Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/fhRwUHAA-DckDq0cMd_HRI5-qOg.roa
File: fhRwUHAA-DckDq0cMd_HRI5-qOg.roa (raw, json)
Hash identifier: 68igg+OxxkuFICsQ7/TLifknM4FXlfv8iNARCRDZb+Y=
Subject key identifier: 7E:14:70:50:70:00:F8:37:24:0E:AD:1C:31:DF:C7:44:8E:7E:A8:E8
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 0B94
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/fhRwUHAA-DckDq0cMd_HRI5-qOg.roa
Signing time: Tue 29 Sep 2020 10:08:35 +0000
ROA not before: Tue 29 Sep 2020 10:08:35 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24163
IP address blocks: 49.158.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2964 (0xb94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 29 10:08:35 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=7E1470507000F837240EAD1C31DFC7448E7EA8E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:53:57:46:dc:dc:d5:87:17:48:34:b0:0f:91:
41:b6:95:0f:db:d9:38:18:f2:4d:4b:64:89:fc:11:
97:01:a1:87:c8:3a:80:b9:05:c5:90:d3:d8:8b:4c:
e6:d9:c4:9e:6e:35:1c:0e:7c:be:0e:db:00:65:8f:
43:45:32:c1:05:f1:9f:45:bf:f8:77:7b:f9:cc:25:
13:e1:b1:4b:df:e1:95:e8:0e:92:97:64:90:65:aa:
e1:83:c6:61:7c:97:bf:c5:60:0c:b0:69:7d:1b:c5:
f2:32:37:05:b7:1a:ed:32:3d:89:9f:20:9a:a1:1f:
82:7a:22:c4:15:51:af:e0:07:86:2d:8f:74:54:85:
99:11:3f:4f:d6:44:d5:0a:08:68:71:9b:1f:f5:d1:
4f:9f:d1:bf:75:c1:48:1b:bb:be:9a:ed:26:6c:92:
d1:2f:2d:46:b3:f7:d7:e1:c6:0d:79:e3:93:c3:a6:
c1:8b:fb:9d:81:a9:47:2f:ed:48:16:2a:d5:cb:7d:
34:ab:b0:39:8f:cb:37:ab:9a:86:38:4d:72:6b:42:
1b:97:01:8c:b1:2b:44:85:9f:23:db:11:c6:e9:67:
4f:15:fb:13:2f:e2:d4:2b:4b:b6:75:72:99:b7:9f:
06:ca:1a:80:22:e4:8e:c9:58:6e:d6:07:5b:0d:18:
49:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:14:70:50:70:00:F8:37:24:0E:AD:1C:31:DF:C7:44:8E:7E:A8:E8
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/fhRwUHAA-DckDq0cMd_HRI5-qOg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.148.0/22
Signature Algorithm: sha256WithRSAEncryption
07:9b:e2:7a:59:ff:8d:e3:5b:c9:72:9a:e9:c6:19:83:1b:5e:
43:8e:e4:e1:74:95:fe:c9:b8:79:f8:3e:3e:b9:c8:e1:06:70:
4f:88:f1:12:6a:6a:e8:e9:46:31:7f:16:80:ec:4f:7d:03:3c:
ee:51:85:e0:ed:1a:b9:c6:f1:41:29:77:60:5d:5b:7f:64:0f:
72:b5:59:00:6b:1a:53:13:08:ba:a5:e8:1a:a2:6d:48:10:0e:
46:05:60:f5:fb:6a:b5:23:a3:a3:02:e4:a0:5b:7f:bb:db:66:
0a:e2:3f:97:ae:8d:33:0a:dc:a9:0e:20:af:38:bb:02:ce:e9:
fc:ba:ae:d8:65:32:74:b2:07:89:a3:a7:60:53:bc:6c:8f:4b:
1c:4d:5f:57:65:3d:d1:be:85:dc:39:b2:dc:7c:ed:b8:f4:da:
08:76:40:39:dc:e5:32:4f:b4:82:2f:bf:47:ac:48:37:67:50:
5e:60:1f:ca:aa:02:84:c2:f2:d0:26:ad:eb:f7:8b:b8:7f:04:
d5:a9:b4:ec:9a:0c:e3:8c:95:8b:b8:50:b6:49:fe:c1:2b:30:
9c:73:f8:78:b6:0c:04:2e:fe:e8:98:d4:ea:58:8a:91:a7:71:
e0:c2:6e:dc:57:f4:30:67:df:56:4c:c1:bf:0c:38:b5:c7:2f:
f3:9c:a3:00
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC5QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMDA5Mjkx
MDA4MzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDdFMTQ3MDUwNzAwMEY4
MzcyNDBFQUQxQzMxREZDNzQ0OEU3RUE4RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdU1dG3NzVhxdINLAPkUG2lQ/b2TgY8k1LZIn8EZcBoYfIOoC5
BcWQ09iLTObZxJ5uNRwOfL4O2wBlj0NFMsEF8Z9Fv/h3e/nMJRPhsUvf4ZXoDpKX
ZJBlquGDxmF8l7/FYAywaX0bxfIyNwW3Gu0yPYmfIJqhH4J6IsQVUa/gB4Ytj3RU
hZkRP0/WRNUKCGhxmx/10U+f0b91wUgbu76a7SZsktEvLUaz99fhxg1545PDpsGL
+52BqUcv7UgWKtXLfTSrsDmPyzermoY4TXJrQhuXAYyxK0SFnyPbEcbpZ08V+xMv
4tQrS7Z1cpm3nwbKGoAi5I7JWG7WB1sNGElxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfhRwUHAA+DckDq0cMd/HRI5+qOgwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2ZoUndVSEFBLURja0RxMGNN
ZF9IUkk1LXFPZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
npQwDQYJKoZIhvcNAQELBQADggEBAAeb4npZ/43jW8lymunGGYMbXkOO5OF0lf7J
uHn4Pj65yOEGcE+I8RJqaujpRjF/FoDsT30DPO5RheDtGrnG8UEpd2BdW39kD3K1
WQBrGlMTCLql6BqibUgQDkYFYPX7arUjo6MC5KBbf7vbZgriP5eujTMK3KkOIK84
uwLO6fy6rthlMnSyB4mjp2BTvGyPSxxNX1dlPdG+hdw5stx87bj02gh2QDnc5TJP
tIIvv0esSDdnUF5gH8qqAoTC8tAmrev3i7h/BNWptOyaDOOMlYu4ULZJ/sErMJxz
+Hi2DAQu/uiY1OpYipGnceDCbtxX9DBn31ZMwb8MOLXHL/OcowA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-fra.rpki-client.org