Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/2Fz2SqVrC1Mc0QJbdiQmmqwGNFo.roa
File: 2Fz2SqVrC1Mc0QJbdiQmmqwGNFo.roa (raw, json)
Hash identifier: KvQNi4Qos8/6tu4TanKaJ184KAWSAjOQ+u1Wq9Q2sQg=
Subject key identifier: D8:5C:F6:4A:A5:6B:0B:53:1C:D1:02:5B:76:24:26:9A:AC:06:34:5A
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0E6F
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/2Fz2SqVrC1Mc0QJbdiQmmqwGNFo.roa
Signing time: Thu 23 May 2024 06:12:31 +0000
ROA not before: Thu 23 May 2024 06:12:31 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 223.22.66.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3695 (0xe6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: May 23 06:12:31 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D85CF64AA56B0B531CD1025B7624269AAC06345A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:37:5c:5d:ae:06:34:a9:ee:20:5b:e9:08:9e:
c7:77:a6:e5:ed:ef:e5:b8:c8:2d:3b:64:77:23:19:
d3:c4:84:a7:9f:92:df:96:6c:0d:e4:44:a8:98:16:
34:30:71:24:ec:fb:ea:5d:0c:3d:26:70:f3:95:f1:
86:3f:f8:ad:f4:cc:ca:49:99:c0:6b:0a:5d:1f:70:
20:4e:65:78:fe:b5:13:c4:47:88:19:a6:1a:75:91:
2c:33:ac:9c:92:6c:93:0e:f6:13:77:bf:ff:3a:66:
55:42:6a:ee:de:29:86:bc:b6:cc:f0:86:c3:6a:4a:
fa:fe:cc:27:d0:50:f9:c7:a6:2b:5d:21:f4:aa:a0:
00:7c:d9:9a:b0:61:03:d7:92:0d:ff:38:c0:39:51:
f1:87:5b:3d:d2:95:fa:3b:ae:31:12:66:8f:3e:6c:
1e:ae:ff:ab:8b:99:90:24:d6:3f:d8:41:df:97:e2:
a1:16:0c:02:d9:b1:4d:5a:62:da:9b:0c:50:3f:8c:
82:5e:c0:ee:9f:ea:65:17:a5:0e:97:46:c3:80:a6:
9e:ff:6c:c9:0b:5c:17:4a:eb:b8:b7:ce:54:dd:68:
5a:d6:0e:aa:53:5a:c4:e5:23:31:72:6e:29:ed:51:
5d:ff:1b:e1:44:1a:f5:5d:12:dc:2d:40:a6:10:9d:
37:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5C:F6:4A:A5:6B:0B:53:1C:D1:02:5B:76:24:26:9A:AC:06:34:5A
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/2Fz2SqVrC1Mc0QJbdiQmmqwGNFo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.66.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7b:57:57:ec:a8:e1:c9:ec:77:0e:c7:a3:69:04:91:27:ac:
a5:11:76:5b:9f:4c:c6:56:16:5d:bd:3c:9f:bf:95:c2:39:e2:
31:3c:c4:82:57:04:46:5a:69:b8:dd:d8:a8:5f:eb:25:ea:28:
4a:a6:4e:c1:85:a3:7c:c9:91:96:18:7d:76:4d:86:8f:b0:10:
4b:73:97:50:4c:fb:f7:d2:4b:00:09:16:d6:cb:99:d9:ba:a5:
71:f7:d4:26:47:31:57:c0:16:7a:80:79:81:95:7f:3c:be:35:
6c:6b:35:a4:fc:bf:8f:17:57:3a:78:da:5a:ae:58:b4:00:f9:
7e:ec:97:e5:76:82:cd:a9:b8:cb:76:36:31:7b:62:c1:bf:7a:
c5:ef:87:47:2e:22:c3:a5:f4:ff:28:0f:77:9a:95:65:f3:4b:
17:20:ca:f2:e3:27:8e:78:90:6d:76:ca:ea:e7:a6:0b:a7:aa:
01:e2:bd:f5:e8:9e:0d:4a:6c:cd:d1:c2:cf:f3:ad:51:4d:b5:
6f:3e:0e:6a:17:66:4f:a6:fb:42:7e:f9:1b:1e:67:15:15:7e:
a0:15:06:a9:7f:37:b4:0c:f6:ad:52:db:c0:64:ee:bb:d5:0e:
f0:76:18:8a:c0:73:d8:96:b3:9c:fc:ea:6e:1e:ee:fa:99:77:
f5:84:5b:88
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDm8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA1MjMw
NjEyMzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ4NUNGNjRBQTU2QjBC
NTMxQ0QxMDI1Qjc2MjQyNjlBQUMwNjM0NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFN1xdrgY0qe4gW+kInsd3puXt7+W4yC07ZHcjGdPEhKefkt+W
bA3kRKiYFjQwcSTs++pdDD0mcPOV8YY/+K30zMpJmcBrCl0fcCBOZXj+tRPER4gZ
php1kSwzrJySbJMO9hN3v/86ZlVCau7eKYa8tszwhsNqSvr+zCfQUPnHpitdIfSq
oAB82ZqwYQPXkg3/OMA5UfGHWz3Slfo7rjESZo8+bB6u/6uLmZAk1j/YQd+X4qEW
DALZsU1aYtqbDFA/jIJewO6f6mUXpQ6XRsOApp7/bMkLXBdK67i3zlTdaFrWDqpT
WsTlIzFybintUV3/G+FEGvVdEtwtQKYQnTcVAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU2Fz2SqVrC1Mc0QJbdiQmmqwGNFowHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzJGejJTcVZyQzFNYzBRSmJkaVFtbXF3
R05Gby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADfFkIwDQYJ
KoZIhvcNAQELBQADggEBAJ97V1fsqOHJ7HcOx6NpBJEnrKURdlufTMZWFl29PJ+/
lcI54jE8xIJXBEZaabjd2Khf6yXqKEqmTsGFo3zJkZYYfXZNho+wEEtzl1BM+/fS
SwAJFtbLmdm6pXH31CZHMVfAFnqAeYGVfzy+NWxrNaT8v48XVzp42lquWLQA+X7s
l+V2gs2puMt2NjF7YsG/esXvh0cuIsOl9P8oD3ealWXzSxcgyvLjJ454kG12yurn
pgunqgHivfXong1KbM3Rws/zrVFNtW8+DmoXZk+m+0J++RseZxUVfqAVBql/N7QM
9q1S28Bk7rvVDvB2GIrAc9iWs5z86m4e7vqZd/WEW4g=
-----END CERTIFICATE-----
Generated at Sat May 10 18:53:25 2025 by rpki-client