Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/A-8ENKWCbXkTTRP-k1v3-cMdp8E.roa
File: A-8ENKWCbXkTTRP-k1v3-cMdp8E.roa (raw, json)
Hash identifier: +qXIhQOZtcNUIEeGZz8ND9F8bzvAhz9C7mF8yD9fa8w=
Subject key identifier: 03:EF:04:34:A5:82:6D:79:13:4D:13:FE:93:5B:F7:F9:C3:1D:A7:C1
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 09B2
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/A-8ENKWCbXkTTRP-k1v3-cMdp8E.roa
Signing time: Wed 29 Sep 2021 02:40:44 +0000
ROA not before: Wed 29 Sep 2021 02:40:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18042
IP address blocks: 61.63.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2482 (0x9b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 29 02:40:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=03EF0434A5826D79134D13FE935BF7F9C31DA7C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:64:ad:56:b1:6f:e4:86:87:e7:65:6e:af:ed:
2f:5f:c0:b7:d4:14:4e:15:b3:5a:ea:5f:0e:42:29:
cb:8a:34:0b:5c:c0:8a:90:24:a8:fa:6e:71:21:2b:
b0:be:8a:a4:79:d5:51:f0:05:ea:2b:b7:c1:a3:05:
0c:14:5a:64:fe:78:eb:4f:f0:77:c0:2e:df:0a:3b:
af:86:2f:3c:66:a3:e6:11:24:0e:5e:09:c2:ca:9c:
36:d2:cf:db:55:64:38:76:51:4c:5f:3a:97:9b:af:
eb:db:ec:20:24:17:89:5d:b0:f6:be:ce:a8:e7:30:
63:3c:4d:59:0d:09:15:83:78:a9:1e:64:26:56:4d:
56:78:b0:25:2a:ab:2c:62:6a:d0:7a:ef:c4:35:08:
00:ed:9b:77:a8:d5:b2:c0:bb:51:09:01:0d:58:68:
65:12:c0:dd:13:2d:33:0c:c4:86:c7:44:c8:26:e8:
e6:2e:0b:80:97:66:69:05:92:d1:9c:50:db:90:a9:
e1:b3:26:fa:ce:f3:25:39:f4:91:60:40:47:13:88:
2d:67:03:2a:91:fc:75:73:d7:cc:a5:0b:23:23:71:
6f:ee:0a:fe:72:84:4e:70:67:85:e0:43:bb:4a:5b:
e5:8e:a9:57:ae:55:76:b9:fc:bc:e3:1a:de:33:42:
32:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EF:04:34:A5:82:6D:79:13:4D:13:FE:93:5B:F7:F9:C3:1D:A7:C1
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/A-8ENKWCbXkTTRP-k1v3-cMdp8E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.87.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:e0:1e:3e:dd:6b:6c:b3:fb:8f:29:ee:5d:08:cf:71:98:06:
58:6e:33:13:f3:28:1b:53:83:fe:dc:ee:ab:94:0c:df:6a:0c:
2a:70:5d:b9:dd:53:2a:8d:bd:be:42:81:ed:84:cc:10:bd:ab:
42:b5:19:e5:a9:9e:af:d7:a0:9f:fd:af:a9:f4:a5:7c:b6:3b:
c6:65:15:ec:33:22:7c:a7:f1:1a:f4:a4:05:5f:c5:cf:9a:4c:
10:c4:78:a0:61:51:b9:8e:49:89:08:8d:80:cd:2d:84:96:b7:
65:b8:af:02:b8:92:d0:d4:d1:f6:b4:fe:2a:c9:20:ad:5b:ed:
93:7d:c6:64:aa:e9:a6:e9:f1:ab:a7:1b:2f:31:39:b9:c5:ff:
ef:b7:40:db:59:51:60:a4:d0:95:47:b3:6d:47:c7:a8:2b:93:
a6:39:3f:41:22:dc:f7:4c:43:6f:3b:bd:ab:c2:42:da:14:85:
f0:b4:e3:a2:3b:2d:7f:46:50:51:aa:d9:c0:97:79:92:eb:20:
6c:81:3c:12:f7:41:3a:1b:78:b2:19:d8:43:5a:88:0e:c3:d2:
05:d8:45:fb:91:ff:f7:1e:8a:ca:03:1d:a0:34:9d:38:1a:24:
7c:79:86:cc:1d:8a:2a:f1:67:aa:a7:d3:16:de:11:d3:19:7f:
a4:eb:66:f1
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTA5Mjkw
MjQwNDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDAzRUYwNDM0QTU4MjZE
NzkxMzREMTNGRTkzNUJGN0Y5QzMxREE3QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7ZK1WsW/khofnZW6v7S9fwLfUFE4Vs1rqXw5CKcuKNAtcwIqQ
JKj6bnEhK7C+iqR51VHwBeort8GjBQwUWmT+eOtP8HfALt8KO6+GLzxmo+YRJA5e
CcLKnDbSz9tVZDh2UUxfOpebr+vb7CAkF4ldsPa+zqjnMGM8TVkNCRWDeKkeZCZW
TVZ4sCUqqyxiatB678Q1CADtm3eo1bLAu1EJAQ1YaGUSwN0TLTMMxIbHRMgm6OYu
C4CXZmkFktGcUNuQqeGzJvrO8yU59JFgQEcTiC1nAyqR/HVz18ylCyMjcW/uCv5y
hE5wZ4XgQ7tKW+WOqVeuVXa5/LzjGt4zQjLXAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUA+8ENKWCbXkTTRP+k1v3+cMdp8EwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0EtOEVOS1dDYlhrVFRSUC1rMXYzLWNN
ZHA4RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9P1cwDQYJ
KoZIhvcNAQELBQADggEBAJ7gHj7da2yz+48p7l0Iz3GYBlhuMxPzKBtTg/7c7quU
DN9qDCpwXbndUyqNvb5Cge2EzBC9q0K1GeWpnq/XoJ/9r6n0pXy2O8ZlFewzInyn
8Rr0pAVfxc+aTBDEeKBhUbmOSYkIjYDNLYSWt2W4rwK4ktDU0fa0/irJIK1b7ZN9
xmSq6abp8aunGy8xObnF/++3QNtZUWCk0JVHs21Hx6grk6Y5P0Ei3PdMQ287vavC
QtoUhfC046I7LX9GUFGq2cCXeZLrIGyBPBL3QTobeLIZ2ENaiA7D0gXYRfuR//ce
isoDHaA0nTgaJHx5hswdiirxZ6qn0xbeEdMZf6TrZvE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org