Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/4Z1NBuf9bS86vaWS0mm2h0QUpAs.roa
File: 4Z1NBuf9bS86vaWS0mm2h0QUpAs.roa (raw, json)
Hash identifier: 9d4U8c+Db7tqf8H5LQlpjl0RdX1cmokT3eO7LGXT5EA=
Subject key identifier: E1:9D:4D:06:E7:FD:6D:2F:3A:BD:A5:92:D2:69:B6:87:44:14:A4:0B
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 1041
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/4Z1NBuf9bS86vaWS0mm2h0QUpAs.roa
Signing time: Thu 01 Sep 2022 07:45:04 +0000
ROA not before: Thu 01 Sep 2022 07:45:04 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 14618
IP address blocks: 103.235.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4161 (0x1041)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Sep 1 07:45:04 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=E19D4D06E7FD6D2F3ABDA592D269B6874414A40B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ef:35:7e:35:fe:85:8b:db:b3:bd:17:a4:66:
b5:72:e3:3c:2f:de:41:56:68:45:9a:fe:ad:e8:aa:
54:09:34:84:83:dc:3a:34:8f:e5:1b:6a:4a:24:37:
a4:08:69:37:76:6e:dc:7c:5f:2c:1f:20:31:3b:64:
b9:70:55:5f:8f:03:62:08:06:2c:58:8f:1e:3b:dc:
64:e5:4f:da:e5:8d:ba:2b:a8:2f:0c:d1:e9:5a:3f:
57:d0:5c:1f:39:09:1a:d4:9a:b1:ea:6c:53:d4:04:
73:53:af:22:26:e7:fa:85:a5:a1:88:3f:b0:82:50:
81:ff:81:27:c0:32:92:b4:48:38:b6:7d:af:b3:df:
f7:de:14:d4:0c:ca:11:fc:91:2c:ca:ab:fb:90:39:
58:67:92:a5:26:0e:b4:33:06:41:a9:33:a4:dc:cd:
65:9f:a5:84:9c:d2:c6:2f:fe:72:7f:d4:20:b8:ec:
d0:88:7b:70:44:8b:cd:1e:cb:56:d0:b0:48:08:29:
94:7b:d8:78:7f:3f:9e:2e:e9:bd:e6:e9:a9:3a:98:
64:14:20:f4:47:65:ac:3f:96:f9:54:8f:89:22:8b:
1e:77:39:fd:bc:7b:38:c7:fc:02:58:9d:b0:50:88:
15:21:d5:75:45:9e:12:a0:28:3f:10:14:cc:02:d1:
aa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9D:4D:06:E7:FD:6D:2F:3A:BD:A5:92:D2:69:B6:87:44:14:A4:0B
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/4Z1NBuf9bS86vaWS0mm2h0QUpAs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.88.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:e7:a9:5c:4b:ea:ab:7d:6c:a4:10:c6:b7:aa:6d:53:fd:a0:
51:76:30:f4:a2:95:56:7c:dd:88:d2:23:f7:8e:7b:31:c8:13:
7a:47:55:30:35:95:78:7d:31:53:46:65:bc:89:eb:fe:ad:2b:
2e:67:8e:2d:be:7a:8b:fa:9a:19:a6:72:f0:b4:bc:9e:a6:08:
8d:c5:1d:ca:5d:b4:6f:02:ea:48:d8:19:b9:5e:31:fb:b7:9e:
fc:9d:9c:9b:d9:56:29:ba:da:a5:98:8c:bd:bc:2e:18:c8:ca:
a0:b4:11:e0:51:43:6b:f8:c9:f1:c6:b5:00:fc:29:64:d0:ee:
19:04:ad:84:3e:4c:5d:90:3e:9b:39:48:b6:90:cd:2c:91:52:
57:bd:2c:a7:a7:fc:a8:86:d3:76:0a:e1:d9:f5:10:f2:14:64:
a4:85:7a:b3:b2:b8:1a:44:b2:c6:0e:70:86:a7:5a:77:62:82:
0f:37:a0:99:ab:a7:14:47:8f:3e:af:d4:5e:63:70:e8:4b:83:
f9:b8:30:0d:ca:f5:fe:90:df:ea:61:b9:c9:b6:81:a8:93:cb:
1f:0e:e6:da:80:bf:0b:c2:b8:df:07:37:d4:8e:ec:2b:2c:5a:
3e:a1:df:d3:89:34:28:ea:3b:6d:e6:f5:97:d1:91:19:4a:9e:
1a:b1:46:55
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMjA5MDEw
NzQ1MDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEUxOUQ0RDA2RTdGRDZE
MkYzQUJEQTU5MkQyNjlCNjg3NDQxNEE0MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv7zV+Nf6Fi9uzvRekZrVy4zwv3kFWaEWa/q3oqlQJNISD3Do0
j+UbakokN6QIaTd2btx8XywfIDE7ZLlwVV+PA2IIBixYjx473GTlT9rljborqC8M
0elaP1fQXB85CRrUmrHqbFPUBHNTryIm5/qFpaGIP7CCUIH/gSfAMpK0SDi2fa+z
3/feFNQMyhH8kSzKq/uQOVhnkqUmDrQzBkGpM6TczWWfpYSc0sYv/nJ/1CC47NCI
e3BEi80ey1bQsEgIKZR72Hh/P54u6b3m6ak6mGQUIPRHZaw/lvlUj4kiix53Of28
ezjH/AJYnbBQiBUh1XVFnhKgKD8QFMwC0ao/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU4Z1NBuf9bS86vaWS0mm2h0QUpAswHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy80WjFOQnVmOWJTODZ2YVdTMG1t
MmgwUVVwQXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tY
MA0GCSqGSIb3DQEBCwUAA4IBAQBf56lcS+qrfWykEMa3qm1T/aBRdjD0opVWfN2I
0iP3jnsxyBN6R1UwNZV4fTFTRmW8iev+rSsuZ44tvnqL+poZpnLwtLyepgiNxR3K
XbRvAupI2Bm5XjH7t578nZyb2VYputqlmIy9vC4YyMqgtBHgUUNr+MnxxrUA/Clk
0O4ZBK2EPkxdkD6bOUi2kM0skVJXvSynp/yohtN2CuHZ9RDyFGSkhXqzsrgaRLLG
DnCGp1p3YoIPN6CZq6cUR48+r9ReY3DoS4P5uDANyvX+kN/qYbnJtoGok8sfDuba
gL8LwrjfBzfUjuwrLFo+od/TiTQo6jtt5vWX0ZEZSp4asUZV
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org