Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/NRzMv67V_v8QWHx0iw0LNRnrhp0.roa
File: NRzMv67V_v8QWHx0iw0LNRnrhp0.roa (raw, json)
Hash identifier: yekr/xmDcnyKaHsuWkFvGUdDDN49i3cloQrDR4aSrRI=
Subject key identifier: 35:1C:CC:BF:AE:D5:FE:FF:10:58:7C:74:8B:0D:0B:35:19:EB:86:9D
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 08FB
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/NRzMv67V_v8QWHx0iw0LNRnrhp0.roa
Signing time: Sun 07 Feb 2021 11:54:39 +0000
ROA not before: Sun 07 Feb 2021 11:54:39 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 58.86.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2299 (0x8fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 7 11:54:39 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=351CCCBFAED5FEFF10587C748B0D0B3519EB869D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6e:ed:76:4b:3a:47:48:f9:d0:f7:28:55:fd:
30:75:e1:6c:51:e3:9a:57:28:7e:0c:64:e0:30:b5:
d8:27:cc:2a:00:aa:4e:c5:63:d1:9d:23:f1:0e:91:
91:17:be:89:d9:a5:73:cc:34:2b:6e:22:39:e9:f9:
35:e3:cd:27:99:1d:d3:d0:71:fc:f5:2b:39:2d:ed:
cc:c3:1b:f9:47:ed:09:58:51:d2:d7:da:25:2a:1e:
93:98:de:43:a7:b1:68:b6:cb:63:da:37:bb:58:a5:
6f:44:0a:df:d9:61:13:9f:f2:27:d7:be:4d:46:c6:
1d:1e:41:d4:2b:ad:e7:08:13:42:42:27:ef:af:24:
b4:26:25:11:d7:8b:9a:09:6e:b0:34:dc:d4:03:37:
67:72:eb:39:ff:0d:24:8b:cf:7a:45:4e:c7:e7:96:
07:a5:c4:58:7c:b8:47:f6:45:e2:85:96:93:79:20:
43:5c:c1:20:15:a9:63:89:5c:33:14:67:25:d4:11:
0a:eb:e5:e9:02:5d:df:c6:e8:33:3d:7c:66:62:eb:
a9:ac:3b:c3:a7:85:51:8c:57:db:47:96:fd:36:8a:
b0:5e:c7:53:f3:07:0d:31:18:53:30:09:96:20:80:
f4:15:13:aa:6e:7c:36:1e:62:18:b3:9d:79:00:b3:
b8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1C:CC:BF:AE:D5:FE:FF:10:58:7C:74:8B:0D:0B:35:19:EB:86:9D
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/NRzMv67V_v8QWHx0iw0LNRnrhp0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.46.0/24
Signature Algorithm: sha256WithRSAEncryption
14:8a:77:54:15:84:df:cd:16:5d:95:07:94:f8:cb:c3:38:b1:
3b:2d:91:85:b7:30:3f:fd:e7:10:18:06:5f:6e:b4:59:8b:2d:
e8:c5:58:5e:2a:53:a3:88:dd:40:ae:51:63:43:eb:95:c0:50:
34:38:2d:b0:89:63:ee:cb:0f:a3:07:55:85:a9:a3:51:32:c6:
39:4f:6b:98:92:e4:b1:14:6b:1a:55:55:8b:c3:57:d4:2a:b4:
1c:08:99:34:aa:c1:73:46:0d:4b:e1:e2:4f:fc:b3:a0:70:95:
16:52:ea:4d:49:46:7b:e2:3f:b1:f3:3e:20:f2:fa:12:e0:e6:
a0:5d:f4:9b:5a:29:b5:f2:0e:3c:fa:db:a4:ee:f0:d0:4c:d7:
88:ec:3d:98:79:b2:27:38:73:49:67:37:dd:27:d7:85:16:f5:
0c:f5:fc:31:76:b0:b7:8f:b5:79:4a:46:f4:25:98:15:9f:6c:
70:55:f2:3e:92:de:9d:d3:16:a6:4a:7f:14:ae:eb:6d:e8:91:
23:33:f9:66:d6:0d:f2:ba:87:d1:a8:62:9b:d1:3d:84:07:a3:
b2:a4:5a:f8:14:c0:c0:ba:43:20:3b:0f:33:3b:10:7f:cd:77:
56:58:b4:06:b7:3e:c3:a8:37:9a:a3:bb:0f:ca:d9:95:6c:3b:
39:b6:4b:34
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAyMDcx
MTU0MzlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM1MUNDQ0JGQUVENUZF
RkYxMDU4N0M3NDhCMEQwQjM1MTlFQjg2OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrbu12SzpHSPnQ9yhV/TB14WxR45pXKH4MZOAwtdgnzCoAqk7F
Y9GdI/EOkZEXvonZpXPMNCtuIjnp+TXjzSeZHdPQcfz1Kzkt7czDG/lH7QlYUdLX
2iUqHpOY3kOnsWi2y2PaN7tYpW9ECt/ZYROf8ifXvk1Gxh0eQdQrrecIE0JCJ++v
JLQmJRHXi5oJbrA03NQDN2dy6zn/DSSLz3pFTsfnlgelxFh8uEf2ReKFlpN5IENc
wSAVqWOJXDMUZyXUEQrr5ekCXd/G6DM9fGZi66msO8OnhVGMV9tHlv02irBex1Pz
Bw0xGFMwCZYggPQVE6pufDYeYhiznXkAs7jBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUNRzMv67V/v8QWHx0iw0LNRnrhp0wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL05Sek12NjdWX3Y4UVdIeDBpdzBMTlJu
cmhwMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6Vi4wDQYJ
KoZIhvcNAQELBQADggEBABSKd1QVhN/NFl2VB5T4y8M4sTstkYW3MD/95xAYBl9u
tFmLLejFWF4qU6OI3UCuUWND65XAUDQ4LbCJY+7LD6MHVYWpo1EyxjlPa5iS5LEU
axpVVYvDV9QqtBwImTSqwXNGDUvh4k/8s6BwlRZS6k1JRnviP7HzPiDy+hLg5qBd
9JtaKbXyDjz626Tu8NBM14jsPZh5sic4c0lnN90n14UW9Qz1/DF2sLePtXlKRvQl
mBWfbHBV8j6S3p3TFqZKfxSu623okSMz+WbWDfK6h9GoYpvRPYQHo7KkWvgUwMC6
QyA7DzM7EH/Nd1ZYtAa3PsOoN5qjuw/K2ZVsOzm2SzQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org