Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/On2c2y61tab0-tmzgFJZI6CES6s.roa
File: On2c2y61tab0-tmzgFJZI6CES6s.roa (raw, json)
Hash identifier: 7FudWT2Pw8+7w0z8w6Z4ZHT3MIgFhP/wEHRWW6EeVmQ=
Subject key identifier: 3A:7D:9C:DB:2E:B5:B5:A6:F4:FA:D9:B3:80:52:59:23:A0:84:4B:AB
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 0B8E
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/On2c2y61tab0-tmzgFJZI6CES6s.roa
Signing time: Tue 29 Sep 2020 10:08:34 +0000
ROA not before: Tue 29 Sep 2020 10:08:34 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24163
IP address blocks: 49.158.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2958 (0xb8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 29 10:08:34 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3A7D9CDB2EB5B5A6F4FAD9B380525923A0844BAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:17:5a:e2:e5:0e:a8:00:d7:fe:aa:d8:5e:a3:
a3:9f:df:59:f6:ef:1c:38:ec:3e:35:94:16:df:7c:
70:67:e8:66:95:f1:cd:cf:75:5f:29:fe:7a:b0:cf:
48:b3:3f:88:59:b0:a4:b8:07:64:35:cb:39:d4:ca:
99:fb:ca:24:a5:4b:44:bc:8e:1f:e9:92:04:64:32:
d8:a4:0e:70:16:40:e9:a8:34:23:0c:6e:99:9e:96:
66:c1:a0:7a:90:5b:ba:23:a4:de:9f:c8:7b:b6:7c:
aa:c9:f8:47:7b:48:42:4a:ba:b9:37:e6:bd:53:3d:
f9:fe:8a:16:0f:84:32:c5:21:7e:14:70:7a:f6:07:
3a:4a:e7:16:5c:12:49:26:8c:0a:77:62:fb:02:bc:
48:ac:4f:41:5a:47:cb:ec:3a:2b:9b:11:10:9e:e0:
d8:6a:e8:c6:4c:31:26:21:9d:2d:e0:d4:2a:cd:96:
bf:1a:d4:dd:37:14:f7:a5:24:78:71:6b:19:35:d4:
33:92:58:26:85:0d:aa:82:2d:0a:fc:5b:f2:70:a0:
d1:c6:c2:01:67:31:de:1a:12:b5:47:6d:e2:67:1f:
d4:cc:a1:a5:ae:c3:00:4f:5b:1d:a4:fb:ef:cd:23:
ce:f1:67:f2:18:ca:c3:78:a9:4a:75:76:7c:18:b8:
e7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7D:9C:DB:2E:B5:B5:A6:F4:FA:D9:B3:80:52:59:23:A0:84:4B:AB
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/On2c2y61tab0-tmzgFJZI6CES6s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.140.0/22
Signature Algorithm: sha256WithRSAEncryption
39:3c:23:0b:6a:da:a9:11:24:bc:1b:8b:9d:2e:2e:04:6e:84:
00:4c:48:35:9e:aa:68:68:5a:5c:e2:89:62:31:fb:ea:e8:76:
2a:30:26:63:cd:a0:0c:02:00:87:a1:58:2b:62:27:3c:b4:6c:
e2:ab:6c:67:28:79:31:f6:7c:c0:62:9a:5d:8f:05:98:70:eb:
23:c6:0d:e4:c7:66:38:51:71:c4:53:86:c8:82:0e:84:b3:4b:
aa:c0:02:33:7e:70:12:f1:c4:f7:23:38:9a:10:24:04:47:c8:
3a:55:8e:14:87:3c:5e:0c:65:cc:14:6c:ca:3f:f1:75:aa:28:
b2:16:25:f1:62:38:3c:e7:aa:cd:a1:d7:f0:f4:cd:40:0d:3f:
66:77:e0:fa:59:af:cb:9e:18:00:87:9d:8d:3d:85:c5:2d:da:
bf:cc:1b:93:93:4e:7a:91:84:1a:8d:8d:ae:62:23:ac:84:9c:
15:93:c3:fc:ea:9c:4e:cc:d7:11:0e:b2:f8:54:ae:2a:33:82:
00:f5:0f:1d:c7:5f:5f:f2:c4:99:c7:b5:ee:ec:b5:78:99:3c:
3f:b9:74:39:8b:76:1f:65:0d:82:d6:8e:82:b1:1f:74:91:a4:
e5:ed:97:e1:9b:7d:3c:3e:67:ce:1b:35:67:0d:b8:74:b9:7f:
77:2b:28:dc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMDA5Mjkx
MDA4MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNBN0Q5Q0RCMkVCNUI1
QTZGNEZBRDlCMzgwNTI1OTIzQTA4NDRCQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfF1ri5Q6oANf+qtheo6Of31n27xw47D41lBbffHBn6GaV8c3P
dV8p/nqwz0izP4hZsKS4B2Q1yznUypn7yiSlS0S8jh/pkgRkMtikDnAWQOmoNCMM
bpmelmbBoHqQW7ojpN6fyHu2fKrJ+Ed7SEJKurk35r1TPfn+ihYPhDLFIX4UcHr2
BzpK5xZcEkkmjAp3YvsCvEisT0FaR8vsOiubERCe4Nhq6MZMMSYhnS3g1CrNlr8a
1N03FPelJHhxaxk11DOSWCaFDaqCLQr8W/JwoNHGwgFnMd4aErVHbeJnH9TMoaWu
wwBPWx2k++/NI87xZ/IYysN4qUp1dnwYuOdFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOn2c2y61tab0+tmzgFJZI6CES6swHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL09uMmMyeTYxdGFiMC10bXpn
RkpaSTZDRVM2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
nowwDQYJKoZIhvcNAQELBQADggEBADk8Iwtq2qkRJLwbi50uLgRuhABMSDWeqmho
WlziiWIx++rodiowJmPNoAwCAIehWCtiJzy0bOKrbGcoeTH2fMBiml2PBZhw6yPG
DeTHZjhRccRThsiCDoSzS6rAAjN+cBLxxPcjOJoQJARHyDpVjhSHPF4MZcwUbMo/
8XWqKLIWJfFiODznqs2h1/D0zUANP2Z34PpZr8ueGACHnY09hcUt2r/MG5OTTnqR
hBqNja5iI6yEnBWTw/zqnE7M1xEOsvhUriozggD1Dx3HX1/yxJnHte7stXiZPD+5
dDmLdh9lDYLWjoKxH3SRpOXtl+GbfTw+Z84bNWcNuHS5f3crKNw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:47 2024 by rpki-client on console-ams.rpki-client.org