Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/LEIdDbz2t3YlFYTm5E-Pe5U4pNE.roa
File: LEIdDbz2t3YlFYTm5E-Pe5U4pNE.roa (raw, json)
Hash identifier: z8HVpefJBPOkP67vL4qwH4Xu8q4UyBZMJDEE4aZb7TM=
Subject key identifier: 2C:42:1D:0D:BC:F6:B7:76:25:15:84:E6:E4:4F:8F:7B:95:38:A4:D1
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 12A3
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/LEIdDbz2t3YlFYTm5E-Pe5U4pNE.roa
Signing time: Wed 29 Sep 2021 02:54:49 +0000
ROA not before: Wed 29 Sep 2021 02:54:49 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24163
IP address blocks: 49.158.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4771 (0x12a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 29 02:54:49 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=2C421D0DBCF6B776251584E6E44F8F7B9538A4D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3b:0d:a8:98:ca:d7:f7:d4:f9:a1:e7:aa:2d:
0d:5c:80:5b:78:6b:1d:bd:a6:b9:60:73:da:93:28:
03:33:7e:a5:ab:06:2d:57:25:75:bb:33:c3:61:d7:
7a:15:52:1a:e1:9d:df:5e:5b:11:98:94:7d:60:3f:
24:db:8f:97:aa:82:5c:a9:90:3c:b6:78:da:72:4b:
df:64:9e:9d:b1:bf:b7:d1:c5:e3:4d:35:2c:6b:d4:
4c:26:59:fc:d0:73:f1:28:07:14:86:f4:aa:aa:a0:
bb:c1:53:ad:86:38:4e:77:6b:9d:30:59:80:2d:a0:
59:4d:30:a1:85:81:bd:f9:e6:bb:57:72:0f:0d:6f:
bc:d1:78:03:aa:59:93:0f:38:66:8f:87:89:0e:fd:
97:44:dc:d3:d3:4e:94:94:12:35:4f:ef:e9:60:c9:
46:f3:34:48:4a:9e:9b:01:19:84:cc:30:a8:11:32:
31:af:0c:7a:6b:00:7b:3f:f2:37:40:ab:e8:9a:d1:
4d:72:d6:98:89:0c:34:1b:30:51:b7:53:23:e8:09:
69:3a:b3:2d:c9:03:d3:2e:f9:1b:15:77:e8:92:bf:
9a:c1:9d:e9:a5:b7:d6:0b:89:5c:ee:a6:7d:f5:57:
75:30:12:41:b7:ee:80:c8:6c:29:f5:a7:25:42:6c:
0b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:42:1D:0D:BC:F6:B7:76:25:15:84:E6:E4:4F:8F:7B:95:38:A4:D1
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/LEIdDbz2t3YlFYTm5E-Pe5U4pNE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.204.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:51:ef:23:d4:1b:8d:6e:f8:b0:13:18:1f:b6:cd:02:73:0c:
2d:5d:0b:61:e7:57:50:06:4e:b1:d1:32:6d:19:d9:86:36:6a:
b1:a8:61:1c:c4:b4:82:5e:bf:4f:3a:e0:d5:eb:c0:7f:ef:60:
89:a5:12:4f:c5:fe:50:30:cb:93:ca:0e:19:11:2c:a7:3e:eb:
4c:1e:7a:d0:93:d8:f5:a1:16:54:18:b3:49:22:2f:98:91:a7:
c5:0e:19:67:54:53:f4:69:5c:04:d4:98:33:c7:28:d2:5d:ec:
28:95:ce:69:0d:58:b4:cb:0b:d9:33:d3:a5:1c:49:20:a7:bd:
a6:3f:6c:c1:40:7d:18:6c:e0:a8:ab:0e:da:67:99:3f:f2:a6:
14:d8:a4:ea:fe:d6:94:58:bc:46:99:99:85:44:40:54:a8:20:
27:8b:f1:21:2e:64:cf:0f:f4:a5:7e:de:0f:3f:73:0e:6b:5f:
58:91:70:db:fa:68:5b:df:9e:22:37:e0:c0:b7:52:4c:d1:05:
d1:58:98:fe:89:d4:53:d6:59:5e:aa:bc:80:00:b8:a5:4a:08:
8a:40:84:69:94:3e:4e:ef:6b:c0:71:34:14:ab:b9:e4:02:d4:
40:9b:64:44:c6:3c:f4:e4:75:4f:00:e9:1a:94:f8:6c:60:07:
89:88:fa:f0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEqMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0NDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDJDNDIxRDBEQkNGNkI3
NzYyNTE1ODRFNkU0NEY4RjdCOTUzOEE0RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8Ow2omMrX99T5oeeqLQ1cgFt4ax29prlgc9qTKAMzfqWrBi1X
JXW7M8Nh13oVUhrhnd9eWxGYlH1gPyTbj5eqglypkDy2eNpyS99knp2xv7fRxeNN
NSxr1EwmWfzQc/EoBxSG9KqqoLvBU62GOE53a50wWYAtoFlNMKGFgb355rtXcg8N
b7zReAOqWZMPOGaPh4kO/ZdE3NPTTpSUEjVP7+lgyUbzNEhKnpsBGYTMMKgRMjGv
DHprAHs/8jdAq+ia0U1y1piJDDQbMFG3UyPoCWk6sy3JA9Mu+RsVd+iSv5rBneml
t9YLiVzupn31V3UwEkG37oDIbCn1pyVCbAtPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULEIdDbz2t3YlFYTm5E+Pe5U4pNEwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0xFSWREYnoydDNZbEZZVG01
RS1QZTVVNHBORS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
nswwDQYJKoZIhvcNAQELBQADggEBAG9R7yPUG41u+LATGB+2zQJzDC1dC2HnV1AG
TrHRMm0Z2YY2arGoYRzEtIJev0864NXrwH/vYImlEk/F/lAwy5PKDhkRLKc+60we
etCT2PWhFlQYs0kiL5iRp8UOGWdUU/RpXATUmDPHKNJd7CiVzmkNWLTLC9kz06Uc
SSCnvaY/bMFAfRhs4KirDtpnmT/yphTYpOr+1pRYvEaZmYVEQFSoICeL8SEuZM8P
9KV+3g8/cw5rX1iRcNv6aFvfniI34MC3UkzRBdFYmP6J1FPWWV6qvIAAuKVKCIpA
hGmUPk7va8BxNBSrueQC1ECbZETGPPTkdU8A6RqU+GxgB4mI+vA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:46 2024 by rpki-client on console-ams.rpki-client.org