Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/9lXw7jZBne6iEnfU2GcFUx4RP0M.roa
File: 9lXw7jZBne6iEnfU2GcFUx4RP0M.roa (raw, json)
Hash identifier: q/i5dHq8NFV1HBHt+NXF5jTWUDs6E6LWRxL/18NumB8=
Subject key identifier: F6:55:F0:EE:36:41:9D:EE:A2:12:77:D4:D8:67:05:53:1E:11:3F:43
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 104C
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/9lXw7jZBne6iEnfU2GcFUx4RP0M.roa
Signing time: Thu 15 Sep 2022 02:37:11 +0000
ROA not before: Thu 15 Sep 2022 02:37:11 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131621
IP address blocks: 101.102.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4172 (0x104c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Sep 15 02:37:11 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=F655F0EE36419DEEA21277D4D86705531E113F43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:43:99:a5:c1:2e:9d:40:fd:cb:48:6e:28:
cb:c4:36:d3:1c:37:27:c4:bd:44:8c:de:1f:ef:7b:
53:24:c9:1c:42:d9:63:6f:f1:49:ce:76:8a:fc:65:
fb:9e:0c:f7:ba:ee:76:6b:79:95:b2:29:93:46:40:
a1:e5:05:72:57:95:22:fd:94:aa:31:a0:69:8c:30:
bb:7d:07:b7:07:99:be:fd:b4:71:04:46:a8:ac:84:
ba:8d:03:08:1c:51:55:26:88:57:ce:d0:29:ba:0b:
56:91:09:4d:cc:68:21:15:0a:25:56:01:ac:66:9e:
45:c7:d0:a3:07:fd:57:b3:aa:f8:cd:5c:5d:fa:d0:
88:9f:7c:b5:c7:e1:ab:f3:e8:b0:dd:36:c0:2b:6d:
77:4f:68:4c:02:b8:da:8d:a0:2d:58:73:d5:97:3a:
49:2c:67:ee:25:9c:57:f5:19:82:f3:14:40:d0:97:
d7:56:72:56:ca:fd:ca:bd:10:b2:dc:9a:de:41:a3:
fd:1f:f1:f0:81:e1:d8:68:8c:9e:85:86:5a:2a:e2:
43:88:48:d5:e1:ed:e7:9c:41:3f:8f:f4:98:ee:ae:
45:6a:40:cc:c9:b6:68:12:af:29:e3:b1:ee:6a:ac:
53:21:71:89:d8:f7:0a:14:1d:32:f6:a9:f0:f4:27:
18:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:55:F0:EE:36:41:9D:EE:A2:12:77:D4:D8:67:05:53:1E:11:3F:43
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/9lXw7jZBne6iEnfU2GcFUx4RP0M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.102.103.0/24
Signature Algorithm: sha256WithRSAEncryption
88:58:f6:11:ff:c0:b8:5d:66:59:3b:9d:c0:2c:cc:1e:c4:b3:
2f:e4:54:b8:a9:1c:65:d5:25:bb:7f:a3:b1:8c:29:f2:08:4c:
31:80:cd:71:81:fa:37:43:15:52:62:35:7a:18:5a:7c:a2:45:
78:91:aa:40:44:dd:02:25:94:0c:5f:1b:b5:1e:1d:03:51:97:
05:ce:e5:d6:29:18:dc:04:1e:d3:35:47:d1:fe:8d:9b:29:7a:
ac:5c:6a:2e:02:5c:00:60:3b:d9:f7:62:38:22:7b:16:a2:65:
3c:6f:d2:0a:d8:07:24:b7:32:d3:bd:e8:30:68:6e:20:11:b5:
e4:0f:39:40:ff:35:b7:d1:9d:7f:05:8e:0c:d9:d3:5b:41:0e:
57:7b:7e:5f:61:77:7c:e0:4b:62:f2:59:68:b6:e7:27:25:58:
44:08:f9:7f:8e:c7:81:09:8a:29:19:98:d5:17:e9:ed:b7:e5:
01:ff:08:24:94:dd:91:68:81:19:49:9a:c6:46:53:d5:d2:d7:
d2:a0:17:9e:83:fb:30:fb:5f:0e:e1:5d:4d:bd:94:70:8e:c0:
be:59:d9:82:e6:6b:40:42:81:71:26:59:9b:e7:45:83:ad:a9:
53:69:85:73:5e:a3:dd:49:77:bf:97:6c:b7:ac:36:99:b4:7a:
9c:e8:fe:8d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMjA5MTUw
MjM3MTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY2NTVGMEVFMzY0MTlE
RUVBMjEyNzdENEQ4NjcwNTUzMUUxMTNGNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmdEOZpcEunUD9y0huKMvENtMcNyfEvUSM3h/ve1MkyRxC2WNv
8UnOdor8ZfueDPe67nZreZWyKZNGQKHlBXJXlSL9lKoxoGmMMLt9B7cHmb79tHEE
RqishLqNAwgcUVUmiFfO0Cm6C1aRCU3MaCEVCiVWAaxmnkXH0KMH/VezqvjNXF36
0IiffLXH4avz6LDdNsArbXdPaEwCuNqNoC1Yc9WXOkksZ+4lnFf1GYLzFEDQl9dW
clbK/cq9ELLcmt5Bo/0f8fCB4dhojJ6Fhloq4kOISNXh7eecQT+P9JjurkVqQMzJ
tmgSrynjse5qrFMhcYnY9woUHTL2qfD0JxgBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU9lXw7jZBne6iEnfU2GcFUx4RP0MwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy85bFh3N2paQm5lNmlFbmZVMkdj
RlV4NFJQME0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZWZn
MA0GCSqGSIb3DQEBCwUAA4IBAQCIWPYR/8C4XWZZO53ALMwexLMv5FS4qRxl1SW7
f6OxjCnyCEwxgM1xgfo3QxVSYjV6GFp8okV4kapARN0CJZQMXxu1Hh0DUZcFzuXW
KRjcBB7TNUfR/o2bKXqsXGouAlwAYDvZ92I4InsWomU8b9IK2AcktzLTvegwaG4g
EbXkDzlA/zW30Z1/BY4M2dNbQQ5Xe35fYXd84Eti8llotucnJVhECPl/jseBCYop
GZjVF+ntt+UB/wgklN2RaIEZSZrGRlPV0tfSoBeeg/sw+18O4V1NvZRwjsC+WdmC
5mtAQoFxJlmb50WDralTaYVzXqPdSXe/l2y3rDaZtHqc6P6N
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org