Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/nkDiG4nbu2EgVp95RaGYBnmScXQ.roa
File: nkDiG4nbu2EgVp95RaGYBnmScXQ.roa (raw, json)
Hash identifier: uJhAWLvBQUqBBloG1gc6TbVtEBXN1xc+SkE+JO8Zji8=
Subject key identifier: 9E:40:E2:1B:89:DB:BB:61:20:56:9F:79:45:A1:98:06:79:92:71:74
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 20F9
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/nkDiG4nbu2EgVp95RaGYBnmScXQ.roa
Signing time: Fri 25 Nov 2022 04:39:22 +0000
ROA not before: Fri 25 Nov 2022 04:39:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 123.193.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8441 (0x20f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Nov 25 04:39:22 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9E40E21B89DBBB6120569F7945A1980679927174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a9:57:76:95:ed:38:de:79:a4:fc:15:46:b3:
28:31:51:dc:f6:85:7f:2f:ea:c5:62:1b:0d:af:a9:
52:d4:72:f2:37:d4:38:27:5a:be:01:41:ba:6e:50:
91:0e:6e:05:c2:ea:86:29:74:c3:61:f1:36:b2:b1:
e2:27:e1:2f:5a:c4:5e:ec:b0:65:6e:aa:45:05:d8:
b3:ae:a0:da:54:86:62:bd:71:65:76:b9:00:7b:33:
03:42:cb:88:34:b0:2d:6d:05:01:64:33:d9:7a:f9:
02:2e:59:51:70:44:6d:88:0e:19:54:49:d2:61:08:
d2:7c:f6:af:d3:71:c3:52:86:8c:d9:ba:15:e3:1d:
4c:2e:2b:fe:15:f1:95:c8:20:19:9b:17:1a:99:be:
01:03:17:13:f7:5a:4b:05:d5:4e:ad:02:16:aa:a7:
d8:ba:27:af:77:e1:58:c4:6c:30:e7:94:f2:e1:18:
bb:44:7c:f3:5e:31:90:ee:dd:9c:47:fe:21:52:bd:
fb:07:ec:52:88:9f:d2:90:98:cc:d6:4e:29:11:7c:
28:ff:c1:08:a4:e0:ee:20:b3:01:3f:2c:04:40:bc:
c2:f3:f6:ac:53:5c:61:52:44:a0:7a:03:b0:21:dd:
3b:fd:5f:81:2a:ad:21:79:23:19:09:3f:f6:41:f0:
ad:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:40:E2:1B:89:DB:BB:61:20:56:9F:79:45:A1:98:06:79:92:71:74
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/nkDiG4nbu2EgVp95RaGYBnmScXQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.193.107.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:5b:a7:7e:f3:15:f9:16:32:9a:1b:99:ad:30:4d:35:a2:2b:
0c:d8:d8:7b:83:58:03:20:05:96:f6:b8:02:3a:80:3e:fa:3c:
be:3a:70:53:fa:58:f1:63:2a:15:52:d3:59:79:f7:8a:15:f4:
a6:9d:71:e4:78:48:99:a0:55:8f:69:25:e9:5c:cc:c2:da:79:
9a:c6:cf:7e:0e:8b:a5:ac:12:20:0a:7a:fa:2a:77:48:68:3e:
31:22:22:d2:75:9a:1e:a7:05:61:0c:aa:5a:a1:51:f8:4c:24:
2b:3a:ca:63:3f:2f:5d:bb:4f:77:63:27:71:88:d4:41:4f:80:
37:74:40:af:93:d8:d2:16:14:8d:9e:c2:c6:0a:08:53:3f:4f:
d9:39:20:45:19:17:1c:60:5d:5c:4a:b2:e4:85:66:57:35:6b:
b3:78:ef:69:60:cc:a6:06:83:fb:52:93:84:6f:c1:78:4d:88:
d0:aa:63:53:7b:d5:16:27:d4:3e:69:73:e1:28:10:a4:92:cb:
13:f1:6a:b6:f2:a4:a9:9b:24:f9:4d:ae:d9:19:ff:63:e7:bd:
1d:79:96:c8:e4:b3:f7:ad:98:2f:62:a3:1b:cc:c7:99:09:2f:
f1:8b:25:1a:3c:26:0c:79:ed:89:7b:c3:29:f1:0f:6a:4f:21:
4a:74:b5:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDM5MjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDlFNDBFMjFCODlEQkJC
NjEyMDU2OUY3OTQ1QTE5ODA2Nzk5MjcxNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqqVd2le043nmk/BVGsygxUdz2hX8v6sViGw2vqVLUcvI31Dgn
Wr4BQbpuUJEObgXC6oYpdMNh8TayseIn4S9axF7ssGVuqkUF2LOuoNpUhmK9cWV2
uQB7MwNCy4g0sC1tBQFkM9l6+QIuWVFwRG2IDhlUSdJhCNJ89q/TccNShozZuhXj
HUwuK/4V8ZXIIBmbFxqZvgEDFxP3WksF1U6tAhaqp9i6J6934VjEbDDnlPLhGLtE
fPNeMZDu3ZxH/iFSvfsH7FKIn9KQmMzWTikRfCj/wQik4O4gswE/LARAvMLz9qxT
XGFSRKB6A7Ah3Tv9X4EqrSF5IxkJP/ZB8K3XAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnkDiG4nbu2EgVp95RaGYBnmScXQwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL25rRGlHNG5idTJFZ1ZwOTVS
YUdZQm5tU2NYUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB7
wWswDQYJKoZIhvcNAQELBQADggEBAB9bp37zFfkWMpobma0wTTWiKwzY2HuDWAMg
BZb2uAI6gD76PL46cFP6WPFjKhVS01l594oV9KadceR4SJmgVY9pJelczMLaeZrG
z34Oi6WsEiAKevoqd0hoPjEiItJ1mh6nBWEMqlqhUfhMJCs6ymM/L127T3djJ3GI
1EFPgDd0QK+T2NIWFI2ewsYKCFM/T9k5IEUZFxxgXVxKsuSFZlc1a7N472lgzKYG
g/tSk4RvwXhNiNCqY1N71RYn1D5pc+EoEKSSyxPxarbypKmbJPlNrtkZ/2PnvR15
lsjks/etmC9ioxvMx5kJL/GLJRo8Jgx57Yl7wynxD2pPIUp0tQk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-fra.rpki-client.org