Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/VHP7p9u4z6MyLhGfkK8_5bN_OuU.roa
File: VHP7p9u4z6MyLhGfkK8_5bN_OuU.roa (raw, json)
Hash identifier: hKCFSBPUWNRk3b9eIjdyoHmWNLjIsjraHFpFOeJISuI=
Subject key identifier: 54:73:FB:A7:DB:B8:CF:A3:32:2E:11:9F:90:AF:3F:E5:B3:7F:3A:E5
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 0EDD
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/VHP7p9u4z6MyLhGfkK8_5bN_OuU.roa
Signing time: Wed 29 Sep 2021 02:56:14 +0000
ROA not before: Wed 29 Sep 2021 02:56:14 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 103.235.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3805 (0xedd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Sep 29 02:56:14 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=5473FBA7DBB8CFA3322E119F90AF3FE5B37F3AE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:90:df:6c:be:40:f2:41:d9:80:e4:d6:b4:db:
24:56:33:08:51:13:ad:2e:8c:d9:fa:4f:eb:e7:a8:
72:44:9c:4a:0f:40:0d:a2:7c:f4:2e:95:c4:c6:1f:
e2:0a:8d:0c:04:c7:ca:a4:33:4d:6c:33:62:96:93:
79:db:04:bb:25:01:67:4e:eb:da:1c:f1:74:fa:62:
64:4a:09:06:d3:59:ca:c9:d9:74:1c:6c:a6:8a:8c:
13:c7:84:49:84:3a:b7:b6:ef:1b:0b:11:20:99:6a:
5d:37:ff:ab:39:27:1b:65:2a:df:48:94:a9:27:66:
b0:0e:f9:8d:43:d3:e6:90:85:7f:29:5f:2c:44:47:
ab:24:f6:92:ec:ff:91:eb:55:d0:81:40:f7:d6:a5:
c7:d1:bf:53:91:75:4d:37:c8:c3:57:5f:cb:cc:8e:
e7:a1:1d:2b:e5:15:e5:fd:3a:8e:d0:ac:c3:63:73:
d9:6e:54:42:82:f2:26:7a:63:dc:ef:d2:8f:eb:c5:
86:71:b1:39:8e:ca:df:fb:eb:e1:c4:36:29:8a:af:
41:ee:d0:f9:c0:21:61:77:d3:dc:b4:0f:83:a4:d7:
4f:51:2a:cf:0f:2b:37:4f:1e:8f:ef:84:e8:43:0f:
8c:83:ac:31:f3:25:da:a5:1c:fb:03:c5:ba:1a:ee:
fb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:73:FB:A7:DB:B8:CF:A3:32:2E:11:9F:90:AF:3F:E5:B3:7F:3A:E5
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/VHP7p9u4z6MyLhGfkK8_5bN_OuU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.89.0/24
Signature Algorithm: sha256WithRSAEncryption
28:12:69:35:2f:bd:a3:17:87:cb:d2:f6:92:1c:91:9f:ce:1e:
ef:a8:99:86:43:7d:04:02:f4:ca:27:01:69:d9:b4:e6:81:41:
cb:e7:cc:bd:6b:c8:50:1d:a3:8c:bc:d7:92:d9:2e:8e:85:aa:
6c:17:58:b1:99:c3:75:43:ee:16:50:55:49:0d:96:26:f8:e7:
a8:f7:a6:aa:6a:13:ab:22:55:6d:0f:01:fa:66:e1:bd:2e:bd:
e8:09:8a:3a:98:2a:60:64:68:b6:9d:6e:9c:26:9c:4f:0e:57:
92:74:cc:28:de:23:9b:09:6d:34:af:12:27:56:05:2f:94:89:
8c:44:fd:69:73:05:9a:7c:22:2f:5a:29:58:8b:1b:1a:b7:13:
b9:3b:bd:14:19:68:08:19:5c:7f:43:92:29:d9:71:c2:84:36:
35:73:7a:17:0b:70:cd:26:5d:d2:74:0c:33:9a:b0:20:92:3e:
c4:9d:9f:4e:5f:10:ea:74:dc:41:84:0c:29:63:d6:2b:6c:72:
d9:b5:04:2f:42:08:8a:3b:4c:80:74:47:32:58:8c:52:61:a5:
e1:ae:f7:44:43:fb:06:8b:92:dc:0a:00:e9:96:39:dd:ee:ea:
4e:11:fd:ef:a8:4d:8e:97:72:3d:70:bc:11:b3:ab:8b:f4:c8:
e9:4c:7c:eb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMTA5Mjkw
MjU2MTRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDU0NzNGQkE3REJCOENG
QTMzMjJFMTE5RjkwQUYzRkU1QjM3RjNBRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJkN9svkDyQdmA5Na02yRWMwhRE60ujNn6T+vnqHJEnEoPQA2i
fPQulcTGH+IKjQwEx8qkM01sM2KWk3nbBLslAWdO69oc8XT6YmRKCQbTWcrJ2XQc
bKaKjBPHhEmEOre27xsLESCZal03/6s5JxtlKt9IlKknZrAO+Y1D0+aQhX8pXyxE
R6sk9pLs/5HrVdCBQPfWpcfRv1ORdU03yMNXX8vMjuehHSvlFeX9Oo7QrMNjc9lu
VEKC8iZ6Y9zv0o/rxYZxsTmOyt/76+HENimKr0Hu0PnAIWF309y0D4Ok109RKs8P
KzdPHo/vhOhDD4yDrDHzJdqlHPsDxboa7vuNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUVHP7p9u4z6MyLhGfkK8/5bN/OuUwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9WSFA3cDl1NHo2TXlMaEdma0s4
XzViTl9PdVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tZ
MA0GCSqGSIb3DQEBCwUAA4IBAQAoEmk1L72jF4fL0vaSHJGfzh7vqJmGQ30EAvTK
JwFp2bTmgUHL58y9a8hQHaOMvNeS2S6OhapsF1ixmcN1Q+4WUFVJDZYm+Oeo96aq
ahOrIlVtDwH6ZuG9Lr3oCYo6mCpgZGi2nW6cJpxPDleSdMwo3iObCW00rxInVgUv
lImMRP1pcwWafCIvWilYixsatxO5O70UGWgIGVx/Q5Ip2XHChDY1c3oXC3DNJl3S
dAwzmrAgkj7EnZ9OXxDqdNxBhAwpY9YrbHLZtQQvQgiKO0yAdEcyWIxSYaXhrvdE
Q/sGi5LcCgDpljnd7upOEf3vqE2Ol3I9cLwRs6uL9MjpTHzr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:32 2023 by rpki-client on console-ams.rpki-client.org