Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WSN-TW/23-vLtw035KioW6H9tzeiNORm34.roa
File: 23-vLtw035KioW6H9tzeiNORm34.roa (raw, json)
Hash identifier: 0vxOnRps3xL3UdP8phZNXqkglWPfybaq+mHDMjaKryQ=
Subject key identifier: DB:7F:AF:2E:DC:34:DF:92:A2:A1:6E:87:F6:DC:DE:88:D3:91:9B:7E
Certificate issuer: /CN=1CB1CA70A33248FB3DAEE8BF41E2DAA76A7DCFD3
Certificate serial: 08BE
Authority key identifier: 1C:B1:CA:70:A3:32:48:FB:3D:AE:E8:BF:41:E2:DA:A7:6A:7D:CF:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HLHKcKMySPs9rui_QeLap2p9z9M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WSN-TW/23-vLtw035KioW6H9tzeiNORm34.roa
Signing time: Sun 07 Feb 2021 11:49:40 +0000
ROA not before: Sun 07 Feb 2021 11:49:40 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131603
IP address blocks: 43.251.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2238 (0x8be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1CB1CA70A33248FB3DAEE8BF41E2DAA76A7DCFD3
Validity
Not Before: Feb 7 11:49:40 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=DB7FAF2EDC34DF92A2A16E87F6DCDE88D3919B7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:28:2a:18:61:56:dd:3f:f7:e2:36:cf:1d:62:
a7:6e:d5:9c:46:ed:0f:3b:07:04:13:1b:66:3c:42:
de:ae:a8:15:01:32:d6:4c:28:f2:61:7d:9a:08:b7:
03:04:84:76:a5:40:66:0b:ba:6b:d1:4a:06:5b:8d:
de:2f:b9:57:ac:96:98:33:19:bf:4e:64:e3:c4:5c:
44:4d:3e:b6:6b:d9:81:20:c6:91:9e:aa:e5:f1:4b:
fe:22:25:ce:4c:6a:80:d2:32:6d:f5:0c:84:5b:0b:
35:fd:12:de:c6:f7:5a:5f:eb:ce:c4:fd:cc:75:6d:
98:ec:d7:2e:a5:25:59:cd:ea:e9:64:cc:66:18:92:
47:97:66:ca:69:72:c4:1e:87:2d:95:f1:51:71:23:
12:d2:4d:55:07:c8:56:24:05:73:e7:15:c0:a3:69:
10:9c:01:57:e4:98:3b:74:9e:a6:2e:29:55:f5:5d:
ce:43:31:88:2a:58:b3:87:45:82:a9:7d:47:b8:a1:
07:6b:6e:0b:c1:2e:a5:79:94:b2:84:8d:16:98:f3:
c4:b4:5d:c4:07:ff:b7:5f:f6:64:86:d3:89:34:6b:
26:63:54:01:52:75:b0:02:c4:fa:b2:05:f8:8e:37:
49:bd:85:71:ab:51:76:93:b5:e6:68:05:01:9a:b1:
b7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7F:AF:2E:DC:34:DF:92:A2:A1:6E:87:F6:DC:DE:88:D3:91:9B:7E
X509v3 Authority Key Identifier:
keyid:1C:B1:CA:70:A3:32:48:FB:3D:AE:E8:BF:41:E2:DA:A7:6A:7D:CF:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WSN-TW/HLHKcKMySPs9rui_QeLap2p9z9M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HLHKcKMySPs9rui_QeLap2p9z9M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WSN-TW/23-vLtw035KioW6H9tzeiNORm34.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.56.0/22
