Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/GjSZ5EKb8_zml23y0czAvGr3KjA.roa
File: GjSZ5EKb8_zml23y0czAvGr3KjA.roa (raw, json)
Hash identifier: T75/tJvXB6aUB/3gun1awG+PR1yn9vieMqh2UqU1IUM=
Subject key identifier: 1A:34:99:E4:42:9B:F3:FC:E6:97:6D:F2:D1:CC:C0:BC:6A:F7:2A:30
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 08F5
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/GjSZ5EKb8_zml23y0czAvGr3KjA.roa
Signing time: Sun 07 Feb 2021 11:54:05 +0000
ROA not before: Sun 07 Feb 2021 11:54:05 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 58.86.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2293 (0x8f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 7 11:54:05 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1A3499E4429BF3FCE6976DF2D1CCC0BC6AF72A30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:28:3f:6c:c9:de:bb:1f:1a:74:54:c3:5d:dd:
56:d0:b0:82:c6:41:5c:63:1c:13:4e:8e:87:4e:65:
32:59:f1:f6:e7:dc:c1:43:4c:eb:22:cf:e1:a2:b3:
0b:85:29:df:84:f7:c9:3a:60:54:ed:d3:18:9d:f6:
b1:28:f4:3b:71:d2:c5:16:5f:dc:b2:c1:b8:6b:32:
82:a1:fc:27:dd:2f:97:d3:6b:be:7c:85:59:8b:28:
96:cd:69:06:8e:4a:bf:ae:a8:1a:38:bc:03:c6:ac:
bb:a1:9f:96:d5:11:ff:9b:82:3b:31:24:ec:45:7d:
75:0f:7e:08:ac:43:f2:66:a7:68:d2:62:52:e6:14:
24:ec:a7:52:81:38:64:dd:87:97:d0:5a:4a:dd:7b:
bc:c7:31:64:bc:ab:9e:5b:49:91:e7:b3:15:70:a1:
9d:ca:cf:7d:cd:11:4f:e4:4a:f3:a3:43:33:92:2c:
d3:25:15:90:c7:cf:08:8d:ea:5c:39:57:b9:91:71:
96:5c:a2:0c:05:d5:70:b6:58:9f:4d:d8:86:b7:c7:
2e:6a:e2:f0:c2:10:23:a9:8b:71:fe:41:23:2c:12:
a2:f5:ee:e3:75:1f:93:f9:8e:07:70:79:7a:e8:1b:
d5:7c:2b:01:0b:71:e6:b5:ab:ea:0e:ca:2b:73:83:
10:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:34:99:E4:42:9B:F3:FC:E6:97:6D:F2:D1:CC:C0:BC:6A:F7:2A:30
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/GjSZ5EKb8_zml23y0czAvGr3KjA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.55.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:57:7c:72:70:ad:24:51:05:65:fa:7a:85:80:45:1e:0b:bf:
95:25:96:37:eb:28:8e:fd:b1:25:ba:88:ee:c2:40:16:48:c0:
82:09:a6:af:b9:c5:90:02:66:c6:55:47:07:9f:96:11:a0:11:
09:84:c4:28:60:15:02:21:78:4b:8d:36:1f:62:e4:2f:92:42:
57:64:54:ab:e7:14:9e:d7:e0:f9:33:5b:f0:8d:22:f9:be:bd:
5a:0a:10:0d:a4:d8:80:28:40:8f:36:f1:e6:2d:04:fe:c6:ca:
d9:5f:51:7d:c6:7e:3a:8b:ce:7b:b9:f0:f7:c3:ff:86:a4:da:
cd:8c:90:0b:5c:c1:98:a5:e4:12:0d:86:3a:53:c0:44:10:c1:
20:64:24:f0:b8:96:b4:dc:3a:c6:bd:70:1f:54:c6:e7:68:71:
66:0a:75:df:bd:63:b4:59:ef:db:68:48:b3:73:ff:b5:10:77:
83:03:1c:6b:52:5f:b5:81:71:c1:44:a3:c6:72:56:e1:58:8d:
67:bd:b1:54:fb:8e:d7:e3:64:fe:28:67:ac:cb:6d:af:df:a0:
40:56:94:f9:80:bc:db:55:56:47:6a:52:72:ad:7d:d6:24:59:
1d:8d:2c:47:ce:3e:f8:00:63:03:e4:6c:f9:1d:4b:9b:dc:ba:
95:4e:9f:fe
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAyMDcx
MTU0MDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFBMzQ5OUU0NDI5QkYz
RkNFNjk3NkRGMkQxQ0NDMEJDNkFGNzJBMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQKD9syd67Hxp0VMNd3VbQsILGQVxjHBNOjodOZTJZ8fbn3MFD
TOsiz+GiswuFKd+E98k6YFTt0xid9rEo9Dtx0sUWX9yywbhrMoKh/CfdL5fTa758
hVmLKJbNaQaOSr+uqBo4vAPGrLuhn5bVEf+bgjsxJOxFfXUPfgisQ/Jmp2jSYlLm
FCTsp1KBOGTdh5fQWkrde7zHMWS8q55bSZHnsxVwoZ3Kz33NEU/kSvOjQzOSLNMl
FZDHzwiN6lw5V7mRcZZcogwF1XC2WJ9N2Ia3xy5q4vDCECOpi3H+QSMsEqL17uN1
H5P5jgdweXroG9V8KwELcea1q+oOyitzgxC7AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUGjSZ5EKb8/zml23y0czAvGr3KjAwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0dqU1o1RUtiOF96bWwyM3kwY3pBdkdy
M0tqQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6VjcwDQYJ
KoZIhvcNAQELBQADggEBAMhXfHJwrSRRBWX6eoWARR4Lv5UlljfrKI79sSW6iO7C
QBZIwIIJpq+5xZACZsZVRweflhGgEQmExChgFQIheEuNNh9i5C+SQldkVKvnFJ7X
4PkzW/CNIvm+vVoKEA2k2IAoQI828eYtBP7GytlfUX3GfjqLznu58PfD/4ak2s2M
kAtcwZil5BINhjpTwEQQwSBkJPC4lrTcOsa9cB9UxudocWYKdd+9Y7RZ79toSLNz
/7UQd4MDHGtSX7WBccFEo8ZyVuFYjWe9sVT7jtfjZP4oZ6zLba/foEBWlPmAvNtV
VkdqUnKtfdYkWR2NLEfOPvgAYwPkbPkdS5vcupVOn/4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org