Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/avnHOMrdR17WqQZKNFsddHnLw1w.roa
File: avnHOMrdR17WqQZKNFsddHnLw1w.roa (raw, json)
Hash identifier: IVsOC6ZMqEQQVROaNLhty/My6BqyGQGebXdClVwGUvY=
Subject key identifier: 6A:F9:C7:38:CA:DD:47:5E:D6:A9:06:4A:34:5B:1D:74:79:CB:C3:5C
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 18D0
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/avnHOMrdR17WqQZKNFsddHnLw1w.roa
Signing time: Sat 22 Oct 2022 06:05:46 +0000
ROA not before: Sat 22 Oct 2022 06:05:46 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24165
IP address blocks: 122.254.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6352 (0x18d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Oct 22 06:05:46 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=6AF9C738CADD475ED6A9064A345B1D7479CBC35C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ac:14:c6:bb:6a:ca:83:f2:24:41:3b:1f:fb:
ce:b9:8e:a4:16:fc:eb:43:b3:12:00:8c:9d:8b:d1:
9d:2e:fc:8f:c1:0c:44:3b:25:19:3c:d8:1e:20:a5:
b3:27:c9:6e:7c:13:8b:1f:6c:9b:e0:09:01:c1:6d:
2c:57:fb:94:62:7c:ec:2a:e6:91:b2:68:46:bd:a6:
28:8b:62:f6:88:1d:ee:af:a1:43:02:95:ec:ea:ec:
c8:d9:c6:66:94:e2:60:44:68:8f:41:9d:d2:42:1c:
ac:93:29:cd:bd:c5:32:67:e4:ac:44:2d:46:7e:69:
6f:65:1a:7f:a1:91:52:6e:ee:e9:b7:ef:3f:c4:cd:
47:0b:6a:cd:81:63:b0:fd:2b:bd:42:0e:c9:a3:ef:
57:03:3a:15:64:0b:85:a8:cb:ee:f5:94:f4:28:7c:
65:87:05:39:b2:07:87:81:cc:25:ed:b7:ee:5d:22:
53:e2:13:48:b9:f4:9f:0c:47:d6:b1:53:f6:0e:35:
75:5a:a5:ec:8c:56:a9:5a:06:fe:85:cd:81:f5:63:
a7:69:f9:ba:b3:c7:5f:87:01:24:01:17:dd:68:91:
3c:56:a1:62:e1:8f:de:e3:ca:ce:12:b6:3d:98:c3:
53:7d:ee:66:3c:11:e7:2c:7f:a6:99:24:d6:1c:39:
1d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F9:C7:38:CA:DD:47:5E:D6:A9:06:4A:34:5B:1D:74:79:CB:C3:5C
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/avnHOMrdR17WqQZKNFsddHnLw1w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.32.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:40:9c:9b:37:1e:63:33:08:4c:11:95:18:6f:94:1a:85:fe:
48:ca:25:f1:5e:cd:0d:c3:c0:ec:e3:c0:c0:ca:63:bf:5a:5b:
0e:7a:9e:12:54:d8:68:27:6b:28:27:90:48:26:76:1b:53:e3:
58:40:c5:d5:97:fe:22:9d:e5:e9:09:e5:78:4d:5c:ae:27:92:
f5:8f:7d:0c:6a:c3:5c:24:f0:9b:45:cf:d7:04:41:1a:6f:ea:
1e:d1:47:89:b7:92:1e:ef:a8:34:91:83:3a:83:4d:bb:a6:6f:
4a:61:8c:83:8c:65:a9:ef:a7:4b:5e:c7:4c:80:ac:6f:f1:94:
25:b7:c7:5f:5b:7e:3a:da:4e:a1:fb:65:8a:34:1f:92:d9:a1:
fa:46:73:c9:77:9a:2b:d7:da:3e:f4:f1:b3:67:7b:d6:da:d6:
65:d8:79:f7:51:15:3e:cf:2c:27:97:2b:ff:73:0b:c8:10:80:
17:56:53:d6:50:5d:47:08:2f:c0:bd:a6:fb:16:66:bc:a6:b7:
0d:15:88:62:48:8f:8b:af:d4:26:a5:a9:af:33:4b:3b:26:f0:
2e:66:46:b0:96:83:02:96:0b:fa:2b:f4:0f:e8:58:d0:92:3a:
c0:a2:2d:89:26:9e:cb:ec:8e:09:47:af:f3:aa:61:fe:de:23:
ea:59:1e:08
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGNAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA1NDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDZBRjlDNzM4Q0FERDQ3
NUVENkE5MDY0QTM0NUIxRDc0NzlDQkMzNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDErBTGu2rKg/IkQTsf+865jqQW/OtDsxIAjJ2L0Z0u/I/BDEQ7
JRk82B4gpbMnyW58E4sfbJvgCQHBbSxX+5RifOwq5pGyaEa9piiLYvaIHe6voUMC
lezq7MjZxmaU4mBEaI9BndJCHKyTKc29xTJn5KxELUZ+aW9lGn+hkVJu7um37z/E
zUcLas2BY7D9K71CDsmj71cDOhVkC4Woy+71lPQofGWHBTmyB4eBzCXtt+5dIlPi
E0i59J8MR9axU/YONXVapeyMVqlaBv6FzYH1Y6dp+bqzx1+HASQBF91okTxWoWLh
j97jys4Stj2Yw1N97mY8Eecsf6aZJNYcOR1tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUavnHOMrdR17WqQZKNFsddHnLw1wwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2F2bkhPTXJkUjE3V3FRWktO
RnNkZEhuTHcxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ6
/iAwDQYJKoZIhvcNAQELBQADggEBAF5AnJs3HmMzCEwRlRhvlBqF/kjKJfFezQ3D
wOzjwMDKY79aWw56nhJU2GgnaygnkEgmdhtT41hAxdWX/iKd5ekJ5XhNXK4nkvWP
fQxqw1wk8JtFz9cEQRpv6h7RR4m3kh7vqDSRgzqDTbumb0phjIOMZanvp0tex0yA
rG/xlCW3x19bfjraTqH7ZYo0H5LZofpGc8l3mivX2j708bNne9ba1mXYefdRFT7P
LCeXK/9zC8gQgBdWU9ZQXUcIL8C9pvsWZrymtw0ViGJIj4uv1Calqa8zSzsm8C5m
RrCWgwKWC/or9A/oWNCSOsCiLYkmnsvsjglHr/OqYf7eI+pZHgg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:48 2024 by rpki-client on console-ams.rpki-client.org