Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/M6nc2_-KplQscSDPsBtNLRpc3o4.roa
File: M6nc2_-KplQscSDPsBtNLRpc3o4.roa (raw, json)
Hash identifier: HAam/wtemqt/d8KP4yybGWplSsclYrQzTrEqTF/Vfro=
Subject key identifier: 33:A9:DC:DB:FF:8A:A6:54:2C:71:20:CF:B0:1B:4D:2D:1A:5C:DE:8E
Certificate issuer: /CN=63400AA6E6C68B13DDDC9C00B82586124273FA9B
Certificate serial: 095A
Authority key identifier: 63:40:0A:A6:E6:C6:8B:13:DD:DC:9C:00:B8:25:86:12:42:73:FA:9B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/M6nc2_-KplQscSDPsBtNLRpc3o4.roa
Signing time: Wed 29 Sep 2021 02:53:49 +0000
ROA not before: Wed 29 Sep 2021 02:53:49 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131618
IP address blocks: 103.122.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2394 (0x95a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63400AA6E6C68B13DDDC9C00B82586124273FA9B
Validity
Not Before: Sep 29 02:53:49 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=33A9DCDBFF8AA6542C7120CFB01B4D2D1A5CDE8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c4:7b:d3:13:c1:72:c7:0f:2d:da:67:ea:d6:
b4:1c:4e:58:d2:14:00:c4:df:24:bb:de:c3:68:98:
e1:30:75:92:44:8d:6b:27:79:18:a1:e4:9a:74:4a:
84:1b:66:9d:e3:1c:b8:93:db:b0:d0:6d:08:75:97:
c4:58:0d:bb:40:ba:f5:21:c5:1f:20:61:08:2c:0b:
2c:63:4f:91:1e:fe:05:87:9d:07:a8:34:b2:05:5f:
aa:63:91:9b:7c:84:93:3a:4d:28:d2:b7:c8:b1:7f:
bb:a7:a1:a9:29:57:2e:c4:98:b5:8a:81:e4:20:a9:
d9:18:f1:34:31:91:3b:fc:d7:cb:1d:f3:39:66:76:
d7:a4:23:24:ae:87:c4:0e:6b:83:6d:e7:fd:79:7d:
5c:cb:94:2d:bc:67:ba:17:44:dd:0a:b7:dc:dd:71:
7b:ea:8e:40:06:b5:ce:a1:ed:82:b2:dc:fc:28:5e:
fe:41:90:6e:80:7a:c9:45:30:cb:cf:e7:65:31:8d:
f4:30:2a:88:06:14:11:96:d4:80:c6:b7:45:6b:f9:
de:fc:a2:db:30:24:4e:f7:33:17:c4:53:3d:2e:80:
95:09:6f:2f:84:a0:6d:91:9d:95:f1:58:50:1e:8b:
47:a0:57:fb:6b:84:09:f9:0f:ad:96:d0:20:a4:dd:
f7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A9:DC:DB:FF:8A:A6:54:2C:71:20:CF:B0:1B:4D:2D:1A:5C:DE:8E
X509v3 Authority Key Identifier:
keyid:63:40:0A:A6:E6:C6:8B:13:DD:DC:9C:00:B8:25:86:12:42:73:FA:9B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/Y0AKpubGixPd3JwAuCWGEkJz-ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/M6nc2_-KplQscSDPsBtNLRpc3o4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.225.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:a9:35:44:c1:2d:f6:af:6d:76:eb:e0:8d:4b:96:1c:ac:3f:
