Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/YHlYlUN784BqVOCOZ3GvFfMg6po.roa
File: YHlYlUN784BqVOCOZ3GvFfMg6po.roa (raw, json)
Hash identifier: haelyS6RiR8EHKp9oaH2TOzm96t7sqmuANCpYTYk+vw=
Subject key identifier: 60:79:58:95:43:7B:F3:80:6A:54:E0:8E:67:71:AF:15:F3:20:EA:9A
Certificate issuer: /CN=646D69C88D096F7D39220D288688914729045EF8
Certificate serial: 0571
Authority key identifier: 64:6D:69:C8:8D:09:6F:7D:39:22:0D:28:86:88:91:47:29:04:5E:F8
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ZG1pyI0Jb305Ig0ohoiRRykEXvg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/YHlYlUN784BqVOCOZ3GvFfMg6po.roa
Signing time: Mon 24 Jul 2023 09:08:49 +0000
ROA not before: Mon 24 Jul 2023 09:08:49 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17420
IP address blocks: 211.79.192.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1393 (0x571)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=646D69C88D096F7D39220D288688914729045EF8
Validity
Not Before: Jul 24 09:08:49 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=60795895437BF3806A54E08E6771AF15F320EA9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:75:b1:63:79:f3:9c:e6:3a:b1:60:5a:fd:0b:
30:bf:ae:a1:f0:50:f1:b3:b5:34:1f:61:17:12:64:
30:97:4d:38:02:4f:4f:ae:d1:51:73:cc:52:05:e3:
78:21:a4:23:4b:87:61:96:17:8c:ae:87:9b:6a:84:
7f:af:b4:36:00:ad:14:1a:ee:96:57:2e:ab:6c:43:
4d:97:cd:33:aa:d8:58:4f:28:15:72:67:f0:da:3d:
8f:be:38:fe:d3:48:43:f3:2f:80:3f:1c:61:43:7f:
ac:af:57:a3:16:5c:09:35:b0:a2:61:7a:c5:7a:a3:
93:7c:22:eb:7e:e2:3f:22:8c:31:4f:1e:fd:4a:b5:
16:13:39:cb:ef:31:e4:bf:a7:52:15:52:96:a3:c4:
f2:50:9b:f0:e4:f9:98:01:da:5f:b8:46:d5:cc:86:
38:af:d1:a4:7e:31:e8:cf:ec:36:e5:70:5d:b2:bb:
f5:5b:5e:a0:83:08:95:f6:8b:0f:b1:32:4c:5c:9c:
c2:1a:f3:dc:c0:31:4d:38:53:9a:76:f7:c4:8a:8c:
66:83:62:61:44:c9:9a:db:24:45:bb:b5:fc:dd:23:
ac:9b:a9:f5:1a:96:09:56:0e:6b:97:74:47:01:a2:
2a:eb:a9:d7:ba:1e:df:bb:fc:4a:e9:fc:ec:e7:e0:
51:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:79:58:95:43:7B:F3:80:6A:54:E0:8E:67:71:AF:15:F3:20:EA:9A
X509v3 Authority Key Identifier:
keyid:64:6D:69:C8:8D:09:6F:7D:39:22:0D:28:86:88:91:47:29:04:5E:F8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/ZG1pyI0Jb305Ig0ohoiRRykEXvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZG1pyI0Jb305Ig0ohoiRRykEXvg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/YHlYlUN784BqVOCOZ3GvFfMg6po.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.79.192.0/20
