Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h-ne9MkTKSwd8dTgmI6lusdcxlM.roa
File: h-ne9MkTKSwd8dTgmI6lusdcxlM.roa (raw, json)
Hash identifier: 7VT/zyWkxRk+kD6zHHGmgZnkWypLiZA35ZMu5QM/cSc=
Subject key identifier: 87:E9:DE:F4:C9:13:29:2C:1D:F1:D4:E0:98:8E:A5:BA:C7:5C:C6:53
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 2184
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h-ne9MkTKSwd8dTgmI6lusdcxlM.roa
Signing time: Fri 25 Nov 2022 04:40:00 +0000
ROA not before: Fri 25 Nov 2022 04:40:00 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 123.193.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8580 (0x2184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Nov 25 04:40:00 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=87E9DEF4C913292C1DF1D4E0988EA5BAC75CC653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fb:01:02:0c:5e:6c:98:6f:5d:f0:26:1e:d1:
66:8a:f5:4a:65:30:ef:07:ec:da:d5:c4:9c:c2:60:
dd:a3:a9:05:2a:18:8a:60:19:d0:e7:7b:3c:d0:de:
98:39:58:a9:2f:fe:72:4d:9c:c5:dc:62:68:cc:38:
8a:0e:03:51:a5:a5:a4:b3:6d:69:9f:48:25:01:7c:
e8:2a:b6:fc:44:89:b9:35:13:bd:f3:f6:f6:d3:4b:
7a:37:e7:8f:9f:4f:5e:7f:6b:02:8c:b3:8e:a1:c8:
b4:83:a1:4f:3c:8c:2d:c6:8c:1d:c0:be:22:c6:e7:
d8:dc:73:96:01:54:b7:9c:19:03:3e:49:01:d8:02:
78:26:9e:29:c8:aa:11:94:b8:77:8d:aa:ff:7e:be:
38:49:b9:45:6b:b3:e8:94:55:5c:dd:74:4e:03:8c:
59:ed:2b:f6:28:1d:e1:2e:4c:76:d0:e3:76:92:cc:
93:08:ac:38:3c:e6:5e:89:53:38:d1:62:3f:a9:18:
d5:6f:36:3b:1b:0d:c4:10:74:69:ee:2c:85:4c:ee:
ff:d2:4f:5b:64:13:e8:9f:d3:70:35:10:df:f3:bd:
b2:3b:e2:f3:1a:7f:72:0b:d0:94:ba:e8:9e:94:ad:
91:d6:a9:9b:61:60:28:ec:8e:5d:b2:c2:8b:ac:39:
03:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E9:DE:F4:C9:13:29:2C:1D:F1:D4:E0:98:8E:A5:BA:C7:5C:C6:53
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h-ne9MkTKSwd8dTgmI6lusdcxlM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.193.152.0/22
Signature Algorithm: sha256WithRSAEncryption
17:c2:70:18:05:f5:30:77:f4:7c:3c:aa:54:c7:ab:a0:bc:5e:
26:14:bb:86:ce:92:99:a4:db:03:88:f8:9b:5b:2c:57:60:58:
2e:0c:c7:d1:2b:0d:79:34:10:b1:0c:c7:f5:1a:da:e7:dc:a7:
19:fd:80:a4:ea:34:18:b5:c7:20:a8:8f:b0:9b:34:64:c4:df:
70:91:2b:36:4b:2f:76:ef:71:50:a1:cc:4a:cb:f5:bf:77:81:
c4:43:44:42:5a:00:98:c8:34:c9:a9:b3:ad:80:cb:36:d1:e2:
0a:6e:f5:82:f4:d8:88:3d:84:d4:d1:5a:33:51:d0:ae:3e:57:
8e:4d:a4:c4:95:bd:d5:16:f8:68:4c:56:8f:cd:93:bb:bc:73:
2d:a3:05:c4:fc:0b:5e:44:bc:db:59:a9:d6:3e:2b:89:c1:36:
86:ad:1b:14:83:fa:82:d8:1a:cb:77:97:29:e0:7e:b1:54:62:
f7:f6:cc:77:10:2d:35:2c:0e:fa:f9:b6:d4:13:9b:00:00:13:
13:1d:96:f2:84:f5:47:d6:7d:40:48:6b:0e:57:74:90:3a:91:
12:2a:bf:0e:7b:d6:22:72:05:a7:55:65:78:98:83:7b:a8:2f:
0b:00:2e:99:1f:70:a0:10:47:7f:9d:7e:18:6f:42:02:d9:d6:
e0:a7:83:9f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQwMDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg3RTlERUY0QzkxMzI5
MkMxREYxRDRFMDk4OEVBNUJBQzc1Q0M2NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD+wECDF5smG9d8CYe0WaK9UplMO8H7NrVxJzCYN2jqQUqGIpg
GdDnezzQ3pg5WKkv/nJNnMXcYmjMOIoOA1GlpaSzbWmfSCUBfOgqtvxEibk1E73z
9vbTS3o354+fT15/awKMs46hyLSDoU88jC3GjB3AviLG59jcc5YBVLecGQM+SQHY
AngmninIqhGUuHeNqv9+vjhJuUVrs+iUVVzddE4DjFntK/YoHeEuTHbQ43aSzJMI
rDg85l6JUzjRYj+pGNVvNjsbDcQQdGnuLIVM7v/ST1tkE+if03A1EN/zvbI74vMa
f3IL0JS66J6UrZHWqZthYCjsjl2ywousOQMlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUh+ne9MkTKSwd8dTgmI6lusdcxlMwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2gtbmU5TWtUS1N3ZDhkVGdt
STZsdXNkY3hsTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7
wZgwDQYJKoZIhvcNAQELBQADggEBABfCcBgF9TB39Hw8qlTHq6C8XiYUu4bOkpmk
2wOI+JtbLFdgWC4Mx9ErDXk0ELEMx/Ua2ufcpxn9gKTqNBi1xyCoj7CbNGTE33CR
KzZLL3bvcVChzErL9b93gcRDREJaAJjINMmps62AyzbR4gpu9YL02Ig9hNTRWjNR
0K4+V45NpMSVvdUW+GhMVo/Nk7u8cy2jBcT8C15EvNtZqdY+K4nBNoatGxSD+oLY
Gst3lyngfrFUYvf2zHcQLTUsDvr5ttQTmwAAExMdlvKE9UfWfUBIaw5XdJA6kRIq
vw571iJyBadVZXiYg3uoLwsALpkfcKAQR3+dfhhvQgLZ1uCng58=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-fra.rpki-client.org