Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/HnMvEG82i6vF8SdH_jxqf2lNcrE.roa
File: HnMvEG82i6vF8SdH_jxqf2lNcrE.roa (raw, json)
Hash identifier: vIVz9n4NiZVRF04ax2ASeLOo7g9tRFEgavh1FOgXCrw=
Subject key identifier: 1E:73:2F:10:6F:36:8B:AB:C5:F1:27:47:FE:3C:6A:7F:69:4D:72:B1
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0AA1
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/HnMvEG82i6vF8SdH_jxqf2lNcrE.roa
Signing time: Thu 15 Sep 2022 02:41:01 +0000
ROA not before: Thu 15 Sep 2022 02:41:01 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18042
IP address blocks: 58.86.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2721 (0xaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 15 02:41:01 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1E732F106F368BABC5F12747FE3C6A7F694D72B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:27:70:96:a2:d9:83:72:bb:91:38:3e:7f:6f:
f0:75:c3:6a:f8:c7:f6:fa:4e:3a:91:b2:ff:d6:2f:
87:76:d7:0d:fa:c2:46:70:40:ac:82:b9:0f:44:31:
e1:c2:a9:89:97:c0:35:d8:26:49:33:22:f3:eb:8a:
34:92:97:7f:7d:3b:4f:3b:f6:6d:cc:7b:11:98:3a:
25:2b:f8:5b:c3:66:af:b3:cd:0c:23:32:db:0b:64:
47:ea:1e:49:d0:b0:cf:bf:18:65:39:2c:fb:41:6e:
c1:c7:a8:26:fd:fb:6f:e4:70:92:72:42:6c:03:3d:
57:18:4a:1c:55:e5:09:6d:68:91:15:56:87:94:70:
0a:05:45:4b:17:c9:3a:7b:e9:a2:03:17:d4:ea:46:
50:33:a5:ad:05:65:a3:da:25:38:4d:ad:f8:b0:8c:
15:a0:a2:af:a8:40:54:f1:4d:bc:80:8e:56:83:af:
2e:30:77:9e:61:27:4d:ee:04:96:07:d9:73:3a:9a:
ea:3d:09:d1:20:5a:4a:b4:14:6d:7d:7a:38:11:14:
f1:f1:b5:db:43:84:d0:de:a6:88:93:8a:1b:5f:fa:
57:e7:47:e6:45:62:84:9e:d7:90:df:a2:db:32:49:
ef:4f:00:61:ad:90:97:ca:9b:d1:13:52:7e:66:23:
51:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:73:2F:10:6F:36:8B:AB:C5:F1:27:47:FE:3C:6A:7F:69:4D:72:B1
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/HnMvEG82i6vF8SdH_jxqf2lNcrE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.55.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:00:ec:6e:2c:4a:d5:fb:3d:22:16:e9:10:f2:92:3a:b8:22:
85:55:03:ed:7a:b5:43:84:8d:3e:79:a5:b5:6b:c8:eb:2f:2c:
58:f7:72:e8:05:50:1f:11:cc:bf:27:53:0c:33:5d:13:49:48:
09:32:6a:18:cd:fb:78:41:36:92:6b:91:9e:e6:ef:5a:87:ff:
6d:5b:1b:a8:2a:68:f9:3a:35:c8:d2:f4:45:52:78:f8:c0:8e:
76:5e:c8:fc:38:0e:2a:46:8f:e7:73:db:96:87:a0:e2:8a:ee:
b4:59:f8:d9:df:24:ff:ce:92:f2:76:0c:a2:5d:19:6a:63:d5:
1c:35:78:55:dd:b9:dd:09:45:4d:45:90:59:79:bc:88:87:71:
7b:a8:20:30:53:4f:2a:02:1a:46:0e:67:ae:3c:c4:e0:90:eb:
d5:c2:31:4c:e9:f9:fe:87:b8:e9:74:bb:a9:f3:fa:b6:96:11:
71:04:28:42:1d:4a:8e:64:94:0a:13:60:c5:00:9a:b7:8b:89:
0e:64:2c:20:4b:85:12:85:3d:04:af:a1:59:1c:bd:cf:16:9f:
84:2d:98:00:b3:7e:88:9d:48:85:29:86:49:72:dd:96:cf:1b:
b5:87:49:a7:f9:89:11:5a:c4:10:9b:5a:18:b3:39:dd:a0:7e:
fc:7e:1b:2f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMjA5MTUw
MjQxMDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFFNzMyRjEwNkYzNjhC
QUJDNUYxMjc0N0ZFM0M2QTdGNjk0RDcyQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEJ3CWotmDcruROD5/b/B1w2r4x/b6TjqRsv/WL4d21w36wkZw
QKyCuQ9EMeHCqYmXwDXYJkkzIvPrijSSl399O0879m3MexGYOiUr+FvDZq+zzQwj
MtsLZEfqHknQsM+/GGU5LPtBbsHHqCb9+2/kcJJyQmwDPVcYShxV5QltaJEVVoeU
cAoFRUsXyTp76aIDF9TqRlAzpa0FZaPaJThNrfiwjBWgoq+oQFTxTbyAjlaDry4w
d55hJ03uBJYH2XM6muo9CdEgWkq0FG19ejgRFPHxtdtDhNDepoiTihtf+lfnR+ZF
YoSe15DfotsySe9PAGGtkJfKm9ETUn5mI1GnAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUHnMvEG82i6vF8SdH/jxqf2lNcrEwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0huTXZFRzgyaTZ2RjhTZEhfanhxZjJs
TmNyRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6VjcwDQYJ
KoZIhvcNAQELBQADggEBAJsA7G4sStX7PSIW6RDykjq4IoVVA+16tUOEjT55pbVr
yOsvLFj3cugFUB8RzL8nUwwzXRNJSAkyahjN+3hBNpJrkZ7m71qH/21bG6gqaPk6
NcjS9EVSePjAjnZeyPw4DipGj+dz25aHoOKK7rRZ+NnfJP/OkvJ2DKJdGWpj1Rw1
eFXdud0JRU1FkFl5vIiHcXuoIDBTTyoCGkYOZ648xOCQ69XCMUzp+f6HuOl0u6nz
+raWEXEEKEIdSo5klAoTYMUAmreLiQ5kLCBLhRKFPQSvoVkcvc8Wn4QtmACzfoid
SIUphkly3ZbPG7WHSaf5iRFaxBCbWhizOd2gfvx+Gy8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org