Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/VXjD4T3pGb6nkh0Dv6cmzV5AcJY.roa
File: VXjD4T3pGb6nkh0Dv6cmzV5AcJY.roa (raw, json)
Hash identifier: NIQjX+j6iJiNWCE9IcOeo9RYEDHXKMwVnYzZxYmUHGg=
Subject key identifier: 55:78:C3:E1:3D:E9:19:BE:A7:92:1D:03:BF:A7:26:CD:5E:40:70:96
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 07A1
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/VXjD4T3pGb6nkh0Dv6cmzV5AcJY.roa
Signing time: Tue 29 Sep 2020 10:04:29 +0000
ROA not before: Tue 29 Sep 2020 10:04:29 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 58.86.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1953 (0x7a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 29 10:04:29 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=5578C3E13DE919BEA7921D03BFA726CD5E407096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:17:c1:d9:7a:88:e2:db:c8:40:a2:c8:9a:e4:
9f:28:48:35:01:f8:5a:f5:f7:fe:f9:16:99:51:0c:
3c:84:3c:0b:a5:12:76:03:eb:30:66:97:f7:74:43:
14:84:2f:86:19:a7:cf:2d:90:ec:e8:0b:8a:b3:91:
25:8b:14:8c:a3:24:2e:1c:61:fb:2b:93:a0:73:85:
c8:96:2f:3e:7f:e5:73:64:40:b1:65:34:72:e8:9a:
7a:ac:ad:20:33:b9:b3:ee:27:c3:cb:54:4b:9f:15:
0d:6e:ba:ac:c8:ee:8c:ce:11:cb:a2:4e:4c:9c:3f:
1b:1c:53:b3:c1:d6:a4:16:21:01:39:91:57:ae:d5:
02:20:c2:ab:dc:10:02:0a:0e:87:1e:62:7d:95:50:
14:6c:40:44:58:42:2d:cf:a5:ff:c6:a0:29:d4:66:
f6:bb:49:da:2d:72:e4:57:30:76:31:e7:09:e5:0e:
44:3f:e7:e7:b6:54:c1:b2:44:a0:85:c5:bd:4c:83:
7b:74:59:d3:2a:91:3f:2d:11:2e:a2:7f:f4:f8:f6:
c7:1a:b8:80:e3:4a:18:ed:19:fa:2c:11:cd:23:a9:
71:24:62:39:04:1c:60:af:fe:df:eb:39:3c:a8:4b:
8c:9a:fa:73:b8:cd:69:33:79:cc:1e:07:5d:b5:fd:
78:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:78:C3:E1:3D:E9:19:BE:A7:92:1D:03:BF:A7:26:CD:5E:40:70:96
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/VXjD4T3pGb6nkh0Dv6cmzV5AcJY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:d8:95:0e:40:7a:3d:88:5a:8b:1c:ab:7e:5b:6e:1d:38:e0:
7a:02:d5:dd:b2:a2:39:4d:e7:e5:af:fe:c9:af:27:8b:cc:4f:
09:c7:fc:de:93:32:e6:f2:ca:fd:31:60:ea:9b:6f:d2:fc:9a:
f3:fc:7e:28:12:27:27:6d:3f:6f:70:2b:ae:e9:e8:28:c4:47:
cf:55:95:5a:e8:e8:30:be:10:0f:bd:1c:9a:a1:85:34:b4:cc:
f5:83:98:b2:5d:99:d1:d9:6e:a9:81:c5:6a:45:fb:0a:9f:33:
1b:b1:25:9a:ef:ad:69:a1:5a:f5:08:40:65:5e:f7:7e:25:5e:
e9:53:94:2e:e8:87:5a:07:a7:9d:53:04:b9:4a:76:80:00:81:
f2:7b:9b:79:39:8c:91:99:a0:62:4e:0b:19:75:4d:34:1b:78:
8b:a4:ea:95:6b:50:70:fb:0c:f1:1a:79:e9:84:03:6a:69:d2:
f9:a2:9c:59:37:31:6e:99:ac:a1:f0:2c:51:f3:fb:3f:66:19:
4d:83:5a:b9:05:91:5f:14:04:5c:ed:99:7b:8c:fc:f0:da:14:
9a:6c:65:04:2f:61:c4:07:a6:3e:a4:c5:40:32:b7:1f:e9:c8:
01:58:28:fc:63:6f:f7:f2:75:72:62:52:7d:ad:d8:e9:fc:85:
60:49:35:52
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICB6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMDA5Mjkx
MDA0MjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDU1NzhDM0UxM0RFOTE5
QkVBNzkyMUQwM0JGQTcyNkNENUU0MDcwOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZF8HZeoji28hAosia5J8oSDUB+Fr19/75FplRDDyEPAulEnYD
6zBml/d0QxSEL4YZp88tkOzoC4qzkSWLFIyjJC4cYfsrk6BzhciWLz5/5XNkQLFl
NHLomnqsrSAzubPuJ8PLVEufFQ1uuqzI7ozOEcuiTkycPxscU7PB1qQWIQE5kVeu
1QIgwqvcEAIKDoceYn2VUBRsQERYQi3Ppf/GoCnUZva7SdotcuRXMHYx5wnlDkQ/
5+e2VMGyRKCFxb1Mg3t0WdMqkT8tES6if/T49scauIDjShjtGfosEc0jqXEkYjkE
HGCv/t/rOTyoS4ya+nO4zWkzecweB121/XgVAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUVXjD4T3pGb6nkh0Dv6cmzV5AcJYwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1ZYakQ0VDNwR2I2bmtoMER2NmNtelY1
QWNKWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwA6VjANBgkq
hkiG9w0BAQsFAAOCAQEAItiVDkB6PYhaixyrfltuHTjgegLV3bKiOU3n5a/+ya8n
i8xPCcf83pMy5vLK/TFg6ptv0vya8/x+KBInJ20/b3ArrunoKMRHz1WVWujoML4Q
D70cmqGFNLTM9YOYsl2Z0dluqYHFakX7Cp8zG7Elmu+taaFa9QhAZV73fiVe6VOU
LuiHWgennVMEuUp2gACB8nubeTmMkZmgYk4LGXVNNBt4i6TqlWtQcPsM8Rp56YQD
amnS+aKcWTcxbpmsofAsUfP7P2YZTYNauQWRXxQEXO2Ze4z88NoUmmxlBC9hxAem
PqTFQDK3H+nIAVgo/GNv9/J1cmJSfa3Y6fyFYEk1Ug==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-fra.rpki-client.org