Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/ulREXO2AW9KNXFcOhwGxy7U2hD0.roa
File: ulREXO2AW9KNXFcOhwGxy7U2hD0.roa (raw, json)
Hash identifier: kiwninVtcKGEBIrwo4wJjrAerrwLGO9Bw3rsbBJVYSk=
Subject key identifier: BA:54:44:5C:ED:80:5B:D2:8D:5C:57:0E:87:01:B1:CB:B5:36:84:3D
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0A93
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/ulREXO2AW9KNXFcOhwGxy7U2hD0.roa
Signing time: Mon 25 Jul 2022 22:10:17 +0000
ROA not before: Mon 25 Jul 2022 22:10:17 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9244
IP address blocks: 61.56.80.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2707 (0xa93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Jul 25 22:10:17 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=BA54445CED805BD28D5C570E8701B1CBB536843D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f5:7b:36:2f:2f:36:7e:c1:2f:17:6c:12:72:
85:4d:8f:a1:7c:1a:44:35:04:34:20:56:96:36:90:
fe:d8:9a:d5:e1:c6:be:24:27:2c:50:77:1f:4d:30:
9e:b0:09:30:93:14:de:08:af:2a:79:48:bb:24:31:
30:19:44:1f:6f:af:ce:77:cd:ce:0b:ee:d8:28:32:
a3:cf:3f:4b:ad:c9:0e:60:99:56:a4:15:db:cc:b0:
4c:9a:eb:87:24:45:40:8f:21:90:8c:c0:e0:d5:3e:
44:3f:80:b0:c5:03:af:ba:45:d1:34:60:40:3a:4e:
a3:2b:f6:d3:a2:26:62:65:a5:b5:30:56:36:9d:b7:
4c:f4:6b:17:f7:80:2e:08:3a:1b:98:21:ec:26:9e:
52:59:a6:32:f1:e9:5b:c0:d4:62:01:af:14:98:73:
5d:f2:a5:20:ee:e2:54:70:f7:a4:fb:b5:3a:21:54:
56:c9:d5:a6:b4:43:82:04:93:41:a3:dd:a4:a6:15:
16:69:9f:de:62:7c:0d:67:ac:b6:d7:ca:e9:55:a6:
fc:79:0e:8c:f6:6d:13:06:71:b0:26:51:74:53:b4:
ce:d1:d0:e3:7e:62:9f:2d:94:6f:b1:c1:1f:54:0c:
55:0a:ae:78:7b:6a:24:03:81:4f:62:b0:03:c5:8a:
a6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:54:44:5C:ED:80:5B:D2:8D:5C:57:0E:87:01:B1:CB:B5:36:84:3D
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/ulREXO2AW9KNXFcOhwGxy7U2hD0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.56.80.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:29:90:51:b6:65:07:b4:27:75:65:67:5f:63:ea:78:26:a7:
0e:a8:80:c8:bf:0b:8b:2e:f3:53:b1:57:c0:d5:83:9f:2c:3f:
33:41:00:b3:d9:ac:50:1a:95:53:ae:44:b5:67:92:b2:c3:28:
72:bb:a5:4e:64:16:ad:1a:41:b6:70:3a:ca:21:c0:25:1f:ed:
88:b8:8d:60:4e:7e:d1:22:9c:64:b3:0e:ae:6d:02:d2:1b:48:
bd:77:e8:13:6c:d5:d5:c1:a8:ab:13:42:4f:fc:0e:d0:69:75:
a9:a6:ab:95:a7:93:ce:a2:d0:4c:47:e1:78:a5:37:22:be:bb:
79:4b:6b:25:bf:d4:bf:ae:f8:33:93:a8:3d:48:5f:87:c7:30:
3c:8a:d5:10:47:c7:17:9c:07:02:6c:02:8a:48:44:a8:44:38:
9e:35:98:4f:58:96:4c:b0:ca:62:f3:64:5e:e4:b7:60:39:75:
39:0f:b8:e2:a0:84:c8:5b:d8:cf:79:6e:41:6b:0a:1d:2b:03:
69:3c:99:a7:90:69:d5:40:52:1e:82:70:e3:1b:85:1a:b2:07:
84:86:32:4b:0c:b9:c8:65:a0:6f:3f:b9:24:e4:b3:14:a8:7e:
f9:9d:76:53:bc:6a:07:7b:61:77:d9:d0:ec:41:8c:93:df:b5:
d7:aa:9f:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCpMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMjA3MjUy
MjEwMTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEJBNTQ0NDVDRUQ4MDVC
RDI4RDVDNTcwRTg3MDFCMUNCQjUzNjg0M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu9Xs2Ly82fsEvF2wScoVNj6F8GkQ1BDQgVpY2kP7YmtXhxr4k
JyxQdx9NMJ6wCTCTFN4Iryp5SLskMTAZRB9vr853zc4L7tgoMqPPP0utyQ5gmVak
FdvMsEya64ckRUCPIZCMwODVPkQ/gLDFA6+6RdE0YEA6TqMr9tOiJmJlpbUwVjad
t0z0axf3gC4IOhuYIewmnlJZpjLx6VvA1GIBrxSYc13ypSDu4lRw96T7tTohVFbJ
1aa0Q4IEk0Gj3aSmFRZpn95ifA1nrLbXyulVpvx5Doz2bRMGcbAmUXRTtM7R0ON+
Yp8tlG+xwR9UDFUKrnh7aiQDgU9isAPFiqaBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUulREXO2AW9KNXFcOhwGxy7U2hD0wHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL3VsUkVYTzJBVzlLTlhGY09o
d0d4eTdVMmhEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
OFAwDQYJKoZIhvcNAQELBQADggEBAKwpkFG2ZQe0J3VlZ19j6ngmpw6ogMi/C4su
81OxV8DVg58sPzNBALPZrFAalVOuRLVnkrLDKHK7pU5kFq0aQbZwOsohwCUf7Yi4
jWBOftEinGSzDq5tAtIbSL136BNs1dXBqKsTQk/8DtBpdammq5Wnk86i0ExH4Xil
NyK+u3lLayW/1L+u+DOTqD1IX4fHMDyK1RBHxxecBwJsAopIRKhEOJ41mE9Ylkyw
ymLzZF7kt2A5dTkPuOKghMhb2M95bkFrCh0rA2k8maeQadVAUh6CcOMbhRqyB4SG
MksMuchloG8/uSTksxSofvmddlO8agd7YXfZ0OxBjJPftdeqn9U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org