Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/Iuo7sMlRvSWptSGD3Cu2oTvABUI.roa
File: Iuo7sMlRvSWptSGD3Cu2oTvABUI.roa (raw, json)
Hash identifier: xvAXSDWDl7/jedK2zJkCcMfP7PiGpBEabJamjlY1c/o=
Subject key identifier: 22:EA:3B:B0:C9:51:BD:25:A9:B5:21:83:DC:2B:B6:A1:3B:C0:05:42
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 09C2
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/Iuo7sMlRvSWptSGD3Cu2oTvABUI.roa
Signing time: Wed 29 Sep 2021 02:36:46 +0000
ROA not before: Wed 29 Sep 2021 02:36:46 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9244
IP address blocks: 61.56.72.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2498 (0x9c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Sep 29 02:36:46 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=22EA3BB0C951BD25A9B52183DC2BB6A13BC00542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:18:52:3a:e4:9d:f2:3d:9c:da:a4:87:fc:6e:
d9:22:83:0b:42:0d:ea:4d:75:ef:fc:ca:81:0e:20:
d6:e1:f0:6a:c9:f3:9d:66:b4:81:01:1c:9c:56:3e:
38:fc:0e:e9:44:4d:f9:45:da:d9:b9:45:78:16:0d:
39:a9:5d:68:c3:ef:a8:fb:b0:ab:7b:52:b0:c8:8f:
8b:61:e8:56:8e:e4:21:97:3a:4d:7d:78:9a:22:d2:
09:9b:cc:43:e8:c3:fa:04:a3:bf:b0:f7:63:d6:cd:
e8:e3:f1:f5:f4:c2:4c:a6:7a:cf:9c:27:f8:5c:9a:
90:cb:20:9c:d5:71:05:2d:c9:f2:22:a8:2e:ff:00:
a2:a6:c1:c2:35:6e:cf:cf:bf:d3:c5:bf:3f:39:be:
ca:ca:26:f3:8c:3f:17:87:68:a9:6c:79:3d:ab:78:
f7:9a:4e:c5:64:7d:ae:34:ea:b4:44:7a:3a:dd:18:
58:40:71:5c:80:84:0c:ce:b4:56:0c:e2:c0:4b:36:
fb:38:39:f3:66:38:96:cc:a5:ac:55:4c:92:4e:3f:
31:bd:15:ad:eb:06:f1:15:40:64:aa:d4:61:9a:a9:
22:a3:af:56:e7:73:40:28:27:fb:cd:f2:d4:3c:c7:
f4:32:e3:a2:fc:11:98:08:04:8c:02:74:44:0c:74:
18:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EA:3B:B0:C9:51:BD:25:A9:B5:21:83:DC:2B:B6:A1:3B:C0:05:42
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/Iuo7sMlRvSWptSGD3Cu2oTvABUI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.56.72.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:90:22:63:8a:6e:bb:7e:99:35:26:32:58:f4:60:13:4e:71:
69:1e:f6:1a:15:e0:51:75:80:0c:fe:52:73:b8:1f:a0:bf:50:
a3:ab:66:d3:4b:15:a8:4e:43:60:71:03:81:5f:63:67:28:64:
db:10:3c:76:a4:f6:c7:55:cc:58:ee:fc:59:c9:57:7b:0b:44:
a8:24:7d:0b:6e:44:d6:54:e2:89:58:13:21:b5:be:46:24:c7:
1f:59:28:ac:62:c0:7c:c6:39:cb:7c:d6:0a:17:c1:73:71:0f:
b1:2a:1a:90:2e:f0:af:32:a3:66:3b:25:3d:72:2c:a5:38:6d:
64:25:20:40:f2:26:38:f6:61:72:72:84:dc:e5:20:ee:1c:3d:
98:bc:c0:fd:72:65:49:3e:61:72:43:81:94:03:8f:ba:65:f8:
ca:5a:05:a5:fa:40:a3:c0:22:11:cf:aa:a1:90:36:6b:a9:ef:
5f:52:07:0a:8a:4d:06:b8:6c:b8:27:47:d4:11:24:8d:43:bf:
4b:98:f0:da:03:3b:57:0f:8a:e7:3c:62:d3:98:f7:f3:81:d1:
cb:ca:a0:fc:d2:6f:8e:2d:9c:1c:bc:32:9b:3c:59:3e:21:d5:
23:99:22:68:83:fb:90:c4:c9:17:b6:81:23:2d:5a:12:9c:ae:
d4:ee:5f:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCcIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMTA5Mjkw
MjM2NDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDIyRUEzQkIwQzk1MUJE
MjVBOUI1MjE4M0RDMkJCNkExM0JDMDA1NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOGFI65J3yPZzapIf8btkigwtCDepNde/8yoEOINbh8GrJ851m
tIEBHJxWPjj8DulETflF2tm5RXgWDTmpXWjD76j7sKt7UrDIj4th6FaO5CGXOk19
eJoi0gmbzEPow/oEo7+w92PWzejj8fX0wkymes+cJ/hcmpDLIJzVcQUtyfIiqC7/
AKKmwcI1bs/Pv9PFvz85vsrKJvOMPxeHaKlseT2rePeaTsVkfa406rREejrdGFhA
cVyAhAzOtFYM4sBLNvs4OfNmOJbMpaxVTJJOPzG9Fa3rBvEVQGSq1GGaqSKjr1bn
c0AoJ/vN8tQ8x/Qy46L8EZgIBIwCdEQMdBghAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIuo7sMlRvSWptSGD3Cu2oTvABUIwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL0l1bzdzTWxSdlNXcHRTR0Qz
Q3Uyb1R2QUJVSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
OEgwDQYJKoZIhvcNAQELBQADggEBAG2QImOKbrt+mTUmMlj0YBNOcWke9hoV4FF1
gAz+UnO4H6C/UKOrZtNLFahOQ2BxA4FfY2coZNsQPHak9sdVzFju/FnJV3sLRKgk
fQtuRNZU4olYEyG1vkYkxx9ZKKxiwHzGOct81goXwXNxD7EqGpAu8K8yo2Y7JT1y
LKU4bWQlIEDyJjj2YXJyhNzlIO4cPZi8wP1yZUk+YXJDgZQDj7pl+MpaBaX6QKPA
IhHPqqGQNmup719SBwqKTQa4bLgnR9QRJI1Dv0uY8NoDO1cPiuc8YtOY9/OB0cvK
oPzSb44tnBy8Mps8WT4h1SOZImiD+5DEyRe2gSMtWhKcrtTuXwk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org