGshvC4.roa (raw, json)
Hash identifier: ee/r2fNeyx0zaVoyyVDMM6IlWwcUjEDwhQqtXy3ia7g=
Subject key identifier: AA:02:FF:BC:49:30:9D:CD:5E:5E:5A:D1:39:3C:10:8C:6B:21:BC:2E
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 08B5
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/qgL_vEkwnc1eXlrROTwQjGshvC4.roa
Signing time: Sun 07 Feb 2021 11:54:46 +0000
ROA not before: Sun 07 Feb 2021 11:54:46 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 20473
IP address blocks: 103.129.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2229 (0x8b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Feb 7 11:54:46 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=AA02FFBC49309DCD5E5E5AD1393C108C6B21BC2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:94:35:c2:d1:3f:51:7d:c8:2e:51:56:eb:f9:
df:c7:95:09:ed:b1:f7:b3:c8:31:40:9b:b7:f5:0a:
29:67:e5:5f:b3:64:ad:81:c9:04:ce:80:61:e7:93:
7d:f0:79:5d:80:09:34:9f:d6:14:65:76:e9:54:2b:
a6:e8:90:ed:55:02:cd:66:fd:ed:22:ec:57:e8:e7:
76:da:ec:28:7b:12:aa:ca:b9:8d:67:7b:2e:cd:ea:
c7:bc:6a:23:73:ce:78:cb:d5:a9:a3:11:7b:2b:1c:
c2:86:48:03:fc:40:73:56:25:a4:51:c5:3d:e1:10:
ff:47:72:ce:e9:60:0d:85:78:05:7f:81:af:11:96:
f3:2e:c6:e8:76:66:1c:a2:82:2c:48:bc:4c:08:75:
0f:0e:6b:21:6b:2a:71:cf:b4:76:8f:34:21:a8:04:
3f:1e:68:dc:0e:91:c8:9e:ad:93:45:7f:ab:cb:8c:
97:5a:b7:b5:f2:81:4b:76:0b:4c:d2:60:58:32:e0:
6a:97:cf:6f:ca:be:6e:9c:c2:78:33:48:05:ec:6e:
6c:89:44:db:0a:61:d1:32:49:af:13:c9:88:8a:70:
d3:73:24:77:c3:ab:5b:01:fe:2c:b0:ea:f4:73:f4:
52:7e:b5:1f:5a:99:0f:91:be:1e:4f:b3:09:f0:43:
22:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:02:FF:BC:49:30:9D:CD:5E:5E:5A:D1:39:3C:10:8C:6B:21:BC:2E
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/qgL_vEkwnc1eXlrROTwQjGshvC4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.147.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:50:50:54:41:43:f5:03:b0:06:c1:6c:1d:e2:e0:a7:50:4d:
ab:3c:c0:f4:0d:f4:60:fd:29:8b:02:21:99:5d:e7:39:1f:62:
f4:99:e4:cf:4d:f0:f4:62:83:23:07:ce:55:31:08:98:ec:1a:
f2:86:33:68:14:bb:94:cb:3b:d8:35:8f:eb:a5:b7:df:7a:e2:
7c:8f:7c:e2:0b:ce:b5:e2:9a:6e:9b:f1:bd:66:0f:53:6b:d9:
5e:fa:36:07:43:3f:e1:9d:ab:19:8c:3d:3a:ae:e5:5d:65:70:
41:d0:e1:59:53:dd:86:b0:40:d9:53:af:d5:78:f4:79:46:24:
34:a8:5f:5c:6c:2c:62:fe:9f:aa:f1:4b:af:63:66:ce:e8:2f:
aa:eb:3e:c8:57:47:95:61:79:42:65:bd:7d:7b:c8:b6:5f:f9:
a9:cc:07:39:62:ca:e4:b3:2e:6e:f8:0a:94:aa:61:78:0a:45:
3d:b5:2a:4b:f6:e8:21:8c:68:7c:c8:ae:25:16:de:0d:82:3b:
d3:e8:7f:44:77:bf:cd:31:aa:9f:97:86:7f:cf:26:9a:11:9a:
06:03:cc:3b:91:f1:23:1b:3e:a3:da:f2:45:4f:e5:01:14:82:
f6:3c:ee:40:19:90:16:c9:3c:e3:bc:24:5f:b9:2b:b5:60:07:
b5:62:d2:67
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMTAyMDcx
MTU0NDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFBMDJGRkJDNDkzMDlE
Q0Q1RTVFNUFEMTM5M0MxMDhDNkIyMUJDMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLlDXC0T9RfcguUVbr+d/HlQntsfezyDFAm7f1Ciln5V+zZK2B
yQTOgGHnk33weV2ACTSf1hRldulUK6bokO1VAs1m/e0i7Ffo53ba7Ch7EqrKuY1n
ey7N6se8aiNzznjL1amjEXsrHMKGSAP8QHNWJaRRxT3hEP9Hcs7pYA2FeAV/ga8R
lvMuxuh2ZhyigixIvEwIdQ8OayFrKnHPtHaPNCGoBD8eaNwOkcierZNFf6vLjJda
t7XygUt2C0zSYFgy4GqXz2/Kvm6cwngzSAXsbmyJRNsKYdEySa8TyYiKcNNzJHfD
q1sB/iyw6vRz9FJ+tR9amQ+Rvh5PswnwQyILAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUqgL/vEkwnc1eXlrROTwQjGshvC4wHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL3FnTF92RWt3bmMxZVhsclJPVHdRakdz
aHZDNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZMwDQYJ
KoZIhvcNAQELBQADggEBAG9QUFRBQ/UDsAbBbB3i4KdQTas8wPQN9GD9KYsCIZld
5zkfYvSZ5M9N8PRigyMHzlUxCJjsGvKGM2gUu5TLO9g1j+ult9964nyPfOILzrXi
mm6b8b1mD1Nr2V76NgdDP+GdqxmMPTqu5V1lcEHQ4VlT3YawQNlTr9V49HlGJDSo
X1xsLGL+n6rxS69jZs7oL6rrPshXR5VheUJlvX17yLZf+anMBzliyuSzLm74CpSq
YXgKRT21Kkv26CGMaHzIriUW3g2CO9Pof0R3v80xqp+Xhn/PJpoRmgYDzDuR8SMb
PqPa8kVP5QEUgvY87kAZkBbJPOO8JF+5K7VgB7Vi0mc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:05 2025 by rpki-client