Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2QRfg2QzjtQH78vrAug5RoaaZGA.roa
File: 2QRfg2QzjtQH78vrAug5RoaaZGA.roa (raw, json)
Hash identifier: YdRo3Wc3lwfTWdvKDHJbIcQlwSs5sS/ndkhII7lIit8=
Subject key identifier: D9:04:5F:83:64:33:8E:D4:07:EF:CB:EB:02:E8:39:46:86:9A:64:60
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 107C
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2QRfg2QzjtQH78vrAug5RoaaZGA.roa
Signing time: Thu 13 Oct 2022 08:50:23 +0000
ROA not before: Thu 13 Oct 2022 08:50:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 396982
IP address blocks: 101.102.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4220 (0x107c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Oct 13 08:50:23 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D9045F8364338ED407EFCBEB02E83946869A6460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fb:d0:fa:e8:62:2c:e5:56:ac:00:a1:6a:94:
45:72:85:51:43:4f:44:5c:bc:8d:f0:57:49:79:4f:
8f:9a:dc:00:f4:07:d5:d5:c4:0b:d4:e4:18:5f:6d:
c2:08:18:8a:52:0d:a3:ef:5a:25:f3:c8:b7:c8:cf:
6c:d9:63:a5:d6:5c:15:08:30:69:73:8f:f8:10:ac:
b6:fb:f4:e3:d6:64:0d:2b:d6:cc:b5:00:e3:d2:eb:
ef:a8:6b:0b:23:64:88:40:4d:bf:a9:12:eb:e6:38:
fd:7a:31:2c:98:f9:c7:9a:1e:71:08:cf:c5:32:13:
50:f9:e9:67:ba:88:02:83:d4:f9:c1:9d:02:89:23:
77:8a:e6:70:62:3a:1f:0c:12:82:8d:90:1f:22:b4:
68:08:4b:67:5d:b6:29:72:cf:21:8c:5e:84:70:de:
eb:c4:48:50:25:c9:d2:74:ab:be:c7:77:67:75:d9:
b9:eb:39:37:61:ca:99:fa:09:55:2d:aa:e3:a4:57:
b4:64:99:df:1d:e7:9b:2c:4c:92:1f:8c:47:04:f3:
a8:74:f3:80:54:0e:02:06:e3:a8:88:50:c1:7b:e6:
0f:33:fb:5f:05:04:01:73:7f:93:12:88:6f:7f:66:
c6:3d:fe:8b:b6:d8:12:eb:29:1d:14:38:6a:a3:31:
ec:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:04:5F:83:64:33:8E:D4:07:EF:CB:EB:02:E8:39:46:86:9A:64:60
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2QRfg2QzjtQH78vrAug5RoaaZGA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.102.103.0/24
Signature Algorithm: sha256WithRSAEncryption
63:6f:ee:4f:1f:4e:b0:83:b7:f3:9f:45:37:78:14:49:48:bf:
13:95:cd:bf:e1:87:ba:46:18:a2:7e:49:7d:15:d2:29:b1:9d:
11:69:69:d7:1d:63:a8:bd:90:14:27:b3:d0:2a:49:a0:32:df:
3a:b5:81:c7:b2:15:60:57:60:fb:ff:00:fa:50:65:61:43:48:
42:52:a5:c2:62:f8:b3:ca:23:b1:df:08:27:b8:ec:1e:04:7e:
7d:3b:cb:f4:d2:24:9e:76:ae:5b:9c:b2:f7:52:b3:30:c2:30:
a5:0c:54:c4:8c:d1:b7:e1:2c:79:e8:19:47:a8:46:2b:d7:69:
49:80:15:87:00:0c:30:bd:86:d5:22:96:4d:58:34:f5:19:9e:
f4:c9:3f:5b:19:42:a1:d7:35:ef:56:20:98:5b:5c:1d:97:3c:
81:18:bb:ca:03:ea:c1:43:b0:61:13:d6:ff:af:fd:05:6a:af:
90:b5:ad:fe:b2:60:dd:46:64:d3:59:1d:c2:df:11:e3:9a:97:
56:ef:87:f7:34:61:cf:50:eb:fb:0f:4c:6d:a5:cc:e5:dd:5b:
ab:55:91:58:b5:61:0e:fc:f1:7a:15:7b:31:7c:a0:1a:da:49:
3c:d6:b0:fa:70:4b:c6:4f:3a:8b:08:e3:b8:5b:6c:03:88:7a:
79:51:56:71
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEHwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMjEwMTMw
ODUwMjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ5MDQ1RjgzNjQzMzhF
RDQwN0VGQ0JFQjAyRTgzOTQ2ODY5QTY0NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa+9D66GIs5VasAKFqlEVyhVFDT0RcvI3wV0l5T4+a3AD0B9XV
xAvU5BhfbcIIGIpSDaPvWiXzyLfIz2zZY6XWXBUIMGlzj/gQrLb79OPWZA0r1sy1
AOPS6++oawsjZIhATb+pEuvmOP16MSyY+ceaHnEIz8UyE1D56We6iAKD1PnBnQKJ
I3eK5nBiOh8MEoKNkB8itGgIS2ddtilyzyGMXoRw3uvESFAlydJ0q77Hd2d12bnr
OTdhypn6CVUtquOkV7Rkmd8d55ssTJIfjEcE86h084BUDgIG46iIUMF75g8z+18F
BAFzf5MSiG9/ZsY9/ou22BLrKR0UOGqjMeyjAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2QRfg2QzjtQH78vrAug5RoaaZGAwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy8yUVJmZzJRemp0UUg3OHZyQXVn
NVJvYWFaR0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZWZn
MA0GCSqGSIb3DQEBCwUAA4IBAQBjb+5PH06wg7fzn0U3eBRJSL8Tlc2/4Ye6Rhii
fkl9FdIpsZ0RaWnXHWOovZAUJ7PQKkmgMt86tYHHshVgV2D7/wD6UGVhQ0hCUqXC
YvizyiOx3wgnuOweBH59O8v00iSedq5bnLL3UrMwwjClDFTEjNG34Sx56BlHqEYr
12lJgBWHAAwwvYbVIpZNWDT1GZ70yT9bGUKh1zXvViCYW1wdlzyBGLvKA+rBQ7Bh
E9b/r/0Faq+Qta3+smDdRmTTWR3C3xHjmpdW74f3NGHPUOv7D0xtpczl3VurVZFY
tWEO/PF6FXsxfKAa2kk81rD6cEvGTzqLCOO4W2wDiHp5UVZx
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org