Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ULC/2VMB7tcsf3KEg2x9J_UqIUoo-w0.roa
File: 2VMB7tcsf3KEg2x9J_UqIUoo-w0.roa (raw, json)
Hash identifier: TJ9ffR4oBRitTiE0jXSbDO71pmaK7X0sVxHFuZRhWcE=
Subject key identifier: D9:53:01:EE:D7:2C:7F:72:84:83:6C:7D:27:F5:2A:21:4A:28:FB:0D
Certificate issuer: /CN=BFBB7F7B5C58323490875849B8EDDA495EF17B1B
Certificate serial: 0299
Authority key identifier: BF:BB:7F:7B:5C:58:32:34:90:87:58:49:B8:ED:DA:49:5E:F1:7B:1B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v7t_e1xYMjSQh1hJuO3aSV7xexs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/2VMB7tcsf3KEg2x9J_UqIUoo-w0.roa
Signing time: Thu 15 Sep 2022 02:38:03 +0000
ROA not before: Thu 15 Sep 2022 02:38:03 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131642
IP address blocks: 103.157.42.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 665 (0x299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BFBB7F7B5C58323490875849B8EDDA495EF17B1B
Validity
Not Before: Sep 15 02:38:03 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D95301EED72C7F7284836C7D27F52A214A28FB0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:82:4e:fb:62:e9:94:47:2b:e2:b1:2b:9d:90:
2f:3f:da:5a:0a:7c:6b:aa:d5:21:53:d2:2a:cb:17:
97:c7:96:c8:13:d3:fb:15:59:54:9a:69:dd:22:ad:
75:f0:32:28:27:60:b0:2d:04:a4:49:72:06:58:d7:
52:35:b8:7a:4e:e6:20:1c:5c:9a:94:8b:43:d1:15:
82:e0:99:54:80:3a:e2:4e:f2:ea:e9:f9:15:3e:c2:
93:b2:69:71:88:80:7c:e3:e2:5f:61:7e:0a:d2:92:
ab:89:39:b7:6f:be:3b:76:49:9c:3c:05:46:36:3e:
2f:80:55:d4:44:67:53:a3:67:e3:2f:5c:c4:92:dc:
94:ce:35:b0:48:f0:16:62:e6:ba:19:d2:a5:ee:bc:
22:e2:b7:9a:54:66:d6:6c:18:ce:55:36:eb:42:2f:
6b:d3:2a:48:05:34:c2:89:7c:31:22:27:fc:37:76:
d5:88:30:59:9b:2d:f5:18:df:3c:a9:4f:44:54:14:
ab:c8:3e:ca:4a:93:71:bc:d5:de:1a:26:96:37:c4:
e2:8b:6d:41:6f:98:3a:ed:d9:c4:25:5c:df:de:79:
88:39:40:49:6e:74:15:f1:a4:bf:68:16:a1:b8:21:
b7:80:3d:47:a4:c7:00:05:72:03:6d:72:86:99:e3:
58:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:53:01:EE:D7:2C:7F:72:84:83:6C:7D:27:F5:2A:21:4A:28:FB:0D
X509v3 Authority Key Identifier:
keyid:BF:BB:7F:7B:5C:58:32:34:90:87:58:49:B8:ED:DA:49:5E:F1:7B:1B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/v7t_e1xYMjSQh1hJuO3aSV7xexs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v7t_e1xYMjSQh1hJuO3aSV7xexs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/2VMB7tcsf3KEg2x9J_UqIUoo-w0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.42.0/23
