Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/QBVWh8KxmK-lbvoST0zVSMpArgA.roa
File: QBVWh8KxmK-lbvoST0zVSMpArgA.roa (raw, json)
Hash identifier: hxoRo+0TQkBfhkpE5NIbsR4xlGnygEeHyIYPxRZjYlo=
Subject key identifier: 40:15:56:87:C2:B1:98:AF:A5:6E:FA:12:4F:4C:D5:48:CA:40:AE:00
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0AA1
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/QBVWh8KxmK-lbvoST0zVSMpArgA.roa
Signing time: Thu 15 Sep 2022 02:40:59 +0000
ROA not before: Thu 15 Sep 2022 02:40:59 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18018
IP address blocks: 58.86.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2721 (0xaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 15 02:40:59 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=40155687C2B198AFA56EFA124F4CD548CA40AE00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c9:f4:c9:36:ea:8c:c8:2d:d0:c5:64:ba:19:
e8:a9:a6:84:31:88:8a:96:61:8c:48:b9:99:48:53:
e7:36:23:88:3c:e3:c5:04:a9:2b:90:15:46:cd:f6:
d3:9d:29:53:35:2b:af:10:ec:c8:57:2d:48:d5:77:
fe:ee:09:a1:a9:66:f0:f5:a7:80:93:c3:24:0b:3a:
09:f7:7e:b7:61:de:c9:83:d2:41:02:2c:e6:e9:d0:
fb:89:c9:c1:04:36:e7:7f:f0:66:27:e5:f4:9e:cd:
be:e9:46:bc:46:94:1e:70:90:73:ec:0e:e9:6b:d5:
45:41:4c:65:62:bb:f5:d6:43:d8:59:09:63:d7:17:
4f:47:3d:89:e6:f7:f0:27:6a:5d:00:22:0b:92:cc:
07:5f:2d:ee:eb:e8:67:56:09:a2:c9:19:64:16:aa:
04:fe:96:7f:72:9e:2e:98:84:ad:ce:98:29:71:9d:
58:2b:71:b7:70:22:bc:b2:48:5e:cb:65:c6:cb:f2:
d2:8f:5a:7c:c7:6d:4a:e5:b2:40:86:8e:b9:ec:75:
b9:ba:0f:3f:9f:3f:7c:6e:3f:3f:18:f2:13:17:5f:
73:a5:7d:52:00:50:c1:e3:0c:ef:39:58:41:49:c1:
27:f0:21:e5:60:98:a4:e1:d2:8f:8d:99:6b:f4:c3:
6e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:15:56:87:C2:B1:98:AF:A5:6E:FA:12:4F:4C:D5:48:CA:40:AE:00
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/QBVWh8KxmK-lbvoST0zVSMpArgA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.46.0/24
Signature Algorithm: sha256WithRSAEncryption
af:38:28:ad:cd:3d:8f:06:a3:4b:b1:7b:85:c2:27:ad:5a:15:
bf:d0:83:6c:59:c8:d8:57:5b:be:0b:fe:89:63:52:eb:90:c7:
a8:39:f0:cc:aa:e7:72:c3:af:a1:6d:51:1b:5a:90:36:f9:85:
64:f6:17:5c:d3:54:ce:b1:e9:9e:a5:53:12:b3:62:93:3b:b7:
2c:fe:31:6f:a9:53:f9:0e:d6:62:ea:5d:4b:68:8c:23:8d:12:
66:9a:ca:5d:e3:34:10:ec:11:fa:b4:c4:23:c0:25:d6:19:19:
cc:aa:45:11:3b:19:b6:92:24:2a:94:50:f2:3d:83:f1:eb:9d:
35:9a:60:02:6b:4e:e2:a1:68:ca:bc:dc:5e:e6:c0:dd:04:38:
70:87:1f:db:b0:21:59:39:e7:0a:37:8c:af:0b:5d:73:63:c4:
2b:34:93:d8:bf:16:62:db:5d:64:04:e5:e1:1e:2d:cc:d8:17:
39:bf:37:13:f9:ea:0f:1a:54:04:96:40:d6:f0:8f:f4:b9:d9:
d8:63:ee:3e:b4:75:b4:1a:72:4a:53:3c:b8:26:8a:b5:24:32:
70:c0:29:75:5a:45:09:b7:65:75:2f:75:5e:b0:5d:e6:ea:f0:
e7:b1:61:08:e5:af:b5:f1:01:aa:65:c3:20:fd:f1:14:4d:9d:
e7:a8:7d:ee
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMjA5MTUw
MjQwNTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQwMTU1Njg3QzJCMTk4
QUZBNTZFRkExMjRGNENENTQ4Q0E0MEFFMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpyfTJNuqMyC3QxWS6GeippoQxiIqWYYxIuZlIU+c2I4g848UE
qSuQFUbN9tOdKVM1K68Q7MhXLUjVd/7uCaGpZvD1p4CTwyQLOgn3frdh3smD0kEC
LObp0PuJycEENud/8GYn5fSezb7pRrxGlB5wkHPsDulr1UVBTGViu/XWQ9hZCWPX
F09HPYnm9/Anal0AIguSzAdfLe7r6GdWCaLJGWQWqgT+ln9yni6YhK3OmClxnVgr
cbdwIryySF7LZcbL8tKPWnzHbUrlskCGjrnsdbm6Dz+fP3xuPz8Y8hMXX3OlfVIA
UMHjDO85WEFJwSfwIeVgmKTh0o+NmWv0w24RAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUQBVWh8KxmK+lbvoST0zVSMpArgAwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1FCVldoOEt4bUstbGJ2b1NUMHpWU01w
QXJnQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6Vi4wDQYJ
KoZIhvcNAQELBQADggEBAK84KK3NPY8Go0uxe4XCJ61aFb/Qg2xZyNhXW74L/olj
UuuQx6g58Myq53LDr6FtURtakDb5hWT2F1zTVM6x6Z6lUxKzYpM7tyz+MW+pU/kO
1mLqXUtojCONEmaayl3jNBDsEfq0xCPAJdYZGcyqRRE7GbaSJCqUUPI9g/HrnTWa
YAJrTuKhaMq83F7mwN0EOHCHH9uwIVk55wo3jK8LXXNjxCs0k9i/FmLbXWQE5eEe
LczYFzm/NxP56g8aVASWQNbwj/S52dhj7j60dbQackpTPLgmirUkMnDAKXVaRQm3
ZXUvdV6wXebq8OexYQjlr7XxAaplwyD98RRNneeofe4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org