Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/q8zBCD0BTcQjx4vXM9lr2tq9vuQ.roa
File: q8zBCD0BTcQjx4vXM9lr2tq9vuQ.roa (raw, json)
Hash identifier: sXGVtVls/cfOutMGNSf9FBKQw8JcfF+hIN5GgM7JMpc=
Subject key identifier: AB:CC:C1:08:3D:01:4D:C4:23:C7:8B:D7:33:D9:6B:DA:DA:BD:BE:E4
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 1B0F
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/q8zBCD0BTcQjx4vXM9lr2tq9vuQ.roa
Signing time: Wed 29 Sep 2021 02:46:05 +0000
ROA not before: Wed 29 Sep 2021 02:46:05 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38841
IP address blocks: 123.194.168.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6927 (0x1b0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Sep 29 02:46:05 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=ABCCC1083D014DC423C78BD733D96BDADABDBEE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bc:ed:67:1f:44:4e:18:f6:d4:b2:3e:be:51:
f0:90:95:54:da:93:4e:93:57:ec:6c:35:2c:48:82:
87:6c:fc:da:91:fe:38:d5:60:72:d4:51:0a:62:e5:
cc:58:67:a8:5a:ca:dc:3a:fc:6b:38:8a:cc:53:f5:
fb:49:e2:49:51:65:f0:e9:1b:98:6a:f7:59:87:af:
8b:b0:ab:f5:f9:ce:44:f9:94:ae:05:39:f6:e0:c0:
e0:4f:41:c3:19:9c:b7:41:f8:bc:e3:ff:19:6d:9f:
6b:2a:77:8c:93:9c:ed:00:08:73:57:a6:06:96:95:
76:3d:13:30:90:62:aa:ff:ff:01:5e:a1:6b:bb:6b:
2a:5c:6b:fe:fb:a6:00:5f:c8:f5:b8:87:8e:04:cc:
a5:83:2d:ae:5a:c4:f7:6d:af:b8:ad:21:0b:5c:fc:
28:04:32:ba:bb:e5:cc:af:5b:4c:bc:66:18:56:45:
1e:98:51:77:08:1a:81:1e:19:36:e3:ec:54:e6:77:
e9:03:8f:55:42:fb:aa:28:92:ef:f0:59:4e:2c:71:
b6:49:e8:ac:a6:70:3d:3a:36:f2:08:c0:62:d4:a0:
af:67:e6:7f:8c:0b:29:88:51:ba:e8:4f:c6:e3:6e:
7e:6e:57:6c:e4:b3:3f:fe:84:14:1b:94:0e:64:7c:
7b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:CC:C1:08:3D:01:4D:C4:23:C7:8B:D7:33:D9:6B:DA:DA:BD:BE:E4
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/q8zBCD0BTcQjx4vXM9lr2tq9vuQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.194.168.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:d5:d8:1b:0f:33:2e:66:d2:69:27:d2:37:8d:4d:9e:34:60:
c0:f1:7c:d9:e2:93:c3:e2:fb:0a:37:45:80:28:2e:89:80:c5:
2b:3e:61:aa:e4:c6:2e:a1:ea:18:4b:86:c4:e0:b1:97:d3:12:
c9:1e:61:d8:26:00:94:30:88:98:93:24:ad:ee:eb:7c:d8:87:
68:e8:8f:ce:49:c0:b1:11:05:ce:3c:78:57:7d:a4:16:bd:1c:
57:bc:f4:2d:ec:66:32:ca:cb:61:55:12:d0:cb:a1:d6:0a:65:
bf:b4:f0:4a:5d:8e:b0:34:58:f3:8b:87:7e:f9:89:3d:6d:9c:
8f:d7:8c:a5:93:7d:b4:24:59:2a:23:dd:ea:9f:b1:46:ce:5f:
99:3c:4c:73:a8:f1:14:55:cf:1e:ad:8e:d6:09:28:21:7d:98:
bd:d9:83:b2:af:fc:4e:c6:a2:df:98:da:aa:98:46:18:5e:06:
45:69:c2:ab:15:d1:d2:b0:48:e8:d0:f6:5d:65:72:f6:79:34:
ad:a4:e9:bc:33:dc:75:e5:e8:fb:5c:2e:b1:18:d2:e5:67:ef:
bb:b8:84:3b:28:ce:22:d5:73:0a:c5:5a:0e:e6:06:55:39:93:
33:39:a1:01:02:dc:01:14:55:96:a7:69:01:17:43:05:1c:f6:
c5:94:6f:aa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGw8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ2MDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEFCQ0NDMTA4M0QwMTRE
QzQyM0M3OEJENzMzRDk2QkRBREFCREJFRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7vO1nH0ROGPbUsj6+UfCQlVTak06TV+xsNSxIgods/NqR/jjV
YHLUUQpi5cxYZ6haytw6/Gs4isxT9ftJ4klRZfDpG5hq91mHr4uwq/X5zkT5lK4F
OfbgwOBPQcMZnLdB+Lzj/xltn2sqd4yTnO0ACHNXpgaWlXY9EzCQYqr//wFeoWu7
aypca/77pgBfyPW4h44EzKWDLa5axPdtr7itIQtc/CgEMrq75cyvW0y8ZhhWRR6Y
UXcIGoEeGTbj7FTmd+kDj1VC+6ooku/wWU4scbZJ6KymcD06NvIIwGLUoK9n5n+M
CymIUbroT8bjbn5uV2zksz/+hBQblA5kfHubAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUq8zBCD0BTcQjx4vXM9lr2tq9vuQwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3E4ekJDRDBCVGNRang0dlhN
OWxyMnRxOXZ1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wqgwDQYJKoZIhvcNAQELBQADggEBAKHV2BsPMy5m0mkn0jeNTZ40YMDxfNnik8Pi
+wo3RYAoLomAxSs+Yarkxi6h6hhLhsTgsZfTEskeYdgmAJQwiJiTJK3u63zYh2jo
j85JwLERBc48eFd9pBa9HFe89C3sZjLKy2FVEtDLodYKZb+08EpdjrA0WPOLh375
iT1tnI/XjKWTfbQkWSoj3eqfsUbOX5k8THOo8RRVzx6tjtYJKCF9mL3Zg7Kv/E7G
ot+Y2qqYRhheBkVpwqsV0dKwSOjQ9l1lcvZ5NK2k6bwz3HXl6PtcLrEY0uVn77u4
hDsoziLVcwrFWg7mBlU5kzM5oQEC3AEUVZanaQEXQwUc9sWUb6o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-fra.rpki-client.org