Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/-kd11rxSSK0PReUWg8AYAuXdXu0.roa
File: -kd11rxSSK0PReUWg8AYAuXdXu0.roa (raw, json)
Hash identifier: IP/8Awvv/eAUQ7tfjmsCiIloGSASjt5hYLt7Cb3coX4=
Subject key identifier: FA:47:75:D6:BC:52:48:AD:0F:45:E5:16:83:C0:18:02:E5:DD:5E:ED
Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Certificate serial: 08CD
Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/-kd11rxSSK0PReUWg8AYAuXdXu0.roa
Signing time: Sun 07 Feb 2021 12:59:54 +0000
ROA not before: Sun 07 Feb 2021 12:59:54 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38851
IP address blocks: 43.250.44.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2253 (0x8cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Validity
Not Before: Feb 7 12:59:54 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=FA4775D6BC5248AD0F45E51683C01802E5DD5EED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:14:e7:d9:13:3b:e5:75:2a:b3:fa:95:70:b8:
77:8f:91:7e:35:cd:2f:c5:bf:ba:81:fa:da:ec:e1:
e4:14:24:90:f8:dc:39:9a:0b:c0:ee:78:4e:97:f6:
3c:0e:af:f2:70:62:85:5d:92:a5:7e:e5:2d:d3:2a:
1c:c1:18:7b:22:82:b3:c4:f6:8f:74:e8:b5:af:0b:
49:d7:18:da:df:0e:42:a4:27:06:86:8f:46:9e:6b:
73:2b:38:61:5f:90:1e:1d:19:cd:8e:ed:b1:d4:f2:
47:ba:ff:4a:7d:a0:8a:02:d7:48:73:4c:15:ce:6a:
cd:96:81:46:bd:6d:9c:95:aa:7f:ff:e6:2a:0d:95:
d1:c6:9f:de:87:42:48:dd:62:a6:2c:01:17:1b:e0:
a2:28:2c:14:3b:66:59:97:b8:a7:5d:8b:a1:7d:d3:
11:56:c1:fb:75:c8:6c:23:4b:2d:4f:a6:b8:a3:9b:
f4:35:88:51:b5:b5:01:eb:b4:c5:50:d1:9f:99:bc:
d0:85:74:29:f8:b2:a6:b0:9c:f8:b4:ce:f7:17:80:
0b:af:12:61:99:35:ef:41:8c:fb:2a:c0:0a:7c:5c:
e0:0d:cb:f7:db:ed:9d:c0:ac:eb:69:22:39:0c:b0:
39:81:d5:77:8f:90:46:42:73:d0:e6:f5:3c:06:05:
28:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:47:75:D6:BC:52:48:AD:0F:45:E5:16:83:C0:18:02:E5:DD:5E:ED
X509v3 Authority Key Identifier:
keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/-kd11rxSSK0PReUWg8AYAuXdXu0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.44.0/23
Signature Algorithm: sha256WithRSAEncryption
70:2b:94:15:14:c5:23:52:15:6e:cb:e9:aa:64:1a:5b:c0:35:
fe:22:19:03:7c:33:28:cb:bd:53:13:dc:94:cc:d8:03:f3:61:
61:92:4f:90:6c:e1:04:09:3c:38:84:85:a7:3d:c9:4a:9f:f9:
8f:a0:ec:77:65:02:a2:fe:29:6f:ab:1b:a8:27:62:b4:fc:36:
aa:15:c7:82:54:aa:00:af:73:06:d0:dc:e4:ed:1c:e5:97:61:
1c:ae:e4:9b:ff:cb:32:67:b2:c5:97:fd:79:f5:7a:4d:7a:22:
85:b3:a8:35:a5:87:2d:1c:21:fa:92:60:f7:76:91:df:96:0e:
1d:70:12:6c:7b:5a:3c:3d:65:20:b5:89:4a:34:57:2b:e5:aa:
69:b0:81:94:be:4b:f9:5d:e4:56:e6:e2:eb:5d:eb:99:36:a6:
d3:d1:94:29:ba:c0:63:54:45:58:bf:e8:d3:69:bd:5d:bb:bf:
89:d4:6b:9e:09:39:68:44:66:94:69:cb:31:46:13:5d:1e:ee:
e3:f4:49:2c:5c:da:48:6a:33:cc:5b:8f:38:6a:8d:01:df:ad:
c7:0e:d5:c2:9e:3c:19:70:6d:3b:be:57:7a:ac:e7:9d:99:70:
4f:fa:bd:fb:01:72:17:27:47:e7:e9:39:d7:e9:8b:a6:e5:be:
b0:c3:db:2d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD
N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yMTAyMDcx
MjU5NTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEZBNDc3NUQ2QkM1MjQ4
QUQwRjQ1RTUxNjgzQzAxODAyRTVERDVFRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9FOfZEzvldSqz+pVwuHePkX41zS/Fv7qB+trs4eQUJJD43Dma
C8DueE6X9jwOr/JwYoVdkqV+5S3TKhzBGHsigrPE9o906LWvC0nXGNrfDkKkJwaG
j0aea3MrOGFfkB4dGc2O7bHU8ke6/0p9oIoC10hzTBXOas2WgUa9bZyVqn//5ioN
ldHGn96HQkjdYqYsARcb4KIoLBQ7ZlmXuKddi6F90xFWwft1yGwjSy1Pprijm/Q1
iFG1tQHrtMVQ0Z+ZvNCFdCn4sqawnPi0zvcXgAuvEmGZNe9BjPsqwAp8XOANy/fb
7Z3ArOtpIjkMsDmB1XePkEZCc9Dm9TwGBShJAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU+kd11rxSSK0PReUWg8AYAuXdXu0wHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7
t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz
ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFdULy1rZDExcnhTU0swUFJlVVdnOEFZQXVY
ZFh1MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEr+iwwDQYJ
KoZIhvcNAQELBQADggEBAHArlBUUxSNSFW7L6apkGlvANf4iGQN8MyjLvVMT3JTM
2APzYWGST5Bs4QQJPDiEhac9yUqf+Y+g7HdlAqL+KW+rG6gnYrT8NqoVx4JUqgCv
cwbQ3OTtHOWXYRyu5Jv/yzJnssWX/Xn1ek16IoWzqDWlhy0cIfqSYPd2kd+WDh1w
Emx7Wjw9ZSC1iUo0VyvlqmmwgZS+S/ld5Fbm4utd65k2ptPRlCm6wGNURVi/6NNp
vV27v4nUa54JOWhEZpRpyzFGE10e7uP0SSxc2khqM8xbjzhqjQHfrccO1cKePBlw
bTu+V3qs552ZcE/6vfsBchcnR+fpOdfpi6blvrDD2y0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:36 2025 by rpki-client