Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/1blBafiqblFzTIwTgG8MHSCCyZ4.roa
File: 1blBafiqblFzTIwTgG8MHSCCyZ4.roa (raw, json)
Hash identifier: oq+RQ0eSTd2BFoTUAEKgpwJBHvlh/NGdngRqXqI9HKg=
Subject key identifier: D5:B9:41:69:F8:AA:6E:51:73:4C:8C:13:80:6F:0C:1D:20:82:C9:9E
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0916
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/1blBafiqblFzTIwTgG8MHSCCyZ4.roa
Signing time: Wed 03 Mar 2021 02:09:25 +0000
ROA not before: Wed 03 Mar 2021 02:09:25 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 61.63.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2326 (0x916)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Mar 3 02:09:25 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D5B94169F8AA6E51734C8C13806F0C1D2082C99E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c6:fc:e1:9c:26:62:f9:27:56:41:5f:c8:54:
b3:27:83:b1:09:64:a4:8c:89:67:b4:18:26:c1:74:
e8:c9:52:0a:22:c2:85:60:14:da:b9:5c:ed:c9:b9:
80:5d:8f:b2:ef:a8:2e:7a:84:08:45:a2:80:35:b7:
ca:b5:37:0f:a8:dc:8c:a0:0f:67:c7:2a:f3:b6:0b:
82:0a:79:e2:7b:7c:85:cb:9c:1a:e3:21:5e:0b:7e:
6b:1d:eb:d6:28:f8:02:c2:5c:d7:d4:85:13:be:a3:
2f:8d:ee:da:bd:48:fe:ba:f5:61:64:75:e5:7f:d4:
2c:c5:84:7d:c7:41:b2:b5:5d:ec:d1:56:cd:6c:bd:
ff:a1:aa:18:7d:9f:aa:c8:21:4a:3f:4e:0b:34:18:
92:2b:c8:70:3d:fb:9b:bc:7e:77:34:0e:fa:3c:8e:
ea:45:1a:45:d1:5a:21:c0:88:a2:f2:bd:e2:30:bb:
cc:7d:24:2e:b6:88:9d:62:90:48:54:b6:9f:f6:7a:
4b:c2:9a:39:d6:57:e8:49:10:84:f0:dc:33:a1:17:
e5:2f:0c:d2:3b:6e:97:3c:be:02:c1:3c:d0:f4:d3:
4d:57:b5:c5:7f:b6:5a:1e:70:a8:44:6f:c1:59:47:
c4:cb:04:8f:fa:37:76:c7:aa:6d:2f:90:2d:70:a4:
20:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B9:41:69:F8:AA:6E:51:73:4C:8C:13:80:6F:0C:1D:20:82:C9:9E
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/1blBafiqblFzTIwTgG8MHSCCyZ4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8b:54:d6:1b:7c:e8:82:05:28:dc:49:d0:d4:eb:61:d8:75:3d:
4a:9e:b7:2b:77:0a:58:99:42:d1:29:7c:db:c3:b8:9a:4e:67:
12:93:57:8a:7d:c7:50:18:12:3a:66:35:0a:d8:80:b9:d5:72:
d0:c5:56:98:70:b4:09:08:47:95:d9:96:eb:5f:1f:ff:b2:37:
33:b4:bc:cc:08:1c:78:97:aa:a3:81:ec:09:7c:b0:09:0b:16:
bf:ad:09:80:50:5f:f5:fd:c6:50:04:da:89:93:26:61:4a:7d:
1e:ba:89:95:1b:fb:10:35:93:5a:3f:5e:67:11:eb:16:18:f6:
c3:58:cc:5f:32:fa:9b:8e:92:ca:e5:2f:c0:ac:8f:54:5e:58:
7c:9e:a7:2d:a4:d1:35:6e:ec:5e:2c:79:82:fa:e6:cd:a5:34:
58:6b:45:c1:34:ac:36:16:f9:ee:d8:4e:13:ad:40:07:47:db:
70:fa:49:84:26:8b:29:21:3a:e1:85:3d:33:19:cd:fd:ac:af:
72:03:8f:5f:c5:7e:c3:c4:25:89:87:b2:7d:38:9e:b8:0a:88:
a0:d2:27:d3:a3:6a:8f:8f:70:56:ad:55:91:e4:2e:76:91:19:
7b:d6:1d:60:c5:8c:db:10:33:1d:81:90:8c:7e:47:b9:34:3a:
f0:3a:23:cc
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCRYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAzMDMw
MjA5MjVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ1Qjk0MTY5RjhBQTZF
NTE3MzRDOEMxMzgwNkYwQzFEMjA4MkM5OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDExvzhnCZi+SdWQV/IVLMng7EJZKSMiWe0GCbBdOjJUgoiwoVg
FNq5XO3JuYBdj7LvqC56hAhFooA1t8q1Nw+o3IygD2fHKvO2C4IKeeJ7fIXLnBrj
IV4Lfmsd69Yo+ALCXNfUhRO+oy+N7tq9SP669WFkdeV/1CzFhH3HQbK1XezRVs1s
vf+hqhh9n6rIIUo/Tgs0GJIryHA9+5u8fnc0Dvo8jupFGkXRWiHAiKLyveIwu8x9
JC62iJ1ikEhUtp/2ekvCmjnWV+hJEITw3DOhF+UvDNI7bpc8vgLBPND0001XtcV/
tloecKhEb8FZR8TLBI/6N3bHqm0vkC1wpCDNAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU1blBafiqblFzTIwTgG8MHSCCyZ4wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JULzFibEJhZmlxYmxGelRJd1RnRzhNSFND
Q3laNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9PwAwDQYJ
KoZIhvcNAQELBQADggEBAItU1ht86IIFKNxJ0NTrYdh1PUqetyt3CliZQtEpfNvD
uJpOZxKTV4p9x1AYEjpmNQrYgLnVctDFVphwtAkIR5XZlutfH/+yNzO0vMwIHHiX
qqOB7Al8sAkLFr+tCYBQX/X9xlAE2omTJmFKfR66iZUb+xA1k1o/XmcR6xYY9sNY
zF8y+puOksrlL8Csj1ReWHyepy2k0TVu7F4seYL65s2lNFhrRcE0rDYW+e7YThOt
QAdH23D6SYQmiykhOuGFPTMZzf2sr3IDj1/FfsPEJYmHsn04nrgKiKDSJ9Ojao+P
cFatVZHkLnaRGXvWHWDFjNsQMx2BkIx+R7k0OvA6I8w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org