Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/5iAFTlhgtbGAXW2HJZQaWsq40tk.roa
File: 5iAFTlhgtbGAXW2HJZQaWsq40tk.roa (raw, json)
Hash identifier: uDupQgy7UdgFiEauLYI8j8OCkDdVp5Yjzb2VXw05400=
Subject key identifier: E6:20:05:4E:58:60:B5:B1:80:5D:6D:87:25:94:1A:5A:CA:B8:D2:D9
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0918
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/5iAFTlhgtbGAXW2HJZQaWsq40tk.roa
Signing time: Wed 03 Mar 2021 02:09:48 +0000
ROA not before: Wed 03 Mar 2021 02:09:48 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 61.63.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2328 (0x918)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Mar 3 02:09:48 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=E620054E5860B5B1805D6D8725941A5ACAB8D2D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d1:57:b5:a0:11:58:90:b3:57:a0:a0:1f:15:
c9:48:6b:4d:a9:de:bc:d2:ef:b6:da:a9:d9:49:ec:
13:f5:07:52:87:b6:af:54:4d:04:fc:98:5f:66:78:
48:4c:b7:8d:62:40:1f:83:37:ec:b9:f1:54:28:48:
2a:13:1b:0d:86:fd:34:0f:77:58:46:09:90:0d:92:
42:2a:ee:82:df:0a:a5:26:bf:f1:96:43:f8:ab:26:
f6:ce:90:34:d3:9a:27:8b:92:fa:48:75:e4:07:8f:
bd:a4:3e:ba:a5:46:ef:40:d7:34:91:7b:18:48:0e:
f6:c2:9c:d2:61:30:8a:87:ab:fe:b9:3a:46:a5:c7:
f8:cb:48:98:36:2f:16:37:40:82:a9:2e:be:37:29:
8a:7c:9b:2b:16:ac:cb:d2:26:e3:a5:d8:b1:7a:55:
d5:f7:a9:83:0d:3e:fa:97:c2:d0:12:b9:aa:10:03:
58:dc:7e:b3:3a:da:7e:22:7c:c3:5f:5a:c7:cd:b4:
a6:2b:1c:c5:91:a2:f4:57:d0:81:8d:04:af:d7:60:
ce:35:b9:66:8e:a6:aa:b0:8c:c7:25:d1:a7:80:65:
b1:d2:f4:e8:12:0d:df:31:ed:7e:6a:4e:4b:f8:df:
80:8a:40:56:22:95:ba:6a:5b:e1:d8:5f:bd:4e:6e:
86:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:20:05:4E:58:60:B5:B1:80:5D:6D:87:25:94:1A:5A:CA:B8:D2:D9
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/5iAFTlhgtbGAXW2HJZQaWsq40tk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.32.0/19
Signature Algorithm: sha256WithRSAEncryption
58:2e:4d:2c:71:6d:45:cf:00:93:58:be:5f:06:2d:51:5c:ed:
e3:d8:1f:0e:dd:83:db:ea:ba:6d:97:db:5f:d9:ca:93:ef:80:
6a:31:49:0e:b1:28:fb:d0:75:25:7b:19:52:eb:ee:b4:02:ac:
c7:96:18:55:21:59:5b:4b:9c:34:8e:8c:04:97:7e:d4:52:40:
ef:d5:33:2c:2a:54:80:9e:11:d0:c5:bd:35:e3:e8:bf:6a:80:
70:5d:c3:15:e0:00:bf:73:51:ef:06:51:6a:f3:82:58:ca:8b:
82:e4:b5:e8:b7:53:40:01:48:29:d7:b7:43:ab:46:21:c2:8a:
04:fa:0e:b5:41:d3:25:bb:e6:2d:78:8e:f5:74:0c:a6:47:d0:
be:d0:9b:58:c8:fd:f7:88:51:f5:8f:d9:ed:57:ce:d8:7c:44:
ac:8a:c4:26:80:b4:e0:94:c5:4e:d0:4a:18:e7:1e:d4:05:d1:
3c:ee:58:62:42:95:3e:5f:61:d0:fc:22:0c:ad:d0:dc:f8:fb:
5f:4b:85:20:ba:74:2b:d8:56:87:4c:27:b9:e8:aa:d5:54:e3:
58:42:55:e5:d0:c8:b6:3a:a8:15:d8:a9:2b:73:cd:96:ba:10:
12:ee:35:12:9b:a4:70:73:95:f0:db:39:c6:92:2c:b2:98:e0:
99:de:96:94
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCRgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAzMDMw
MjA5NDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEU2MjAwNTRFNTg2MEI1
QjE4MDVENkQ4NzI1OTQxQTVBQ0FCOEQyRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX0Ve1oBFYkLNXoKAfFclIa02p3rzS77baqdlJ7BP1B1KHtq9U
TQT8mF9meEhMt41iQB+DN+y58VQoSCoTGw2G/TQPd1hGCZANkkIq7oLfCqUmv/GW
Q/irJvbOkDTTmieLkvpIdeQHj72kPrqlRu9A1zSRexhIDvbCnNJhMIqHq/65Okal
x/jLSJg2LxY3QIKpLr43KYp8mysWrMvSJuOl2LF6VdX3qYMNPvqXwtASuaoQA1jc
frM62n4ifMNfWsfNtKYrHMWRovRX0IGNBK/XYM41uWaOpqqwjMcl0aeAZbHS9OgS
Dd8x7X5qTkv434CKQFYilbpqW+HYX71OboYFAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU5iAFTlhgtbGAXW2HJZQaWsq40tkwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JULzVpQUZUbGhndGJHQVhXMkhKWlFhV3Nx
NDB0ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9PyAwDQYJ
KoZIhvcNAQELBQADggEBAFguTSxxbUXPAJNYvl8GLVFc7ePYHw7dg9vqum2X21/Z
ypPvgGoxSQ6xKPvQdSV7GVLr7rQCrMeWGFUhWVtLnDSOjASXftRSQO/VMywqVICe
EdDFvTXj6L9qgHBdwxXgAL9zUe8GUWrzgljKi4Lktei3U0ABSCnXt0OrRiHCigT6
DrVB0yW75i14jvV0DKZH0L7Qm1jI/feIUfWP2e1Xzth8RKyKxCaAtOCUxU7QShjn
HtQF0TzuWGJClT5fYdD8Igyt0Nz4+19LhSC6dCvYVodMJ7noqtVU41hCVeXQyLY6
qBXYqStzzZa6EBLuNRKbpHBzlfDbOcaSLLKY4JnelpQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org