Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/xTyXmmNbYtSk9PqNUSRDsJA8nvc.roa
File: xTyXmmNbYtSk9PqNUSRDsJA8nvc.roa (raw, json)
Hash identifier: dNFG7h+O4gGuxchs7YSmQi4qkCYXgLucDdAnWl7Csic=
Subject key identifier: C5:3C:97:9A:63:5B:62:D4:A4:F4:FA:8D:51:24:43:B0:90:3C:9E:F7
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 1FA2
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/xTyXmmNbYtSk9PqNUSRDsJA8nvc.roa
Signing time: Thu 15 Sep 2022 02:52:25 +0000
ROA not before: Thu 15 Sep 2022 02:52:25 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 118.233.144.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8098 (0x1fa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Sep 15 02:52:25 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=C53C979A635B62D4A4F4FA8D512443B0903C9EF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ac:e0:85:cb:75:eb:fc:89:e4:a6:f3:7e:c1:
2b:65:2b:51:0d:10:e9:48:98:11:af:64:eb:8a:ba:
a3:04:ad:97:76:15:cc:26:2c:f1:d0:85:c2:3d:50:
85:11:65:15:aa:fa:16:96:8d:6b:6c:67:59:ef:06:
d7:2b:3f:fd:3a:e6:01:b3:81:e4:39:6c:69:5f:9c:
94:7b:ce:6a:79:fd:90:52:ec:03:ef:6f:8c:20:e3:
b2:63:31:f6:02:95:75:2a:c7:e8:5e:c7:bd:c1:ef:
f0:c0:94:c5:a0:fd:59:4b:43:84:b0:87:fe:bf:94:
00:60:e8:a5:5c:db:a5:6e:16:cb:3f:17:0f:38:83:
b4:2f:8b:71:fa:b8:3a:65:12:58:b7:5d:08:a4:15:
29:2c:19:5a:d9:31:46:52:e2:20:8f:67:2f:e7:15:
6b:d4:68:a0:99:d8:d4:9c:0c:b2:f0:9c:c6:2c:cb:
81:e1:3c:37:bd:c2:bc:f8:52:89:8b:54:62:70:11:
e1:e7:f0:98:bd:f3:c2:24:f3:4b:ad:74:08:04:6f:
6e:59:53:41:03:06:5a:d3:bf:5b:30:fc:53:f7:d8:
9f:aa:6f:dc:1a:4d:4e:31:4d:77:8c:66:00:07:47:
1b:8e:c0:a8:cc:c9:1f:54:b5:c7:17:40:3a:f4:00:
b0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3C:97:9A:63:5B:62:D4:A4:F4:FA:8D:51:24:43:B0:90:3C:9E:F7
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/xTyXmmNbYtSk9PqNUSRDsJA8nvc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.233.144.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:66:65:a3:70:e8:ea:1f:d7:5e:ac:33:42:11:f0:b1:7c:11:
ec:5d:f9:9f:5d:fc:36:d9:e3:57:9f:7d:43:95:2d:cf:fa:c5:
39:ee:8a:24:89:4e:c9:27:52:81:d3:27:1f:40:ed:c3:d6:19:
d8:0b:e2:0b:00:fe:41:8d:18:ce:6f:50:9c:94:5c:f3:04:29:
ef:7c:3f:5b:4a:35:43:33:0a:22:a0:16:b4:74:67:d5:d5:df:
ef:63:e5:58:e6:4d:c3:ed:5d:bd:88:c8:db:fa:9a:39:68:bb:
b4:27:ce:0c:54:01:7f:fb:d0:af:a5:79:13:04:d2:99:ff:24:
6a:73:73:c8:96:2d:a9:97:9a:24:dc:c6:77:39:03:9a:44:b9:
ee:a7:8d:90:67:f4:75:c5:b4:2a:2a:30:ab:f7:fa:08:f5:45:
e9:f4:7d:95:9a:4a:01:e4:f2:e2:3d:cb:cc:b9:50:d2:1d:34:
09:b9:02:e5:f5:ac:6a:84:5b:fc:88:b3:04:d8:f7:30:7e:53:
95:5d:7a:a3:80:8c:1b:c3:3d:25:78:b5:d5:d2:93:1f:e7:27:
30:84:5f:08:58:9e:78:1a:ad:87:f9:6e:5d:f8:89:7b:f5:d3:
e5:5a:f7:4d:70:8e:f8:08:83:55:ce:21:07:57:74:90:6d:06:
2d:b1:73:ce
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjUyMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM1M0M5NzlBNjM1QjYy
RDRBNEY0RkE4RDUxMjQ0M0IwOTAzQzlFRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8rOCFy3Xr/InkpvN+wStlK1ENEOlImBGvZOuKuqMErZd2Fcwm
LPHQhcI9UIURZRWq+haWjWtsZ1nvBtcrP/065gGzgeQ5bGlfnJR7zmp5/ZBS7APv
b4wg47JjMfYClXUqx+hex73B7/DAlMWg/VlLQ4Swh/6/lABg6KVc26VuFss/Fw84
g7Qvi3H6uDplEli3XQikFSksGVrZMUZS4iCPZy/nFWvUaKCZ2NScDLLwnMYsy4Hh
PDe9wrz4UomLVGJwEeHn8Ji988Ik80utdAgEb25ZU0EDBlrTv1sw/FP32J+qb9wa
TU4xTXeMZgAHRxuOwKjMyR9UtccXQDr0ALBnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxTyXmmNbYtSk9PqNUSRDsJA8nvcwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3hUeVhtbU5iWXRTazlQcU5V
U1JEc0pBOG52Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6ZAwDQYJKoZIhvcNAQELBQADggEBAIpmZaNw6Oof116sM0IR8LF8Eexd+Z9d/DbZ
41effUOVLc/6xTnuiiSJTsknUoHTJx9A7cPWGdgL4gsA/kGNGM5vUJyUXPMEKe98
P1tKNUMzCiKgFrR0Z9XV3+9j5VjmTcPtXb2IyNv6mjlou7QnzgxUAX/70K+leRME
0pn/JGpzc8iWLamXmiTcxnc5A5pEue6njZBn9HXFtCoqMKv3+gj1Ren0fZWaSgHk
8uI9y8y5UNIdNAm5AuX1rGqEW/yIswTY9zB+U5VdeqOAjBvDPSV4tdXSkx/nJzCE
XwhYnngarYf5bl34iXv10+Va901wjvgIg1XOIQdXdJBtBi2xc84=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:00 2024 by rpki-client on console-fra.rpki-client.org