Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/fM9sht3afgwBe_n_LYjqUc--L7o.roa
File: fM9sht3afgwBe_n_LYjqUc--L7o.roa (raw, json)
Hash identifier: mkivs9rh8CP8bE5t2SZ48AC+tJ33Iunq6CPOrZMYksc=
Subject key identifier: 7C:CF:6C:86:DD:DA:7E:0C:01:7B:F9:FF:2D:88:EA:51:CF:BE:2F:BA
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 12BD
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/fM9sht3afgwBe_n_LYjqUc--L7o.roa
Signing time: Wed 29 Sep 2021 02:54:55 +0000
ROA not before: Wed 29 Sep 2021 02:54:55 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24165
IP address blocks: 49.159.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4797 (0x12bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 29 02:54:55 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=7CCF6C86DDDA7E0C017BF9FF2D88EA51CFBE2FBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ff:40:64:2f:be:70:a6:9b:ad:76:8c:95:4e:
a6:22:44:32:c2:43:54:ba:be:48:e5:de:b1:da:ee:
0a:82:e4:bb:b3:be:a6:cc:a3:14:20:c8:c2:42:9e:
e2:2a:38:b5:87:18:c6:19:35:e6:95:4e:92:ac:e2:
8c:43:df:2d:3c:10:bf:77:d7:a4:61:dd:bc:83:36:
be:bc:e7:c7:5b:40:54:5c:be:d1:c0:a9:be:86:14:
ed:38:7c:9f:71:a5:3f:8d:dc:f7:9c:ec:67:4b:30:
9d:48:fe:53:56:9b:70:10:63:a3:af:0d:b3:63:d3:
74:05:f6:0c:c4:68:ac:c9:d4:18:96:54:10:b9:42:
81:f9:f6:a6:16:f2:6f:13:4f:7e:60:c1:68:98:9d:
36:68:1e:ca:b4:d2:29:e9:e7:4e:f5:78:20:fb:47:
4b:22:d9:f9:da:27:6b:c4:0a:87:72:93:6f:b7:39:
27:4f:e1:0b:ee:ea:be:35:da:a1:11:24:88:99:5f:
92:17:af:11:fe:ad:6c:14:45:aa:94:2a:44:71:21:
48:49:ea:3a:77:b3:ab:9c:aa:24:b1:c9:b4:fa:32:
b8:c0:b4:31:bf:4a:9b:9a:25:bd:a2:04:0e:cd:05:
08:8b:41:84:cc:36:5c:d1:be:0d:42:50:24:1a:14:
39:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CF:6C:86:DD:DA:7E:0C:01:7B:F9:FF:2D:88:EA:51:CF:BE:2F:BA
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/fM9sht3afgwBe_n_LYjqUc--L7o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.159.220.0/22
Signature Algorithm: sha256WithRSAEncryption
19:c7:3c:48:b2:1b:d0:e0:03:81:01:34:7b:d3:99:63:9b:45:
1f:14:b1:7a:09:f8:c8:a3:33:6d:eb:94:83:0d:d9:a6:0c:da:
54:0b:89:86:6b:2d:e4:56:83:83:0b:96:7d:cb:5e:1a:1f:e4:
14:97:b5:92:5d:20:7e:21:8d:1f:24:9e:e9:aa:c5:b1:ec:8d:
6a:29:a2:e5:14:7d:80:12:80:ba:22:10:f4:40:ef:c5:b9:7f:
7d:ad:b4:8b:ac:a9:09:bd:91:3d:4e:ee:49:10:9c:69:36:02:
57:32:12:d5:c5:bb:fc:19:0e:12:63:4b:71:ae:36:15:0b:3e:
b1:06:f3:d6:b7:4c:d4:2d:78:15:25:8d:e5:5e:69:c1:16:2d:
12:fe:9a:d3:fc:bf:f1:6c:a8:bc:09:eb:2f:d5:75:a6:99:5c:
29:d0:0a:3d:ae:a4:67:fe:94:cf:87:c0:1c:a8:8e:20:d8:e7:
27:88:e7:48:68:b1:a6:b1:31:63:5b:4a:6e:87:16:05:7d:03:
8b:ff:5d:36:4f:e0:5f:f0:2d:dd:1c:22:d2:b8:e2:22:83:b0:
39:f2:de:3a:e8:94:39:2c:1a:b4:95:5a:3b:b9:af:3e:bc:d4:
ab:4d:d6:a1:b6:a0:90:85:da:36:bd:a9:45:83:0f:5f:9c:dc:
2c:c3:d5:25
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEr0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0NTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDdDQ0Y2Qzg2REREQTdF
MEMwMTdCRjlGRjJEODhFQTUxQ0ZCRTJGQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ/0BkL75wpputdoyVTqYiRDLCQ1S6vkjl3rHa7gqC5LuzvqbM
oxQgyMJCnuIqOLWHGMYZNeaVTpKs4oxD3y08EL9316Rh3byDNr6858dbQFRcvtHA
qb6GFO04fJ9xpT+N3Pec7GdLMJ1I/lNWm3AQY6OvDbNj03QF9gzEaKzJ1BiWVBC5
QoH59qYW8m8TT35gwWiYnTZoHsq00inp5071eCD7R0si2fnaJ2vECodyk2+3OSdP
4Qvu6r412qERJIiZX5IXrxH+rWwURaqUKkRxIUhJ6jp3s6ucqiSxybT6MrjAtDG/
SpuaJb2iBA7NBQiLQYTMNlzRvg1CUCQaFDmrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfM9sht3afgwBe/n/LYjqUc++L7owHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2ZNOXNodDNhZmd3QmVfbl9M
WWpxVWMtLUw3by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
n9wwDQYJKoZIhvcNAQELBQADggEBABnHPEiyG9DgA4EBNHvTmWObRR8UsXoJ+Mij
M23rlIMN2aYM2lQLiYZrLeRWg4MLln3LXhof5BSXtZJdIH4hjR8knumqxbHsjWop
ouUUfYASgLoiEPRA78W5f32ttIusqQm9kT1O7kkQnGk2AlcyEtXFu/wZDhJjS3Gu
NhULPrEG89a3TNQteBUljeVeacEWLRL+mtP8v/FsqLwJ6y/VdaaZXCnQCj2upGf+
lM+HwByojiDY5yeI50hosaaxMWNbSm6HFgV9A4v/XTZP4F/wLd0cItK44iKDsDny
3jrolDksGrSVWju5rz681KtN1qG2oJCF2ja9qUWDD1+c3CzD1SU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-fra.rpki-client.org