Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/pmS0lfpVt0vZ14qRyYcQ6p9pgxY.roa
File: pmS0lfpVt0vZ14qRyYcQ6p9pgxY.roa (raw, json)
Hash identifier: VBCGQZyCVpbY1iRzBPDKkB2on3pSjZdzZzQbzWisrxA=
Subject key identifier: A6:64:B4:95:FA:55:B7:4B:D9:D7:8A:91:C9:87:10:EA:9F:69:83:16
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 0DA7
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/pmS0lfpVt0vZ14qRyYcQ6p9pgxY.roa
Signing time: Tue 29 Sep 2020 09:54:48 +0000
ROA not before: Tue 29 Sep 2020 09:54:48 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38841
IP address blocks: 106.1.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3495 (0xda7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Sep 29 09:54:48 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A664B495FA55B74BD9D78A91C98710EA9F698316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b8:00:ec:2d:74:08:79:85:60:9c:bb:2c:42:
43:86:f0:35:9c:64:8e:ac:b7:f9:3a:81:ff:45:b1:
95:cf:ea:05:19:21:0c:87:46:e8:87:5c:f9:3e:f6:
73:17:e4:ea:0c:af:7b:e1:03:b8:6a:c9:e8:04:c2:
88:2d:c6:e1:61:92:fb:0d:e0:1b:08:cc:5a:50:5a:
96:16:76:42:be:25:41:85:33:be:ba:75:0a:93:ea:
eb:1d:8d:2e:ad:c3:d2:3e:ee:af:a1:a1:20:8b:81:
3a:17:dc:68:9f:c8:91:ac:c9:d9:15:e7:c3:66:8f:
40:58:d2:23:f8:b1:66:1f:13:98:fc:72:59:dc:0c:
b1:ce:b8:eb:57:b5:70:26:c2:ff:74:60:7a:e5:68:
7b:fc:b7:c5:69:e0:7b:65:1b:a4:83:1e:d5:74:10:
c4:35:f8:5d:ca:b6:c7:56:7d:98:da:26:02:72:b8:
c8:fe:9f:03:f7:27:39:89:9d:ce:62:94:e8:35:8a:
80:a6:ca:43:ce:8e:c7:92:de:52:04:f5:06:23:04:
52:a1:0e:09:85:a5:14:15:77:48:f7:89:68:a0:d4:
57:75:95:43:3b:5d:f4:f4:64:9d:e8:ed:2b:54:00:
30:05:64:f3:c8:7b:bb:b7:d2:d8:4c:ab:fc:38:3b:
a5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:64:B4:95:FA:55:B7:4B:D9:D7:8A:91:C9:87:10:EA:9F:69:83:16
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/pmS0lfpVt0vZ14qRyYcQ6p9pgxY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.1.128.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:2d:cd:bb:ba:1f:62:73:bd:7c:9a:05:d8:9d:55:c7:aa:79:
a4:d6:cc:67:a0:a6:28:5a:cf:33:ee:bc:99:3b:81:62:37:24:
23:a2:14:ff:12:3d:12:cf:c2:af:c4:33:fe:8a:14:90:63:77:
1d:e9:5e:96:e3:90:bc:ee:98:c0:1b:c3:a3:ae:58:1f:6f:3c:
f9:d4:bd:23:5d:9a:08:3c:e0:f6:41:a8:70:46:95:c2:76:18:
0e:85:84:d5:fd:d1:42:02:d7:9a:aa:4d:5d:d9:fc:1d:7e:b2:
21:88:d6:4d:29:b1:55:df:a6:17:75:20:1c:44:77:8b:35:96:
67:6d:37:8c:56:f4:98:c7:3a:bf:63:82:86:d5:df:7d:c1:44:
9c:2a:e3:44:07:31:a8:f2:31:ff:00:61:00:71:c1:9f:85:f5:
20:e3:f4:a8:a4:6a:03:78:3b:b2:09:e1:29:24:0e:f3:14:4a:
79:de:f2:d1:69:68:a6:70:ca:ce:22:35:08:6f:2d:9c:00:fa:
6f:86:96:53:25:14:97:c5:a7:09:ba:0e:71:cb:84:93:a3:8a:
7e:25:5d:e6:dc:1d:98:25:9e:0e:ed:f6:86:07:73:61:32:28:
20:91:56:74:d7:8f:11:be:2f:0a:a4:04:2a:41:9f:f5:f7:c2:
82:82:ae:08
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMDA5Mjkw
OTU0NDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEE2NjRCNDk1RkE1NUI3
NEJEOUQ3OEE5MUM5ODcxMEVBOUY2OTgzMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCouADsLXQIeYVgnLssQkOG8DWcZI6st/k6gf9FsZXP6gUZIQyH
RuiHXPk+9nMX5OoMr3vhA7hqyegEwogtxuFhkvsN4BsIzFpQWpYWdkK+JUGFM766
dQqT6usdjS6tw9I+7q+hoSCLgToX3GifyJGsydkV58Nmj0BY0iP4sWYfE5j8clnc
DLHOuOtXtXAmwv90YHrlaHv8t8Vp4HtlG6SDHtV0EMQ1+F3KtsdWfZjaJgJyuMj+
nwP3JzmJnc5ilOg1ioCmykPOjseS3lIE9QYjBFKhDgmFpRQVd0j3iWig1Fd1lUM7
XfT0ZJ3o7StUADAFZPPIe7u30thMq/w4O6VlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpmS0lfpVt0vZ14qRyYcQ6p9pgxYwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3BtUzBsZnBWdDB2WjE0cVJ5
WWNRNnA5cGd4WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANq
AYAwDQYJKoZIhvcNAQELBQADggEBAKstzbu6H2JzvXyaBdidVceqeaTWzGegpiha
zzPuvJk7gWI3JCOiFP8SPRLPwq/EM/6KFJBjdx3pXpbjkLzumMAbw6OuWB9vPPnU
vSNdmgg84PZBqHBGlcJ2GA6FhNX90UIC15qqTV3Z/B1+siGI1k0psVXfphd1IBxE
d4s1lmdtN4xW9JjHOr9jgobV333BRJwq40QHMajyMf8AYQBxwZ+F9SDj9KikagN4
O7IJ4SkkDvMUSnne8tFpaKZwys4iNQhvLZwA+m+GllMlFJfFpwm6DnHLhJOjin4l
XebcHZglng7t9oYHc2EyKCCRVnTXjxG+LwqkBCpBn/X3woKCrgg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-fra.rpki-client.org