Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/hW50qI7PBJQNwjdhqVCLjEmAqJE.roa
File: hW50qI7PBJQNwjdhqVCLjEmAqJE.roa (raw, json)
Hash identifier: DLHshbW2a6SvttU5k67o0ESHxlpmjIfgsoG1nss+ggU=
Subject key identifier: 85:6E:74:A8:8E:CF:04:94:0D:C2:37:61:A9:50:8B:8C:49:80:A8:91
Certificate issuer: /CN=6FDEA34707152290C1D2606FFBFC69B927D40A5B
Certificate serial: 08BB
Authority key identifier: 6F:DE:A3:47:07:15:22:90:C1:D2:60:6F:FB:FC:69:B9:27:D4:0A:5B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/b96jRwcVIpDB0mBv-_xpuSfUCls.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/hW50qI7PBJQNwjdhqVCLjEmAqJE.roa
Signing time: Sun 07 Feb 2021 11:45:10 +0000
ROA not before: Sun 07 Feb 2021 11:45:10 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 61.60.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2235 (0x8bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6FDEA34707152290C1D2606FFBFC69B927D40A5B
Validity
Not Before: Feb 7 11:45:10 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=856E74A88ECF04940DC23761A9508B8C4980A891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c4:f2:01:e1:76:5e:54:0c:1a:22:ca:88:91:
dc:77:63:2c:56:ec:1c:17:2b:e6:9b:ea:c2:a5:34:
90:86:df:f2:01:77:ff:89:90:3e:cb:c7:82:81:d6:
94:e2:b7:28:25:7d:e4:97:66:f9:36:b6:f4:c9:19:
6a:a9:15:3b:ea:03:cb:16:ae:f3:a3:77:0d:eb:d5:
c6:64:74:23:d6:0f:4d:5c:b4:8b:47:db:c9:80:00:
bf:5f:14:0f:71:85:b5:f6:f7:2c:47:23:a4:d4:5d:
80:6a:86:fb:15:b1:85:87:f6:bb:c2:07:07:16:0c:
3e:3b:e9:23:f5:04:ce:f8:85:5a:45:67:76:4e:7a:
cb:54:27:0d:07:91:11:38:e5:0b:1c:53:0e:ee:1b:
55:83:b2:71:7c:b9:e2:81:a3:e4:75:c0:51:ab:9d:
d8:42:11:6b:b7:3a:a1:62:c6:93:33:bb:0b:68:1c:
c3:29:75:93:23:ae:87:de:12:21:ed:05:83:2e:2b:
84:81:15:c4:27:8d:11:a5:63:22:95:74:05:7f:5d:
76:79:9c:42:4c:e4:1c:0d:c4:52:d4:a2:45:b5:79:
7c:2d:08:4b:76:21:b6:f8:59:da:5e:4b:22:45:44:
1a:14:63:41:d3:76:d5:f9:2c:e3:86:4c:66:12:64:
25:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6E:74:A8:8E:CF:04:94:0D:C2:37:61:A9:50:8B:8C:49:80:A8:91
X509v3 Authority Key Identifier:
keyid:6F:DE:A3:47:07:15:22:90:C1:D2:60:6F:FB:FC:69:B9:27:D4:0A:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/b96jRwcVIpDB0mBv-_xpuSfUCls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/b96jRwcVIpDB0mBv-_xpuSfUCls.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/hW50qI7PBJQNwjdhqVCLjEmAqJE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.60.240.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:1b:d5:de:80:5a:fe:e7:43:f6:28:dd:b4:74:59:b4:23:7a:
