Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/38-_R4BRqnA8sBCWVzSjSDehN3Q.roa
File: 38-_R4BRqnA8sBCWVzSjSDehN3Q.roa (raw, json)
Hash identifier: 7J3920rpuDmeSfdl12hlgtVbKcZjHB4jvva8+ESCyxo=
Subject key identifier: DF:CF:BF:47:80:51:AA:70:3C:B0:10:96:57:34:A3:48:37:A1:37:74
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0AA1
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/38-_R4BRqnA8sBCWVzSjSDehN3Q.roa
Signing time: Thu 15 Sep 2022 02:41:00 +0000
ROA not before: Thu 15 Sep 2022 02:41:00 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18042
IP address blocks: 58.86.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2721 (0xaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 15 02:41:00 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DFCFBF478051AA703CB010965734A34837A13774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:83:27:82:66:9a:c1:eb:9b:1a:33:45:6d:13:
84:35:0d:30:41:99:5c:74:71:e6:94:99:a8:34:4d:
40:e6:ed:86:17:ce:fd:2f:98:86:d6:2c:03:e2:8d:
6e:72:ed:fd:d3:24:1e:cc:c6:d8:6a:24:ec:70:62:
dc:27:aa:5d:04:56:97:dc:39:3b:c4:66:56:c4:39:
f0:ba:4b:59:54:89:19:05:3c:8f:12:72:46:17:d4:
81:b4:e2:6a:2d:ab:3f:aa:2b:a2:23:8e:33:4a:4f:
3c:8a:c5:bf:3e:d9:90:f2:5e:02:c6:43:aa:21:41:
c9:f9:df:9f:33:45:fa:58:41:6f:e3:5b:c4:5c:af:
b9:af:cb:7f:6c:60:70:71:73:b6:de:69:9f:34:64:
e2:ba:17:01:59:99:d6:5c:84:5c:bb:e4:d6:bd:c4:
b0:91:19:6e:68:a9:1a:9a:6e:17:fc:a0:19:59:6d:
a7:1c:99:b9:de:b6:34:8e:7c:c2:ab:a1:e0:48:c5:
d8:d6:48:e5:d9:e3:10:64:bb:43:62:4f:38:34:6a:
dd:6f:e7:94:7c:a9:f5:e8:f0:f7:65:5f:45:06:2e:
80:9b:bc:69:80:ca:2f:5a:45:7b:9e:7c:3e:d8:66:
ab:2f:41:cc:34:52:a4:96:7d:18:db:6d:3b:8b:ec:
a1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CF:BF:47:80:51:AA:70:3C:B0:10:96:57:34:A3:48:37:A1:37:74
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/38-_R4BRqnA8sBCWVzSjSDehN3Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.38.0/24
Signature Algorithm: sha256WithRSAEncryption
45:7a:da:a6:df:96:a8:a2:38:73:87:02:ea:8a:90:92:be:a4:
b8:66:d0:cd:07:49:5d:3c:30:76:88:6b:78:df:4b:88:1a:a5:
48:6e:77:9f:72:2f:01:7b:bb:83:b2:10:8d:b5:da:18:f6:65:
96:29:9a:a3:c9:f8:d6:01:31:78:e6:49:22:c2:14:2b:e1:8b:
c2:6b:86:f4:c8:ec:20:09:f0:7f:93:27:c6:35:68:c2:c1:d4:
c2:8c:85:69:de:8a:3d:43:ad:45:1b:92:67:cd:90:22:a9:2b:
17:06:74:a3:49:dd:02:64:16:ed:6c:06:b0:90:79:07:b6:52:
3a:00:e5:97:b8:28:75:8b:f3:b7:90:1c:6f:02:ca:b1:53:ee:
80:da:15:98:c6:9d:58:21:ff:1d:29:79:bd:13:f3:33:23:d6:
7b:6d:fd:92:f4:9e:0b:5f:1f:c2:96:ea:43:40:f1:32:bb:90:
0c:74:74:61:0d:9c:85:66:30:89:60:e9:96:b7:62:90:bf:1b:
97:b8:a9:c6:79:54:e7:cf:68:32:ce:70:1b:66:6c:07:65:b7:
ca:d4:a1:81:51:19:ca:0e:ea:ba:fe:e7:5a:43:f9:d6:75:dc:
89:f5:82:05:d9:ef:37:84:54:50:92:f9:1d:81:82:ca:f3:44:
6e:ea:3c:71
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMjA5MTUw
MjQxMDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERGQ0ZCRjQ3ODA1MUFB
NzAzQ0IwMTA5NjU3MzRBMzQ4MzdBMTM3NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0gyeCZprB65saM0VtE4Q1DTBBmVx0ceaUmag0TUDm7YYXzv0v
mIbWLAPijW5y7f3TJB7MxthqJOxwYtwnql0EVpfcOTvEZlbEOfC6S1lUiRkFPI8S
ckYX1IG04motqz+qK6IjjjNKTzyKxb8+2ZDyXgLGQ6ohQcn5358zRfpYQW/jW8Rc
r7mvy39sYHBxc7beaZ80ZOK6FwFZmdZchFy75Na9xLCRGW5oqRqabhf8oBlZbacc
mbnetjSOfMKroeBIxdjWSOXZ4xBku0NiTzg0at1v55R8qfXo8PdlX0UGLoCbvGmA
yi9aRXuefD7YZqsvQcw0UqSWfRjbbTuL7KEnAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU38+/R4BRqnA8sBCWVzSjSDehN3QwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JULzM4LV9SNEJScW5BOHNCQ1dWelNqU0Rl
aE4zUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6ViYwDQYJ
KoZIhvcNAQELBQADggEBAEV62qbflqiiOHOHAuqKkJK+pLhm0M0HSV08MHaIa3jf
S4gapUhud59yLwF7u4OyEI212hj2ZZYpmqPJ+NYBMXjmSSLCFCvhi8JrhvTI7CAJ
8H+TJ8Y1aMLB1MKMhWneij1DrUUbkmfNkCKpKxcGdKNJ3QJkFu1sBrCQeQe2UjoA
5Ze4KHWL87eQHG8CyrFT7oDaFZjGnVgh/x0peb0T8zMj1ntt/ZL0ngtfH8KW6kNA
8TK7kAx0dGENnIVmMIlg6Za3YpC/G5e4qcZ5VOfPaDLOcBtmbAdlt8rUoYFRGcoO
6rr+51pD+dZ13In1ggXZ7zeEVFCS+R2BgsrzRG7qPHE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org