Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/DcA5zUck-qpla62BofWZd0peMaM.roa
File: DcA5zUck-qpla62BofWZd0peMaM.roa (raw, json)
Hash identifier: NOxVwKuwOhzpDkqPzbXuU9BEd6ivpTXFe8K/iSemSE4=
Subject key identifier: 0D:C0:39:CD:47:24:FA:AA:65:6B:AD:81:A1:F5:99:77:4A:5E:31:A3
Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Certificate serial: 096D
Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/DcA5zUck-qpla62BofWZd0peMaM.roa
Signing time: Wed 29 Sep 2021 02:39:16 +0000
ROA not before: Wed 29 Sep 2021 02:39:16 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38851
IP address blocks: 43.250.46.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2413 (0x96d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Validity
Not Before: Sep 29 02:39:16 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=0DC039CD4724FAAA656BAD81A1F599774A5E31A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e5:a7:f7:44:a2:b0:71:f6:32:fe:39:c0:18:
39:f6:35:6b:8c:6d:77:d9:5f:93:27:b2:80:e2:18:
0f:f3:48:1c:79:16:dc:65:4e:3b:ec:09:74:bb:19:
46:23:b6:b4:a2:59:0c:11:8c:a1:53:16:18:dd:43:
75:1c:0a:a7:82:6f:75:d4:24:2c:3e:50:0b:8a:c4:
c8:1f:de:c7:28:ec:60:4b:23:c7:05:33:6d:fb:b6:
9c:8a:05:f6:ef:d8:ee:07:c4:6a:f1:df:ca:d8:56:
61:89:24:68:2f:60:1c:35:12:95:0f:a5:97:a8:2e:
51:ef:7b:b5:77:f6:4b:5f:ad:8b:74:4b:77:37:da:
a7:2a:c2:6b:ad:62:b9:19:82:7c:15:40:2d:0c:69:
35:d7:0e:61:21:2a:c3:a9:27:3e:46:fa:8b:d0:58:
69:62:63:63:18:a1:cd:89:d4:2d:c5:1e:19:cc:e6:
cf:07:b3:5f:d4:aa:c4:16:b0:67:f7:1c:f6:87:fa:
b0:43:2a:d0:0e:f0:01:b5:8c:78:99:ac:13:0b:cd:
36:cc:53:02:ae:34:99:91:63:f6:99:87:37:c8:a8:
64:aa:01:c9:05:be:4b:45:53:46:ef:6f:40:da:9c:
98:6e:d7:f2:be:4f:7a:91:f6:95:c7:7c:c1:11:71:
11:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C0:39:CD:47:24:FA:AA:65:6B:AD:81:A1:F5:99:77:4A:5E:31:A3
X509v3 Authority Key Identifier:
keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/DcA5zUck-qpla62BofWZd0peMaM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.46.0/23
Signature Algorithm: sha256WithRSAEncryption
33:70:4a:df:4f:c8:03:aa:4c:ab:5f:3e:a8:0b:95:3b:c9:d5:
2d:94:db:12:23:44:07:54:68:15:81:ca:93:42:f8:2a:fe:44:
ed:e6:fd:7d:05:d4:bf:0e:ed:1e:2f:55:55:47:d5:6d:57:7b:
de:cf:03:a3:0d:63:9b:f0:6a:c7:f2:33:e6:0c:6d:be:28:4b:
5e:8e:ad:12:f8:fe:56:b6:1e:16:13:56:ae:bd:fc:e4:33:4b:
d5:f8:f3:29:ab:4d:32:75:a6:82:74:95:e8:ae:d1:f2:69:9a:
c2:0f:96:56:72:55:5d:54:ad:6d:8d:60:91:d9:2e:56:8d:a5:
30:39:75:1d:95:16:51:7f:38:16:a8:7a:c2:3a:16:67:1c:72:
4f:3c:38:ce:af:e0:3f:a1:57:25:25:9a:c8:e1:cf:fd:62:0d:
42:c2:0e:3a:0d:ff:d8:ea:5b:d4:3b:7d:20:6c:c8:06:d6:3d:
87:76:a7:80:d5:cf:0b:8f:67:a7:9f:b9:b1:e8:10:ae:da:f9:
43:e3:1a:9c:66:96:0b:d1:e3:ef:bb:f7:fc:16:86:70:ed:e5:
2c:5a:9c:81:16:c0:e3:88:63:f4:52:19:08:d9:5e:f7:65:31:
fb:26:5f:ac:9d:d8:9a:1e:e9:5f:9d:df:68:82:de:1d:02:ab:
46:27:27:f1
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCW0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD
N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yMTA5Mjkw
MjM5MTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDBEQzAzOUNENDcyNEZB
QUE2NTZCQUQ4MUExRjU5OTc3NEE1RTMxQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb5af3RKKwcfYy/jnAGDn2NWuMbXfZX5MnsoDiGA/zSBx5Ftxl
TjvsCXS7GUYjtrSiWQwRjKFTFhjdQ3UcCqeCb3XUJCw+UAuKxMgf3sco7GBLI8cF
M237tpyKBfbv2O4HxGrx38rYVmGJJGgvYBw1EpUPpZeoLlHve7V39ktfrYt0S3c3
2qcqwmutYrkZgnwVQC0MaTXXDmEhKsOpJz5G+ovQWGliY2MYoc2J1C3FHhnM5s8H
s1/UqsQWsGf3HPaH+rBDKtAO8AG1jHiZrBMLzTbMUwKuNJmRY/aZhzfIqGSqAckF
vktFU0bvb0DanJhu1/K+T3qR9pXHfMERcRHDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUDcA5zUck+qpla62BofWZd0peMaMwHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7
t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz
ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL0RjQTV6VWNrLXFwbGE2MkJvZldaZDBw
ZU1hTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEr+i4wDQYJ
KoZIhvcNAQELBQADggEBADNwSt9PyAOqTKtfPqgLlTvJ1S2U2xIjRAdUaBWBypNC
+Cr+RO3m/X0F1L8O7R4vVVVH1W1Xe97PA6MNY5vwasfyM+YMbb4oS16OrRL4/la2
HhYTVq69/OQzS9X48ymrTTJ1poJ0leiu0fJpmsIPllZyVV1UrW2NYJHZLlaNpTA5
dR2VFlF/OBaoesI6Fmccck88OM6v4D+hVyUlmsjhz/1iDULCDjoN/9jqW9Q7fSBs
yAbWPYd2p4DVzwuPZ6efubHoEK7a+UPjGpxmlgvR4++79/wWhnDt5SxanIEWwOOI
Y/RSGQjZXvdlMfsmX6yd2Joe6V+d32iC3h0Cq0YnJ/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org