bf:26:4d:d2:7e:ef:93:c8:72:a2:0f:f2:ce:f4:67:0f:be:97:
3f:bd:d6:27:db:aa:2c:66:e8:0e:00:47:75:1e:6c:cf:c9:96:
d1:85:75:8a:1f:57:4b:7c:6a:e7:c3:a8:c8:83:f9:d7:8d:18:
a0:20:28:03:bd:ec:a9:79:96:ad:40:8b:f8:7c:36:c5:08:2c:
40:85:83:d1:64:3c:3c:d6:1f:71:78:43:70:8b:26:14:0f:6b:
fc:89:ca:79:28:6d:41:6b:37:e3:d6:ca:dd:aa:f6:c8:a1:f5:
0d:36:f9:61:15:a8:0e:0b:77:0a:3f:56:fe:e8:57:9d:60:b4:
51:80:60:54:78:f4:77:88:1c:e2:18:df:b8:5e:be:aa:ca:3a:
09:54:a8:d8:01:7c:31:c0:a9:b8:8e:86:71:46:e4:fa:cc:1b:
4c:8e:27:f8:16:f5:82:03:7c:4b:32:4d:a3:cf:39:cd:4c:b8:
56:df:71:8b:9c:67:c6:0c:8d:d1:34:72:6a:ce:47:3f:b0:3c:
5f:83:75:5a:e5:3d:c7:3c:29:71:fd:0e:ad:56:7d:cd:ee:2a:
b8:f5:92:57:a0:ef:2a:f2:02:14:dd:66:af:52:cf:67:63:95:
e1:50:25:3f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCLswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkZE
RUEzNDcwNzE1MjI5MEMxRDI2MDZGRkJGQzY5QjkyN0Q0MEE1QjAeFw0yMTAyMDcx
MTQ1MTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg1NkU3NEE4OEVDRjA0
OTQwREMyMzc2MUE5NTA4QjhDNDk4MEE4OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhxPIB4XZeVAwaIsqIkdx3YyxW7BwXK+ab6sKlNJCG3/IBd/+J
kD7Lx4KB1pTityglfeSXZvk2tvTJGWqpFTvqA8sWrvOjdw3r1cZkdCPWD01ctItH
28mAAL9fFA9xhbX29yxHI6TUXYBqhvsVsYWH9rvCBwcWDD476SP1BM74hVpFZ3ZO
estUJw0HkRE45QscUw7uG1WDsnF8ueKBo+R1wFGrndhCEWu3OqFixpMzuwtoHMMp
dZMjrofeEiHtBYMuK4SBFcQnjRGlYyKVdAV/XXZ5nEJM5BwNxFLUokW1eXwtCEt2
Ibb4WdpeSyJFRBoUY0HTdtX5LOOGTGYSZCV5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhW50qI7PBJQNwjdhqVCLjEmAqJEwHwYDVR0jBBgwFoAUb96jRwcVIpDB0mBv
+/xpuSfUClswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1lDQ0FU
Vi9iOTZqUndjVklwREIwbUJ2LV94cHVTZlVDbHMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL2I5NmpSd2NWSXBEQjBtQnYtX3hwdVNmVUNscy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NZQ0NBVFYvaFc1MHFJN1BCSlFOd2pk
aHFWQ0xqRW1BcUpFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BD088DANBgkqhkiG9w0BAQsFAAOCAQEASxvV3oBa/udD9ijdtHRZtCN6vyZN0n7v
k8hyog/yzvRnD76XP73WJ9uqLGboDgBHdR5sz8mW0YV1ih9XS3xq58OoyIP5140Y
oCAoA73sqXmWrUCL+Hw2xQgsQIWD0WQ8PNYfcXhDcIsmFA9r/InKeShtQWs349bK
3ar2yKH1DTb5YRWoDgt3Cj9W/uhXnWC0UYBgVHj0d4gc4hjfuF6+qso6CVSo2AF8
McCpuI6GcUbk+swbTI4n+Bb1ggN8SzJNo885zUy4Vt9xi5xnxgyN0TRyas5HP7A8
X4N1WuU9xzwpcf0OrVZ9ze4quPWSV6DvKvICFN1mr1LPZ2OV4VAlPw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:51 2023 by rpki-client on console-ams.rpki-client.org