Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/PdNqOFvHQqNq1aIBn198FdR0iAY.roa
File: PdNqOFvHQqNq1aIBn198FdR0iAY.roa (raw, json)
Hash identifier: /Tj2uNlrTQDLRU+MxHXzQFdC5+QPJGKv1Qeu0kC5wNY=
Subject key identifier: 3D:D3:6A:38:5B:C7:42:A3:6A:D5:A2:01:9F:5F:7C:15:D4:74:88:06
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 079A
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/PdNqOFvHQqNq1aIBn198FdR0iAY.roa
Signing time: Tue 29 Sep 2020 10:07:14 +0000
ROA not before: Tue 29 Sep 2020 10:07:14 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 16509
IP address blocks: 103.235.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1946 (0x79a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Sep 29 10:07:14 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3DD36A385BC742A36AD5A2019F5F7C15D4748806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:23:fa:68:ac:45:13:7d:eb:0e:e7:03:0f:17:
1e:80:85:f7:c5:21:a2:97:13:fe:d9:81:f9:da:f4:
00:4b:c1:a9:91:df:c9:9c:d3:4a:c3:e1:2a:8c:c8:
19:5d:5f:ad:85:9d:f0:f6:70:e7:9f:97:92:33:f3:
7f:be:e7:b8:a7:b6:ab:a7:e4:2a:ff:1e:47:c1:2b:
6b:1c:03:9f:b0:7d:8e:b8:a3:8f:78:6e:82:35:19:
1f:05:99:93:09:44:e4:36:75:a2:b6:22:77:62:8b:
a5:c2:51:4b:59:6c:c2:31:ab:fa:01:6d:1a:e8:29:
5d:dd:2b:2a:73:99:84:bd:94:f3:e7:97:25:db:dc:
22:dc:25:67:5d:52:ee:54:d8:3e:65:dd:f0:ad:53:
e1:62:4a:38:8b:6d:06:a8:27:ea:70:64:dc:b8:09:
e8:2b:ef:b0:5b:a9:68:72:16:cd:ad:0f:8d:8d:a4:
2b:e9:86:f4:96:92:38:41:d2:bb:b1:81:e2:6b:dd:
f9:18:d9:ed:75:71:d4:7f:d1:d9:ff:c8:c8:ea:bd:
a4:4c:cb:96:8b:4f:ba:fe:a2:d3:2a:b4:5c:17:9c:
b5:e3:1b:43:c0:7f:25:6e:c0:14:bc:4d:a5:04:fc:
09:46:e6:78:44:8a:b6:6e:c7:3d:8b:c2:6d:d1:0c:
08:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D3:6A:38:5B:C7:42:A3:6A:D5:A2:01:9F:5F:7C:15:D4:74:88:06
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/PdNqOFvHQqNq1aIBn198FdR0iAY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.88.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d4:28:47:cd:ef:40:84:66:13:36:1a:79:f8:23:78:c5:85:
e7:c9:73:8a:54:84:46:8e:19:07:69:9b:d7:42:88:78:c5:69:
90:f1:bd:b9:c3:54:19:3f:65:ce:2c:4b:41:28:d8:aa:0d:38:
a5:f3:28:80:94:fa:70:40:3c:e5:6c:06:9d:57:da:da:4e:25:
2c:a7:7e:a7:28:14:be:e5:fc:4c:3a:ae:aa:e1:65:73:b8:90:
50:b2:e0:76:14:cd:af:7f:dc:b5:8f:d6:a3:36:59:a0:fc:3b:
ea:0f:dd:2a:4b:61:b5:f4:9a:f0:5a:88:18:bf:6c:ff:9f:a1:
c6:7e:77:26:50:97:65:88:27:70:ed:16:11:7b:2f:37:2b:23:
16:fe:6a:30:47:74:90:43:44:e0:74:e8:65:26:81:a6:8e:6a:
54:1e:50:29:dd:6d:da:ea:67:cb:d3:3c:7d:53:3f:62:49:74:
0a:1a:0e:a7:3d:dd:5b:1a:3c:e8:26:4c:8d:12:46:8e:04:b4:
4e:16:e6:41:04:40:f9:54:98:58:61:c8:7b:91:15:32:60:37:
a7:0d:d7:3e:50:91:1f:b0:bf:09:36:ea:d5:84:35:6b:3c:8e:
0c:61:82:c9:ef:67:a3:fb:17:45:c5:ba:e2:28:8e:c4:53:10:
04:6e:9b:56
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDA5Mjkx
MDA3MTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNERDM2QTM4NUJDNzQy
QTM2QUQ1QTIwMTlGNUY3QzE1RDQ3NDg4MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyI/porEUTfesO5wMPFx6AhffFIaKXE/7Zgfna9ABLwamR38mc
00rD4SqMyBldX62FnfD2cOefl5Iz83++57intqun5Cr/HkfBK2scA5+wfY64o494
boI1GR8FmZMJROQ2daK2Indii6XCUUtZbMIxq/oBbRroKV3dKypzmYS9lPPnlyXb
3CLcJWddUu5U2D5l3fCtU+FiSjiLbQaoJ+pwZNy4Cegr77BbqWhyFs2tD42NpCvp
hvSWkjhB0ruxgeJr3fkY2e11cdR/0dn/yMjqvaRMy5aLT7r+otMqtFwXnLXjG0PA
fyVuwBS8TaUE/AlG5nhEirZuxz2Lwm3RDAgPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUPdNqOFvHQqNq1aIBn198FdR0iAYwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9QZE5xT0Z2SFFxTnExYUlCbjE5
OEZkUjBpQVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tY
MA0GCSqGSIb3DQEBCwUAA4IBAQAC1ChHze9AhGYTNhp5+CN4xYXnyXOKVIRGjhkH
aZvXQoh4xWmQ8b25w1QZP2XOLEtBKNiqDTil8yiAlPpwQDzlbAadV9raTiUsp36n
KBS+5fxMOq6q4WVzuJBQsuB2FM2vf9y1j9ajNlmg/DvqD90qS2G19JrwWogYv2z/
n6HGfncmUJdliCdw7RYRey83KyMW/mowR3SQQ0TgdOhlJoGmjmpUHlAp3W3a6mfL
0zx9Uz9iSXQKGg6nPd1bGjzoJkyNEkaOBLROFuZBBED5VJhYYch7kRUyYDenDdc+
UJEfsL8JNurVhDVrPI4MYYLJ72ej+xdFxbriKI7EUxAEbptW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org