Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/yPdVQxeurTGB-__I5FUlajNvQfI.roa
File: yPdVQxeurTGB-__I5FUlajNvQfI.roa (raw, json)
Hash identifier: 3ssI2rKLbziOb4UEVOIW4GlQ2ANu+fCe8vUKfMDLr90=
Subject key identifier: C8:F7:55:43:17:AE:AD:31:81:FB:FF:C8:E4:55:25:6A:33:6F:41:F2
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0909
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/yPdVQxeurTGB-__I5FUlajNvQfI.roa
Signing time: Sun 07 Feb 2021 11:55:48 +0000
ROA not before: Sun 07 Feb 2021 11:55:48 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9244
IP address blocks: 61.56.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2313 (0x909)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Feb 7 11:55:48 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C8F7554317AEAD3181FBFFC8E455256A336F41F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:1c:c4:6f:e0:c6:9f:1d:f4:d3:de:35:25:
1c:4a:8f:c1:a1:55:59:d7:05:a9:f5:1e:1d:3c:19:
a4:3c:0f:12:34:3a:76:07:3e:18:8e:3d:70:2d:45:
30:5f:c3:ff:c5:43:7e:48:da:ce:03:60:54:a1:2b:
4e:fe:14:79:b5:56:9a:0a:06:49:45:e0:9a:d7:80:
c7:2e:28:6d:2f:82:d9:d2:51:2e:51:57:0e:68:b5:
72:d0:34:b7:25:be:31:05:8d:ed:0b:c5:97:06:9b:
36:02:96:82:7b:d7:03:eb:b2:cf:38:a3:a5:a4:47:
38:de:2a:54:77:a4:85:0c:02:1a:d2:00:14:ad:47:
98:57:75:33:3b:37:e6:34:0b:9c:50:ab:fb:31:5d:
07:43:a8:be:b1:4a:fc:cc:5e:64:aa:c1:8d:33:dd:
fd:39:a9:df:c1:8e:a9:d8:35:ce:a5:04:65:0a:7e:
d6:b7:8e:57:17:b8:a0:81:e1:d3:e6:04:18:b8:da:
0b:b2:27:09:aa:f9:5a:09:5a:db:4b:c1:89:d8:4a:
1f:dd:34:65:eb:5e:72:8d:7f:42:50:9b:8e:0c:5a:
08:8c:dc:27:03:45:ff:72:db:e6:eb:e0:83:cd:e8:
ef:29:85:f2:77:79:33:55:2d:63:7d:6f:0a:28:14:
c4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F7:55:43:17:AE:AD:31:81:FB:FF:C8:E4:55:25:6A:33:6F:41:F2
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/yPdVQxeurTGB-__I5FUlajNvQfI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.56.88.0/21
Signature Algorithm: sha256WithRSAEncryption
ba:80:03:89:37:d0:df:95:38:04:0f:bb:56:a2:07:d8:c9:fe:
87:c6:8e:eb:b2:f0:60:dd:09:1b:cc:0b:84:da:bd:b0:47:13:
0c:b4:c7:3b:bd:c4:04:0d:25:77:ef:75:dd:77:41:af:c6:41:
ff:a9:ee:0f:ed:8f:fe:a3:11:0e:8c:f2:3d:ae:55:5b:c7:70:
3d:94:11:d1:e2:28:fd:30:34:3b:a1:54:70:9f:d0:98:22:d1:
11:22:46:ca:98:19:51:92:ca:8c:e6:69:d8:b7:29:3b:f2:11:
d5:a7:d8:61:b8:0f:17:ff:10:42:e7:43:d8:f7:75:85:f2:b2:
e7:e3:28:0b:02:00:15:a7:fa:e4:02:6f:92:00:1c:70:55:ce:
f0:fc:ec:9d:a2:49:ab:d2:70:d5:aa:1b:33:c0:84:4c:98:ad:
41:cc:16:d2:0d:fe:ba:f8:ac:d5:3f:dd:05:06:64:c8:74:85:
b4:b2:be:bb:59:e9:41:d2:61:07:6d:9d:ea:ad:6d:e7:72:fe:
de:95:fc:88:12:58:66:81:07:1f:91:1d:03:c9:a0:5b:5a:53:
7b:b9:95:59:5c:0c:7b:e3:6e:aa:d0:67:3b:47:6c:63:e0:78:
98:8c:b8:3c:fa:7e:90:e9:85:04:e5:d1:f6:69:27:b9:07:91:
9c:35:46:e6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMTAyMDcx
MTU1NDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM4Rjc1NTQzMTdBRUFE
MzE4MUZCRkZDOEU0NTUyNTZBMzM2RjQxRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8vhzEb+DGnx300941JRxKj8GhVVnXBan1Hh08GaQ8DxI0OnYH
PhiOPXAtRTBfw//FQ35I2s4DYFShK07+FHm1VpoKBklF4JrXgMcuKG0vgtnSUS5R
Vw5otXLQNLclvjEFje0LxZcGmzYCloJ71wPrss84o6WkRzjeKlR3pIUMAhrSABSt
R5hXdTM7N+Y0C5xQq/sxXQdDqL6xSvzMXmSqwY0z3f05qd/BjqnYNc6lBGUKfta3
jlcXuKCB4dPmBBi42guyJwmq+VoJWttLwYnYSh/dNGXrXnKNf0JQm44MWgiM3CcD
Rf9y2+br4IPN6O8phfJ3eTNVLWN9bwooFMTLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyPdVQxeurTGB+//I5FUlajNvQfIwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL3lQZFZReGV1clRHQi1fX0k1
RlVsYWpOdlFmSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
OFgwDQYJKoZIhvcNAQELBQADggEBALqAA4k30N+VOAQPu1aiB9jJ/ofGjuuy8GDd
CRvMC4TavbBHEwy0xzu9xAQNJXfvdd13Qa/GQf+p7g/tj/6jEQ6M8j2uVVvHcD2U
EdHiKP0wNDuhVHCf0Jgi0REiRsqYGVGSyozmadi3KTvyEdWn2GG4Dxf/EELnQ9j3
dYXysufjKAsCABWn+uQCb5IAHHBVzvD87J2iSavScNWqGzPAhEyYrUHMFtIN/rr4
rNU/3QUGZMh0hbSyvrtZ6UHSYQdtneqtbedy/t6V/IgSWGaBBx+RHQPJoFtaU3u5
lVlcDHvjbqrQZztHbGPgeJiMuDz6fpDphQTl0fZpJ7kHkZw1RuY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org