Signature Algorithm: sha256WithRSAEncryption
68:e6:d7:67:b3:a5:68:82:ed:16:55:71:65:31:eb:47:2e:b3:
e8:58:0e:32:cb:03:ca:54:7e:5a:a7:fa:12:e5:99:6d:f8:2e:
c0:1e:2f:0c:8e:b2:89:b9:cf:d2:84:8c:f1:9d:6a:d1:e0:36:
43:66:5f:a3:c9:fb:40:22:21:56:9d:81:cd:97:f2:1f:eb:cc:
dd:86:7e:e7:40:31:6b:a4:f1:95:4d:0f:cb:28:ec:e0:0e:71:
9c:59:1f:4d:2c:c1:33:bd:c9:57:a1:8b:7f:d5:ed:4e:9b:cc:
98:2e:d1:d0:26:37:95:75:e5:9a:3f:72:b9:50:79:51:bc:d9:
c3:61:67:3a:c0:0f:98:b1:a4:d6:21:28:b7:54:df:2a:b1:ff:
0f:85:8d:3b:7d:d8:3a:dd:6d:39:eb:3b:d5:bc:a4:76:9e:f6:
27:59:c6:f7:18:e7:84:ff:22:8b:6a:52:c8:fd:fc:7c:2a:4a:
0d:94:67:99:3c:09:f5:51:c3:0e:f6:80:4f:c8:7c:25:20:a6:
06:aa:f3:d4:7e:76:5c:e8:f1:f1:4c:c7:1a:59:6f:58:2c:f7:
c1:06:c1:6b:01:1e:3a:3a:a1:7d:3f:06:22:fa:43:3a:21:a8:
11:94:c3:30:de:75:3a:41:03:1c:37:a9:7f:74:e6:85:94:3b:
6d:d6:15:c0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICApkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkZC
QjdGN0I1QzU4MzIzNDkwODc1ODQ5QjhFRERBNDk1RUYxN0IxQjAeFw0yMjA5MTUw
MjM4MDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ5NTMwMUVFRDcyQzdG
NzI4NDgzNkM3RDI3RjUyQTIxNEEyOEZCMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDigk77YumURyvisSudkC8/2loKfGuq1SFT0irLF5fHlsgT0/sV
WVSaad0irXXwMignYLAtBKRJcgZY11I1uHpO5iAcXJqUi0PRFYLgmVSAOuJO8urp
+RU+wpOyaXGIgHzj4l9hfgrSkquJObdvvjt2SZw8BUY2Pi+AVdREZ1OjZ+MvXMSS
3JTONbBI8BZi5roZ0qXuvCLit5pUZtZsGM5VNutCL2vTKkgFNMKJfDEiJ/w3dtWI
MFmbLfUY3zypT0RUFKvIPspKk3G81d4aJpY3xOKLbUFvmDrt2cQlXN/eeYg5QElu
dBXxpL9oFqG4IbeAPUekxwAFcgNtcoaZ41j1AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU2VMB7tcsf3KEg2x9J/UqIUoo+w0wHwYDVR0jBBgwFoAUv7t/e1xYMjSQh1hJ
uO3aSV7xexswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUxDL3Y3
dF9lMXhZTWpTUWgxaEp1TzNhU1Y3eGV4cy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djd0X2UxeFlNalNRaDFoSnVPM2FTVjd4ZXhzLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVUxDLzJWTUI3dGNzZjNLRWcyeDlKX1VxSVVv
by13MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnnSowDQYJ
KoZIhvcNAQELBQADggEBAGjm12ezpWiC7RZVcWUx60cus+hYDjLLA8pUflqn+hLl
mW34LsAeLwyOsom5z9KEjPGdatHgNkNmX6PJ+0AiIVadgc2X8h/rzN2GfudAMWuk
8ZVND8so7OAOcZxZH00swTO9yVehi3/V7U6bzJgu0dAmN5V15Zo/crlQeVG82cNh
ZzrAD5ixpNYhKLdU3yqx/w+FjTt92DrdbTnrO9W8pHae9idZxvcY54T/IotqUsj9
/HwqSg2UZ5k8CfVRww72gE/IfCUgpgaq89R+dlzo8fFMxxpZb1gs98EGwWsBHjo6
oX0/BiL6QzohqBGUwzDedTpBAxw3qX905oWUO23WFcA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:51 2024 by rpki-client on console-ams.rpki-client.org