Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/2Oz4BsZ1N-bhCDfiWHx9IpD_xCM.roa
File: 2Oz4BsZ1N-bhCDfiWHx9IpD_xCM.roa (raw, json)
Hash identifier: MgpvWe7eE6n+N+Wg25FqKKMJBmASqyF6K3bWvy3jPAA=
Subject key identifier: D8:EC:F8:06:C6:75:37:E6:E1:08:37:E2:58:7C:7D:22:90:FF:C4:23
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 1FA2
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/2Oz4BsZ1N-bhCDfiWHx9IpD_xCM.roa
Signing time: Thu 15 Sep 2022 02:53:57 +0000
ROA not before: Thu 15 Sep 2022 02:53:57 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 123.192.240.0/21 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8098 (0x1fa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Sep 15 02:53:57 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D8ECF806C67537E6E10837E2587C7D2290FFC423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d7:7d:f1:c2:67:69:d0:db:8a:ed:b4:4e:7b:
e8:06:71:e7:eb:13:60:72:a4:64:7e:ef:85:60:a3:
e5:11:08:78:45:4e:fb:51:e1:c3:bb:d9:8a:21:17:
67:17:36:f5:67:80:e9:ea:53:4d:f9:a8:c6:fe:36:
30:17:45:6c:35:41:de:fc:6c:46:24:5c:19:36:a9:
d4:7f:c6:72:c8:e5:9d:1a:94:ef:8b:a7:2f:3a:4f:
3e:5a:4f:c5:e2:86:ee:3a:bc:25:50:86:a4:b4:8d:
40:19:50:ca:69:87:0f:3e:f0:59:36:6a:46:35:00:
8b:7d:de:97:4d:dc:b8:12:d6:9c:cc:6d:04:08:23:
22:0c:e1:29:bb:65:23:e2:c3:5c:92:7f:78:af:6f:
f9:e9:eb:06:3f:43:eb:9f:7e:f3:f4:bd:07:bc:e0:
0d:27:d4:b0:0a:2b:1d:a7:08:cf:66:c7:0a:c7:d9:
c5:59:15:32:b7:c9:fd:21:46:fe:80:aa:10:ea:6b:
e2:78:ad:3f:e0:8e:dc:4a:f4:cf:3b:ce:88:ac:10:
c8:e8:11:10:3f:db:03:5e:87:b3:ce:02:74:58:85:
ea:58:4d:b6:a4:62:ac:82:74:9a:49:28:52:7f:fe:
fb:a8:e7:19:e1:e2:ac:5a:9d:2d:f3:5c:19:39:cc:
87:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EC:F8:06:C6:75:37:E6:E1:08:37:E2:58:7C:7D:22:90:FF:C4:23
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/2Oz4BsZ1N-bhCDfiWHx9IpD_xCM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.192.240.0/21
Signature Algorithm: sha256WithRSAEncryption
40:6e:f5:51:81:7f:26:2c:c6:e2:98:f8:d8:b7:7b:10:c2:32:
bb:93:68:31:c0:e9:e7:45:8c:42:c0:39:bf:20:8b:2c:11:3a:
97:3c:a7:b4:59:f6:e8:b2:3e:03:a6:9a:dd:fc:e6:13:d9:39:
bb:a2:4b:ca:e3:d7:48:39:68:d7:c0:0f:21:06:ef:d9:fb:cd:
0a:db:2b:6e:2c:98:2e:b2:84:02:e6:92:17:d9:eb:80:b0:08:
b9:03:64:f2:5a:0a:10:23:02:75:be:aa:67:05:6a:9e:aa:23:
a5:55:1c:37:0c:a8:3e:6a:45:74:d4:49:35:4f:92:21:ac:e4:
f0:d5:f2:02:5a:fa:30:01:75:a7:08:f6:01:0a:8b:b7:a3:bc:
35:64:e6:5d:0b:b4:1f:d8:b2:d6:c0:79:18:71:90:d0:66:2f:
ec:b6:83:a5:63:aa:8d:ff:dc:87:b5:94:ae:0e:10:e8:4d:47:
a1:88:5e:02:9f:14:93:10:9b:ae:b8:89:1e:b3:0d:de:54:5f:
67:2a:29:09:4a:97:fb:9b:61:5b:2c:05:f0:3b:cb:48:f5:cc:
05:fc:47:d0:02:77:df:e0:23:97:20:1f:58:89:61:5f:2e:ba:
d6:3c:55:65:c2:a9:62:be:7e:7c:46:1c:7c:14:29:fa:15:68:
05:24:71:2d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjUzNTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ4RUNGODA2QzY3NTM3
RTZFMTA4MzdFMjU4N0M3RDIyOTBGRkM0MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1133xwmdp0NuK7bROe+gGcefrE2BypGR+74Vgo+URCHhFTvtR
4cO72YohF2cXNvVngOnqU035qMb+NjAXRWw1Qd78bEYkXBk2qdR/xnLI5Z0alO+L
py86Tz5aT8Xihu46vCVQhqS0jUAZUMpphw8+8Fk2akY1AIt93pdN3LgS1pzMbQQI
IyIM4Sm7ZSPiw1ySf3ivb/np6wY/Q+uffvP0vQe84A0n1LAKKx2nCM9mxwrH2cVZ
FTK3yf0hRv6AqhDqa+J4rT/gjtxK9M87zoisEMjoERA/2wNeh7POAnRYhepYTbak
YqyCdJpJKFJ//vuo5xnh4qxanS3zXBk5zIcxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2Oz4BsZ1N+bhCDfiWHx9IpD/xCMwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzJPejRCc1oxTi1iaENEZmlX
SHg5SXBEX3hDTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wPAwDQYJKoZIhvcNAQELBQADggEBAEBu9VGBfyYsxuKY+Ni3exDCMruTaDHA6edF
jELAOb8giywROpc8p7RZ9uiyPgOmmt385hPZObuiS8rj10g5aNfADyEG79n7zQrb
K24smC6yhALmkhfZ64CwCLkDZPJaChAjAnW+qmcFap6qI6VVHDcMqD5qRXTUSTVP
kiGs5PDV8gJa+jABdacI9gEKi7ejvDVk5l0LtB/YstbAeRhxkNBmL+y2g6Vjqo3/
3Ie1lK4OEOhNR6GIXgKfFJMQm664iR6zDd5UX2cqKQlKl/ubYVssBfA7y0j1zAX8
R9ACd9/gI5cgH1iJYV8uutY8VWXCqWK+fnxGHHwUKfoVaAUkcS0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-fra.rpki-client.org