Signature Algorithm: sha256WithRSAEncryption
08:82:16:01:f8:27:26:74:61:75:50:72:49:3a:52:0f:a4:18:
58:a8:a6:f4:5c:f4:74:9f:8d:9c:e4:05:7e:f1:2c:e6:aa:4c:
a1:c2:98:f5:5f:66:df:96:b7:c1:f2:ef:47:3f:34:fd:d8:60:
bb:af:58:b8:35:27:40:17:fb:9c:83:f9:b7:b1:1d:d0:4b:54:
8f:e2:0f:7c:9d:28:48:ac:dd:e7:8f:46:51:49:ea:05:3e:9b:
d6:08:ac:be:16:0a:95:84:b4:b9:e6:36:07:be:fc:76:55:af:
e9:59:8a:a8:a2:3f:d5:91:b7:94:9a:49:b7:ba:5b:51:40:04:
84:44:ba:44:57:fb:6e:0c:5e:c6:7e:05:33:06:b9:46:38:a8:
f7:d7:b9:2f:47:48:37:0f:57:03:56:3d:7a:5c:ad:9b:21:1a:
81:41:22:67:fd:7d:6e:85:f8:ae:2d:c1:cb:c4:0c:4e:a8:58:
29:ce:90:88:37:0c:11:9a:94:97:f8:9b:be:8d:56:23:da:8f:
de:54:d5:af:3d:3b:a6:12:f1:a2:39:c9:16:fe:c5:18:83:6d:
42:71:64:18:94:43:98:06:80:73:8b:57:3c:5b:5e:ae:a7:aa:
5a:43:87:b0:80:db:6e:b1:71:11:40:ba:d2:b9:63:e2:97:81:
40:3d:20:3a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICBXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjQ2
RDY5Qzg4RDA5NkY3RDM5MjIwRDI4ODY4ODkxNDcyOTA0NUVGODAeFw0yMzA3MjQw
OTA4NDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYwNzk1ODk1NDM3QkYz
ODA2QTU0RTA4RTY3NzFBRjE1RjMyMEVBOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4dbFjefOc5jqxYFr9CzC/rqHwUPGztTQfYRcSZDCXTTgCT0+u
0VFzzFIF43ghpCNLh2GWF4yuh5tqhH+vtDYArRQa7pZXLqtsQ02XzTOq2FhPKBVy
Z/DaPY++OP7TSEPzL4A/HGFDf6yvV6MWXAk1sKJhesV6o5N8Iut+4j8ijDFPHv1K
tRYTOcvvMeS/p1IVUpajxPJQm/Dk+ZgB2l+4RtXMhjiv0aR+MejP7DblcF2yu/Vb
XqCDCJX2iw+xMkxcnMIa89zAMU04U5p298SKjGaDYmFEyZrbJEW7tfzdI6ybqfUa
lglWDmuXdEcBoirrqde6Ht+7/Erp/Ozn4FHTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYHlYlUN784BqVOCOZ3GvFfMg6powHwYDVR0jBBgwFoAUZG1pyI0Jb305Ig0o
hoiRRykEXvgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUNFUkVE
Qy9aRzFweUkwSmIzMDVJZzBvaG9pUlJ5a0VYdmcuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1pHMXB5STBKYjMwNUlnMG9ob2lSUnlrRVh2Zy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FDRVJFREMvWUhsWWxVTjc4NEJxVk9D
T1ozR3ZGZk1nNnBvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BNNPwDANBgkqhkiG9w0BAQsFAAOCAQEACIIWAfgnJnRhdVBySTpSD6QYWKim9Fz0
dJ+NnOQFfvEs5qpMocKY9V9m35a3wfLvRz80/dhgu69YuDUnQBf7nIP5t7Ed0EtU
j+IPfJ0oSKzd549GUUnqBT6b1gisvhYKlYS0ueY2B778dlWv6VmKqKI/1ZG3lJpJ
t7pbUUAEhES6RFf7bgxexn4FMwa5Rjio99e5L0dINw9XA1Y9elytmyEagUEiZ/19
boX4ri3By8QMTqhYKc6QiDcMEZqUl/ibvo1WI9qP3lTVrz07phLxojnJFv7FGINt
QnFkGJRDmAaAc4tXPFterqeqWkOHsIDbbrFxEUC60rlj4peBQD0gOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:30 2024 by rpki-client on console-fra.rpki-client.org