Signature Algorithm: sha256WithRSAEncryption
50:02:7a:96:ea:3a:3a:10:25:8d:4d:50:d8:45:9b:66:68:aa:
c5:2a:55:a1:a3:5b:24:4d:11:d9:32:16:36:cd:99:31:10:5d:
fe:5d:3d:3b:94:1f:f6:41:41:d9:49:f8:9a:f1:de:e3:3d:6e:
44:5b:6b:8b:15:cb:99:b0:15:e2:55:f7:b7:e1:72:67:1a:71:
5f:5c:bd:11:f9:3a:e9:1a:b9:15:a6:75:93:54:48:cd:91:e1:
38:3e:7c:0f:96:ea:42:d5:89:3a:d6:db:68:17:6a:b9:63:30:
b1:1d:a8:2b:4c:a8:49:e6:61:95:3a:11:bb:bd:7d:ff:e9:d7:
af:df:c1:db:d6:8c:55:e3:a8:d6:ef:a0:57:04:39:ff:c1:b6:
d4:5c:b8:1a:66:8a:6b:04:89:48:08:a0:1c:01:fe:8b:27:66:
c5:0f:19:1d:c8:f0:b2:69:fa:81:a3:9a:71:7a:64:58:e0:04:
9e:dd:79:c4:d9:e2:ec:8e:45:f1:2e:7d:1f:c0:2c:e5:ae:3b:
3a:83:d8:1a:04:31:cb:74:b3:00:06:de:f8:d2:c8:b1:76:68:
77:9d:00:68:41:3f:42:99:66:0b:cb:b8:8c:73:a5:6f:72:17:
68:13:fd:41:26:0c:68:d1:46:32:db:5a:82:25:87:25:ec:37:
2c:7f:3d:a9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUNC
MUNBNzBBMzMyNDhGQjNEQUVFOEJGNDFFMkRBQTc2QTdEQ0ZEMzAeFw0yMTAyMDcx
MTQ5NDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERCN0ZBRjJFREMzNERG
OTJBMkExNkU4N0Y2RENERTg4RDM5MTlCN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdKCoYYVbdP/fiNs8dYqdu1ZxG7Q87BwQTG2Y8Qt6uqBUBMtZM
KPJhfZoItwMEhHalQGYLumvRSgZbjd4vuVeslpgzGb9OZOPEXERNPrZr2YEgxpGe
quXxS/4iJc5MaoDSMm31DIRbCzX9Et7G91pf687E/cx1bZjs1y6lJVnN6ulkzGYY
kkeXZsppcsQehy2V8VFxIxLSTVUHyFYkBXPnFcCjaRCcAVfkmDt0nqYuKVX1Xc5D
MYgqWLOHRYKpfUe4oQdrbgvBLqV5lLKEjRaY88S0XcQH/7df9mSG04k0ayZjVAFS
dbACxPqyBfiON0m9hXGrUXaTteZoBQGasbe9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU23+vLtw035KioW6H9tzeiNORm34wHwYDVR0jBBgwFoAUHLHKcKMySPs9rui/
QeLap2p9z9MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV1NOLVRX
L0hMSEtjS015U1BzOXJ1aV9RZUxhcDJwOXo5TS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSExIS2NLTXlTUHM5cnVpX1FlTGFwMnA5ejlNLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvV1NOLVRXLzIzLXZMdHcwMzVLaW9XNkg5
dHplaU5PUm0zNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr
+zgwDQYJKoZIhvcNAQELBQADggEBAFACepbqOjoQJY1NUNhFm2ZoqsUqVaGjWyRN
EdkyFjbNmTEQXf5dPTuUH/ZBQdlJ+Jrx3uM9bkRba4sVy5mwFeJV97fhcmcacV9c
vRH5OukauRWmdZNUSM2R4Tg+fA+W6kLViTrW22gXarljMLEdqCtMqEnmYZU6Ebu9
ff/p16/fwdvWjFXjqNbvoFcEOf/BttRcuBpmimsEiUgIoBwB/osnZsUPGR3I8LJp
+oGjmnF6ZFjgBJ7decTZ4uyORfEufR/ALOWuOzqD2BoEMct0swAG3vjSyLF2aHed
AGhBP0KZZgvLuIxzpW9yF2gT/UEmDGjRRjLbWoIlhyXsNyx/Pak=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:43 2023 by rpki-client on console-ams.rpki-client.org