60:cf:21:0c:bc:3d:57:aa:ec:00:49:0e:6d:aa:64:92:85:b5:
d3:49:41:6b:27:b9:cb:1d:df:19:49:f5:a6:74:ac:2f:96:50:
3d:cb:86:59:98:a7:de:f0:40:60:cc:88:0b:8b:44:fa:71:00:
5a:33:53:46:1e:53:31:7a:46:e8:3f:59:be:13:f8:1f:c9:93:
c9:27:5f:03:36:d9:83:2c:42:ed:ca:89:42:22:7d:01:99:f6:
ba:bb:7b:ac:17:64:71:68:5c:d0:94:0e:0c:8e:14:e8:fe:51:
e4:7e:c9:b0:4f:30:df:3f:0f:7a:e2:87:21:08:c0:c1:41:81:
44:25:65:0f:c6:90:cd:b5:dd:83:20:24:1e:f6:85:21:da:a4:
9a:d7:d9:08:1c:12:f5:55:44:58:2b:f8:54:8c:a0:58:e6:29:
ac:7b:e1:90:84:3d:d5:ec:0d:aa:b6:52:08:c3:0b:30:42:5d:
8a:4b:ee:60:bf:02:a1:68:96:5b:c5:ce:cd:ec:bb:24:c2:90:
a6:fa:6f:1a:05:97:ba:5f:68:eb:9d:d9:be:eb:17:b7:89:3d:
ee:9c:a4:da:99:96:74:1d:ea:4b:a8:76:d8:c0:7f:b1:17:c6:
d5:3c:a0:de
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICCVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjM0
MDBBQTZFNkM2OEIxM0REREM5QzAwQjgyNTg2MTI0MjczRkE5QjAeFw0yMTA5Mjkw
MjUzNDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDMzQTlEQ0RCRkY4QUE2
NTQyQzcxMjBDRkIwMUI0RDJEMUE1Q0RFOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4xHvTE8Fyxw8t2mfq1rQcTljSFADE3yS73sNomOEwdZJEjWsn
eRih5Jp0SoQbZp3jHLiT27DQbQh1l8RYDbtAuvUhxR8gYQgsCyxjT5Ee/gWHnQeo
NLIFX6pjkZt8hJM6TSjSt8ixf7unoakpVy7EmLWKgeQgqdkY8TQxkTv818sd8zlm
dtekIySuh8QOa4Nt5/15fVzLlC28Z7oXRN0Kt9zdcXvqjkAGtc6h7YKy3PwoXv5B
kG6AeslFMMvP52UxjfQwKogGFBGW1IDGt0Vr+d78otswJE73MxfEUz0ugJUJby+E
oG2RnZXxWFAei0egV/trhAn5D62W0CCk3fefAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUM6nc2/+KplQscSDPsBtNLRpc3o4wHwYDVR0jBBgwFoAUY0AKpubGixPd3JwA
uCWGEkJz+pswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVklTSU9O
NFlFUy9ZMEFLcHViR2l4UGQzSndBdUNXR0VrSnotcHMuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL1kwQUtwdWJHaXhQZDNKd0F1Q1dHRWtKei1wcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1ZJU0lPTjRZRVMvTTZuYzJfLUtw
bFFzY1NEUHNCdE5MUnBjM280LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAGd64TANBgkqhkiG9w0BAQsFAAOCAQEAS6k1RMEt9q9tduvgjUuWHKw/
YM8hDLw9V6rsAEkObapkkoW100lBaye5yx3fGUn1pnSsL5ZQPcuGWZin3vBAYMyI
C4tE+nEAWjNTRh5TMXpG6D9ZvhP4H8mTySdfAzbZgyxC7cqJQiJ9AZn2urt7rBdk
cWhc0JQODI4U6P5R5H7JsE8w3z8PeuKHIQjAwUGBRCVlD8aQzbXdgyAkHvaFIdqk
mtfZCBwS9VVEWCv4VIygWOYprHvhkIQ91ewNqrZSCMMLMEJdikvuYL8CoWiWW8XO
zey7JMKQpvpvGgWXul9o653ZvusXt4k97pyk2pmWdB3qS6h22MB/sRfG1Tyg3g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:42 2023 by rpki-client on console-ams.rpki-client.org