Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/zU8zCoHg8eoHcTsnw2-7hjZQDi4.roa
File: zU8zCoHg8eoHcTsnw2-7hjZQDi4.roa (raw, json)
Hash identifier: sHCsULRup7hZ+OeQ473ar1WgfrNY479vaqSihBwJ9lE=
Subject key identifier: CD:4F:33:0A:81:E0:F1:EA:07:71:3B:27:C3:6F:BB:86:36:50:0E:2E
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 0E3C
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/zU8zCoHg8eoHcTsnw2-7hjZQDi4.roa
Signing time: Sun 07 Feb 2021 12:59:51 +0000
ROA not before: Sun 07 Feb 2021 12:59:51 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 16509
IP address blocks: 103.235.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3644 (0xe3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Feb 7 12:59:51 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=CD4F330A81E0F1EA07713B27C36FBB8636500E2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c9:5f:07:54:d4:45:6c:ce:b2:bc:05:ee:f4:
0b:49:ef:13:dc:d5:7f:47:49:ac:cd:4f:d9:78:f7:
08:23:03:55:af:cc:ee:44:bc:12:77:54:4e:d9:3e:
b5:67:a2:62:aa:c9:56:6c:49:dc:8a:80:c2:6d:ac:
fa:0c:79:3f:c8:21:01:c1:55:f0:e9:d2:00:03:fa:
dd:3d:d8:55:9a:04:9a:ff:83:47:40:f3:51:5e:f7:
61:60:b0:e2:7b:03:01:dc:8f:43:f7:6d:08:ac:c3:
66:c6:2e:61:6f:02:e1:06:ed:c4:b3:83:d2:f2:95:
ba:b7:ee:83:78:ab:64:fb:40:c6:b1:63:9b:67:30:
f8:0f:e1:91:b4:0a:d3:df:0f:9d:27:92:f8:b0:58:
72:3b:5a:53:34:a6:fc:d6:4f:f0:4e:b4:01:8c:54:
63:c4:9c:55:d6:f8:c6:60:4d:6a:8e:0e:33:18:87:
10:88:88:7f:1b:04:c6:24:4a:3a:d1:6f:d9:7e:89:
74:a5:c8:26:ce:10:24:7f:b7:e0:eb:f0:d7:34:05:
b8:d2:38:a0:68:fb:11:32:cf:e8:d7:7e:8a:8c:ac:
ec:a0:cf:6c:60:0d:2d:f8:31:d6:d3:47:30:13:0d:
b8:b0:82:0d:a1:b7:21:7f:96:99:f8:96:03:03:08:
c4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:4F:33:0A:81:E0:F1:EA:07:71:3B:27:C3:6F:BB:86:36:50:0E:2E
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/zU8zCoHg8eoHcTsnw2-7hjZQDi4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.88.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:3c:ed:86:c6:a6:73:ef:d8:b5:0f:9c:b0:5b:57:ee:8d:5b:
b2:b1:1e:3a:4f:f8:82:5e:0a:12:03:15:c0:eb:21:2c:02:fb:
46:79:b9:98:dd:7c:a1:bd:f9:ef:ee:af:3a:fb:9d:25:16:b0:
b2:71:ac:04:b8:60:c5:69:01:f4:9c:44:98:3c:11:75:0c:bd:
49:8e:c6:7a:54:40:bc:19:a0:dd:9d:16:fa:35:e5:3d:d9:b0:
41:79:6a:e5:10:88:c2:7b:e0:ae:7a:98:e5:9b:bb:bd:37:64:
45:b8:32:f2:c4:7c:bc:0d:cc:f2:18:89:b2:d7:63:2b:ae:36:
fa:3d:36:bf:f3:1c:3e:37:8d:ff:fe:40:05:49:f0:32:05:41:
be:f1:72:32:a8:3d:45:26:61:bf:f0:1f:47:a4:bd:98:8a:71:
54:1f:b6:05:70:90:8e:89:77:65:f7:e1:5d:e4:e4:2f:0d:99:
af:31:e5:99:26:13:7f:4b:f9:99:32:c6:55:fb:58:ac:22:60:
cb:29:df:fb:5f:a2:54:bf:0b:b7:36:35:ce:da:49:fd:37:a6:
44:e1:9c:7f:b6:d2:ad:bf:7c:e6:01:94:df:a7:64:45:76:82:
de:b1:e3:ea:71:cf:97:39:73:61:31:04:b6:51:74:a7:0d:6f:
0e:b8:4d:45
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMTAyMDcx
MjU5NTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENENEYzMzBBODFFMEYx
RUEwNzcxM0IyN0MzNkZCQjg2MzY1MDBFMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4yV8HVNRFbM6yvAXu9AtJ7xPc1X9HSazNT9l49wgjA1WvzO5E
vBJ3VE7ZPrVnomKqyVZsSdyKgMJtrPoMeT/IIQHBVfDp0gAD+t092FWaBJr/g0dA
81Fe92FgsOJ7AwHcj0P3bQisw2bGLmFvAuEG7cSzg9Lylbq37oN4q2T7QMaxY5tn
MPgP4ZG0CtPfD50nkviwWHI7WlM0pvzWT/BOtAGMVGPEnFXW+MZgTWqODjMYhxCI
iH8bBMYkSjrRb9l+iXSlyCbOECR/t+Dr8Nc0BbjSOKBo+xEyz+jXfoqMrOygz2xg
DS34MdbTRzATDbiwgg2htyF/lpn4lgMDCMTzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUzU8zCoHg8eoHcTsnw2+7hjZQDi4wHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy96VTh6Q29IZzhlb0hjVHNudzIt
N2hqWlFEaTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tY
MA0GCSqGSIb3DQEBCwUAA4IBAQC2PO2GxqZz79i1D5ywW1fujVuysR46T/iCXgoS
AxXA6yEsAvtGebmY3Xyhvfnv7q86+50lFrCycawEuGDFaQH0nESYPBF1DL1JjsZ6
VEC8GaDdnRb6NeU92bBBeWrlEIjCe+Cuepjlm7u9N2RFuDLyxHy8DczyGImy12Mr
rjb6PTa/8xw+N43//kAFSfAyBUG+8XIyqD1FJmG/8B9HpL2YinFUH7YFcJCOiXdl
9+Fd5OQvDZmvMeWZJhN/S/mZMsZV+1isImDLKd/7X6JUvwu3NjXO2kn9N6ZE4Zx/
ttKtv3zmAZTfp2RFdoLesePqcc+XOXNhMQS2UXSnDW8OuE1F
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org