Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/4z31FqPpFoGy3MmuHaZj7bq_mjU.roa
File: 4z31FqPpFoGy3MmuHaZj7bq_mjU.roa (raw, json)
Hash identifier: Rd2gBvtPANsZD3TyxPBcTtCqMdOwzevBmUUngXved10=
Subject key identifier: E3:3D:F5:16:A3:E9:16:81:B2:DC:C9:AE:1D:A6:63:ED:BA:BF:9A:35
Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Certificate serial: 0A5B
Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/4z31FqPpFoGy3MmuHaZj7bq_mjU.roa
Signing time: Thu 15 Sep 2022 02:38:52 +0000
ROA not before: Thu 15 Sep 2022 02:38:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38851
IP address blocks: 103.229.100.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2651 (0xa5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Validity
Not Before: Sep 15 02:38:52 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E33DF516A3E91681B2DCC9AE1DA663EDBABF9A35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3a:f6:75:7f:07:b4:3c:8c:c7:d5:12:82:4e:
8b:7e:14:76:d9:88:ff:f6:ca:e2:1d:67:6f:dc:88:
d8:e5:9c:01:7e:14:d5:47:03:bf:61:f4:79:56:e1:
d9:67:ec:70:a1:5e:f3:ac:8b:8e:a5:fd:e4:a5:41:
b8:c4:84:78:db:01:50:25:bb:97:34:34:ab:d4:c8:
fc:09:b5:fc:07:80:94:28:e1:f7:1b:0f:f0:e7:7a:
0f:ac:c9:1b:a9:8d:11:dc:5b:94:f9:86:2d:53:6a:
72:56:00:3e:a0:a3:02:36:aa:79:2c:de:19:99:61:
a9:fe:ff:56:33:28:22:3a:48:58:b5:a7:fb:8f:11:
b3:ef:bf:64:36:cc:df:68:7f:2f:f8:d1:15:c1:44:
e0:3c:30:a8:5b:c8:ed:67:60:a5:8a:30:34:b4:85:
38:68:5f:3e:57:9b:58:64:55:7c:4d:1d:e4:c2:eb:
b3:10:cd:a8:a9:86:0a:ba:a8:90:8a:58:c4:c7:76:
ea:8d:c2:a9:d3:db:f4:04:d6:bb:8d:dc:b7:8f:7c:
6a:e0:11:1b:48:60:54:0d:8a:27:b7:ec:e9:e5:a7:
79:d1:fa:15:d5:29:fa:49:f0:d3:96:c2:a9:72:86:
88:a6:10:e9:4b:38:94:44:53:ff:f8:7f:e2:40:cd:
d7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3D:F5:16:A3:E9:16:81:B2:DC:C9:AE:1D:A6:63:ED:BA:BF:9A:35
X509v3 Authority Key Identifier:
keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/4z31FqPpFoGy3MmuHaZj7bq_mjU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.229.100.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:03:ac:9a:65:49:95:db:f7:fb:4d:30:43:c0:aa:c5:71:a5:
52:30:d2:45:11:42:72:22:cc:50:8a:83:a5:5c:7c:3b:e1:b2:
ec:fa:0b:c6:75:eb:32:5c:5b:9f:a7:36:99:1f:ff:d7:64:ab:
b9:f5:4e:6a:b1:e8:ea:64:f7:f4:27:43:e6:40:5d:ec:22:a5:
e3:e0:f6:b3:6c:89:ad:67:c9:4b:c6:a8:0b:86:04:87:51:f4:
37:3a:95:ec:4d:f8:8d:dd:70:ab:28:09:74:17:51:af:ae:db:
a2:64:64:b9:2a:45:c5:44:36:df:b4:e0:c6:60:7e:e3:55:2f:
87:22:21:3b:84:64:28:d0:17:9d:b3:8b:a4:ff:34:c1:6c:25:
88:ba:23:0d:e1:b4:83:7d:22:ec:51:64:a6:25:23:f8:d2:84:
df:b0:5a:d3:b1:0a:07:e3:ef:41:f9:54:e3:53:82:67:ad:f8:
9e:5d:69:f4:96:0c:09:b7:c6:ac:6d:4e:8b:9b:65:d0:9d:2e:
54:a7:df:f9:78:5b:b3:36:cc:38:90:36:bc:af:65:5a:f6:94:
21:1f:34:7e:be:76:f5:3b:b5:df:8b:91:f4:d1:22:01:ee:21:
9b:60:04:88:06:f2:b2:e1:11:4c:7d:42:90:ca:c1:9a:fc:90:
be:77:1f:64
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICClswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD
N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yMjA5MTUw
MjM4NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUzM0RGNTE2QTNFOTE2
ODFCMkRDQzlBRTFEQTY2M0VEQkFCRjlBMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOOvZ1fwe0PIzH1RKCTot+FHbZiP/2yuIdZ2/ciNjlnAF+FNVH
A79h9HlW4dln7HChXvOsi46l/eSlQbjEhHjbAVAlu5c0NKvUyPwJtfwHgJQo4fcb
D/Dneg+syRupjRHcW5T5hi1TanJWAD6gowI2qnks3hmZYan+/1YzKCI6SFi1p/uP
EbPvv2Q2zN9ofy/40RXBROA8MKhbyO1nYKWKMDS0hThoXz5Xm1hkVXxNHeTC67MQ
zaiphgq6qJCKWMTHduqNwqnT2/QE1ruN3LePfGrgERtIYFQNiie37Onlp3nR+hXV
KfpJ8NOWwqlyhoimEOlLOJREU//4f+JAzdfrAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU4z31FqPpFoGy3MmuHaZj7bq/mjUwHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7
t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz
ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFdULzR6MzFGcVBwRm9HeTNNbXVIYVpqN2Jx
X21qVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn5WQwDQYJ
KoZIhvcNAQELBQADggEBAEwDrJplSZXb9/tNMEPAqsVxpVIw0kURQnIizFCKg6Vc
fDvhsuz6C8Z16zJcW5+nNpkf/9dkq7n1Tmqx6Opk9/QnQ+ZAXewipePg9rNsia1n
yUvGqAuGBIdR9Dc6lexN+I3dcKsoCXQXUa+u26JkZLkqRcVENt+04MZgfuNVL4ci
ITuEZCjQF52zi6T/NMFsJYi6Iw3htIN9IuxRZKYlI/jShN+wWtOxCgfj70H5VONT
gmet+J5dafSWDAm3xqxtToubZdCdLlSn3/l4W7M2zDiQNryvZVr2lCEfNH6+dvU7
td+LkfTRIgHuIZtgBIgG8rLhEUx9QpDKwZr8kL53H2Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org