Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/dHhDnuufkXEtrAqaDWjBdI2btdk.roa
File: dHhDnuufkXEtrAqaDWjBdI2btdk.roa (raw, json)
Hash identifier: IsfmGTF7Kf0VS0+47B/FXrX2ADR25Z6ljFmTk/caUYc=
Subject key identifier: 74:78:43:9E:EB:9F:91:71:2D:AC:0A:9A:0D:68:C1:74:8D:9B:B5:D9
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 0EE4
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/dHhDnuufkXEtrAqaDWjBdI2btdk.roa
Signing time: Wed 29 Sep 2021 02:56:16 +0000
ROA not before: Wed 29 Sep 2021 02:56:16 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17408
IP address blocks: 203.119.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3812 (0xee4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Sep 29 02:56:16 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=7478439EEB9F91712DAC0A9A0D68C1748D9BB5D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:73:a8:15:50:a9:21:20:8f:30:32:52:f3:6a:
d3:89:80:90:91:c8:d0:6b:74:a4:5e:5f:18:cf:3e:
10:70:4f:71:a0:84:d6:1d:1f:2c:fd:66:62:2d:82:
fb:1b:cf:df:84:5c:ed:6c:27:1e:cb:b5:68:65:9b:
6e:00:6a:b2:2c:91:41:5c:a6:92:9a:fd:eb:f1:0c:
aa:4e:01:f2:95:b2:1b:50:7e:42:f2:01:b2:c7:7e:
be:07:7d:d1:a6:ca:f7:6c:bd:9b:95:4d:67:5e:15:
32:7a:11:05:fb:c5:41:cc:3c:93:65:7e:c7:78:0a:
51:98:5e:65:63:9d:25:c8:7c:92:02:ad:26:94:95:
b4:55:e2:63:f3:e4:13:8c:a3:a5:7d:37:bb:7d:28:
a8:01:88:f6:b1:3e:4c:46:1b:aa:aa:da:86:36:4e:
bc:51:92:eb:02:1e:06:7d:6a:d0:46:67:77:5f:6f:
df:5c:6b:15:a5:4a:60:5f:fe:86:02:af:51:97:34:
45:2f:6b:01:f1:7f:b5:af:19:52:da:94:9e:c2:04:
e4:2b:7f:04:28:18:27:c4:d6:88:3d:db:1d:bc:c2:
95:f7:12:ae:e9:8a:b6:b3:6f:9e:85:c1:40:c4:d2:
d8:91:92:ab:14:96:55:ed:45:0c:05:67:02:13:d8:
88:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:78:43:9E:EB:9F:91:71:2D:AC:0A:9A:0D:68:C1:74:8D:9B:B5:D9
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/dHhDnuufkXEtrAqaDWjBdI2btdk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.119.3.0/24
Signature Algorithm: sha256WithRSAEncryption
37:2b:67:65:2c:b1:03:80:c2:fb:ca:99:e8:6e:b7:8b:4b:3d:
b1:80:92:1a:93:58:47:eb:22:44:ba:39:df:8d:08:8b:0c:f0:
93:33:19:07:2b:a8:a5:46:58:95:61:27:57:ef:39:fb:c8:3d:
5b:54:a8:c1:a7:6c:e7:08:d0:12:ea:96:53:8d:a9:24:24:36:
0d:0d:9d:7e:7c:06:a5:e4:2b:9f:07:c1:65:70:b4:15:f8:10:
cc:64:5a:32:eb:82:d4:db:0a:a3:0c:c6:23:82:16:de:3d:38:
03:37:15:a6:6d:49:97:8a:f4:a4:da:40:2e:84:2b:de:ad:6f:
c3:fb:be:26:a6:7a:25:48:8e:08:be:5b:03:0e:e8:df:9f:d3:
78:ab:77:08:cc:8a:6e:b8:95:95:7f:7f:94:66:b6:9f:8c:cf:
d0:be:fd:4b:b6:75:e2:29:9d:8d:b0:84:3d:b2:11:fe:2b:fc:
39:55:ab:43:62:43:87:8a:7e:a4:bd:f9:f2:36:86:49:a1:85:
a3:5f:68:74:ee:c0:8b:ba:85:c4:99:2b:c8:26:55:42:52:29:
5b:17:11:15:d1:eb:86:e7:fe:e6:ae:cf:e7:c3:79:71:54:27:
6a:23:19:d6:47:77:f1:c6:b1:d9:cf:38:b8:dc:b0:97:8f:07:
8a:27:4b:f2
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDuQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMTA5Mjkw
MjU2MTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDc0Nzg0MzlFRUI5Rjkx
NzEyREFDMEE5QTBENjhDMTc0OEQ5QkI1RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCic6gVUKkhII8wMlLzatOJgJCRyNBrdKReXxjPPhBwT3GghNYd
Hyz9ZmItgvsbz9+EXO1sJx7LtWhlm24AarIskUFcppKa/evxDKpOAfKVshtQfkLy
AbLHfr4HfdGmyvdsvZuVTWdeFTJ6EQX7xUHMPJNlfsd4ClGYXmVjnSXIfJICrSaU
lbRV4mPz5BOMo6V9N7t9KKgBiPaxPkxGG6qq2oY2TrxRkusCHgZ9atBGZ3dfb99c
axWlSmBf/oYCr1GXNEUvawHxf7WvGVLalJ7CBOQrfwQoGCfE1og92x28wpX3Eq7p
irazb56FwUDE0tiRkqsUllXtRQwFZwIT2IjPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUdHhDnuufkXEtrAqaDWjBdI2btdkwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9kSGhEbnV1ZmtYRXRyQXFhRFdq
QmRJMmJ0ZGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy3cD
MA0GCSqGSIb3DQEBCwUAA4IBAQA3K2dlLLEDgML7ypnobreLSz2xgJIak1hH6yJE
ujnfjQiLDPCTMxkHK6ilRliVYSdX7zn7yD1bVKjBp2znCNAS6pZTjakkJDYNDZ1+
fAal5CufB8FlcLQV+BDMZFoy64LU2wqjDMYjghbePTgDNxWmbUmXivSk2kAuhCve
rW/D+74mpnolSI4IvlsDDujfn9N4q3cIzIpuuJWVf3+UZrafjM/Qvv1LtnXiKZ2N
sIQ9shH+K/w5VatDYkOHin6kvfnyNoZJoYWjX2h07sCLuoXEmSvIJlVCUilbFxEV
0euG5/7mrs/nw3lxVCdqIxnWR3fxxrHZzzi43LCXjweKJ0vy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org