Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUCD/vGqosIjYqFgRBCazwvw_17kL8Ic.roa
File: vGqosIjYqFgRBCazwvw_17kL8Ic.roa (raw, json)
Hash identifier: KrxR1M9ro6zP05SS0jGlFjUaYEp/XliKsvmz/mxjNhs=
Subject key identifier: BC:6A:A8:B0:88:D8:A8:58:11:04:26:B3:C2:FC:3F:D7:B9:0B:F0:87
Certificate issuer: /CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Certificate serial: 05
Authority key identifier: 35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/vGqosIjYqFgRBCazwvw_17kL8Ic.roa
Signing time: Mon 20 Mar 2023 07:12:11 +0000
ROA not before: Mon 20 Mar 2023 07:12:11 +0000
ROA not after: Fri 08 Mar 2024 15:30:10 +0000
asID: 134823
IP address blocks: 103.115.108.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Validity
Not Before: Mar 20 07:12:11 2023 GMT
Not After : Mar 8 15:30:10 2024 GMT
Subject: CN=BC6AA8B088D8A858110426B3C2FC3FD7B90BF087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:66:3b:2c:c3:6e:bf:8d:e7:9b:95:97:24:2d:
c0:5a:db:ad:94:5a:a3:2c:77:02:09:d6:3c:54:c6:
d9:a3:31:2d:37:1a:ab:9f:c8:68:6e:52:a6:b5:fd:
fb:f5:5f:61:6d:c4:95:34:7a:e8:b7:7b:b5:9f:2d:
67:38:05:73:9a:b7:a5:a3:62:ed:ab:50:0f:cc:8d:
66:c7:3e:0e:ab:fb:13:a1:08:8f:8c:62:07:b3:a2:
a8:ac:13:ea:1f:ed:a7:e8:19:9a:13:d8:7c:56:3d:
2d:e2:93:d2:ce:8c:0e:85:53:7f:bc:15:0c:9b:79:
9f:2f:9a:91:8a:c5:12:e5:e9:5e:eb:ff:12:30:27:
34:ed:4f:88:2c:f5:af:32:af:fe:91:43:63:6c:20:
35:57:56:fe:e9:d0:dc:09:af:a3:37:fb:30:9c:42:
67:84:a5:8d:85:f1:c0:2c:8b:bf:de:b6:3c:b4:ac:
f5:1e:60:6e:d9:56:23:01:bb:1c:c7:64:77:ce:71:
de:59:3c:1d:dd:77:78:cc:d9:68:27:67:b9:ba:45:
0c:b9:05:08:f8:73:6d:2e:47:87:8c:9d:04:e4:91:
43:b1:ac:d7:74:52:1d:12:be:6d:5d:62:f4:85:0c:
59:cf:c8:b8:64:dc:8e:d8:d1:81:45:b3:ff:e5:5d:
bf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:6A:A8:B0:88:D8:A8:58:11:04:26:B3:C2:FC:3F:D7:B9:0B:F0:87
X509v3 Authority Key Identifier:
keyid:35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/NdY_KFQm2dVyCdQsRrkSWyOnjsE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/vGqosIjYqFgRBCazwvw_17kL8Ic.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.108.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:72:5a:66:7c:6a:cb:0e:1d:61:40:5d:45:fe:2a:b5:ff:01:
8a:19:f3:72:59:d5:1d:3c:88:4b:77:38:3c:ea:01:c2:61:da:
8a:31:88:2f:57:1e:9f:6f:ac:5a:ba:fa:c6:91:09:41:42:d6:
c7:b7:d8:ac:84:fd:b8:f4:e6:23:42:d9:f0:97:9d:8f:37:f9:
76:f9:e9:38:5a:65:f7:f2:3a:23:e4:9e:b2:a0:52:4d:f8:8f:
7d:81:a3:a2:fa:75:87:34:ac:26:1d:40:4f:a2:ae:79:3b:69:
9b:06:36:59:d6:33:33:9b:d9:ef:3d:9d:54:2e:53:29:87:54:
49:7b:76:80:41:21:97:d4:99:9a:af:e3:73:aa:8c:8a:c3:75:
d9:b6:a6:5f:34:1b:5e:ab:73:90:43:b3:6a:34:31:6a:fc:4f:
48:62:4d:d7:2e:8e:6b:e8:aa:a6:e6:ac:f5:0b:23:1f:75:21:
22:bb:94:16:ce:bf:ef:72:5a:90:b5:6e:a7:7d:1d:bb:44:1d:
05:cf:bf:5a:fb:27:31:f5:98:6e:9f:20:36:c9:f9:4d:61:4c:
0e:6e:7a:82:14:9d:2c:d1:60:ba:df:62:d0:ea:10:2c:6b:6f:
61:cd:77:02:24:6c:e6:47:32:3b:c3:7e:81:b6:d3:22:2c:53:
d9:1f:00:ae
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzNUQ2
M0YyODU0MjZEOUQ1NzIwOUQ0MkM0NkI5MTI1QjIzQTc4RUMxMB4XDTIzMDMyMDA3
MTIxMVoXDTI0MDMwODE1MzAxMFowMzExMC8GA1UEAxMoQkM2QUE4QjA4OEQ4QTg1
ODExMDQyNkIzQzJGQzNGRDdCOTBCRjA4NzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM5mOyzDbr+N55uVlyQtwFrbrZRaoyx3AgnWPFTG2aMxLTcaq5/I
aG5SprX9+/VfYW3ElTR66Ld7tZ8tZzgFc5q3paNi7atQD8yNZsc+Dqv7E6EIj4xi
B7OiqKwT6h/tp+gZmhPYfFY9LeKT0s6MDoVTf7wVDJt5ny+akYrFEuXpXuv/EjAn
NO1PiCz1rzKv/pFDY2wgNVdW/unQ3Amvozf7MJxCZ4SljYXxwCyLv962PLSs9R5g
btlWIwG7HMdkd85x3lk8Hd13eMzZaCdnubpFDLkFCPhzbS5Hh4ydBOSRQ7Gs13RS
HRK+bV1i9IUMWc/IuGTcjtjRgUWz/+Vdv+0CAwEAAaOCAeowggHmMB0GA1UdDgQW
BBS8aqiwiNioWBEEJrPC/D/XuQvwhzAfBgNVHSMEGDAWgBQ11j8oVCbZ1XIJ1CxG
uRJbI6eOwTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UVUNEL05k
WV9LRlFtMmRWeUNkUXNScmtTV3lPbmpzRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TmRZX0tGUW0yZFZ5Q2RRc1Jya1NXeU9uanNFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFVDRC92R3Fvc0lqWXFGZ1JCQ2F6d3Z3XzE3
a0w4SWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ3NsMA0G
CSqGSIb3DQEBCwUAA4IBAQB9clpmfGrLDh1hQF1F/iq1/wGKGfNyWdUdPIhLdzg8
6gHCYdqKMYgvVx6fb6xauvrGkQlBQtbHt9ishP249OYjQtnwl52PN/l2+ek4WmX3
8joj5J6yoFJN+I99gaOi+nWHNKwmHUBPoq55O2mbBjZZ1jMzm9nvPZ1ULlMph1RJ
e3aAQSGX1Jmar+NzqoyKw3XZtqZfNBteq3OQQ7NqNDFq/E9IYk3XLo5r6Kqm5qz1
CyMfdSEiu5QWzr/vclqQtW6nfR27RB0Fz79a+ycx9ZhunyA2yflNYUwObnqCFJ0s
0WC632LQ6hAsa29hzXcCJGzmRzI7w36BttMiLFPZHwCu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-fra.rpki-client.org