Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/W3PEbS5btzBWWZIDbgEDFcv2q8I.roa
File: W3PEbS5btzBWWZIDbgEDFcv2q8I.roa (raw, json)
Hash identifier: QlnYW9fhgO5/lRACRObF0kUirZhgjXknBxFihDreSCo=
Subject key identifier: 5B:73:C4:6D:2E:5B:B7:30:56:59:92:03:6E:01:03:15:CB:F6:AB:C2
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0AA1
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/W3PEbS5btzBWWZIDbgEDFcv2q8I.roa
Signing time: Thu 15 Sep 2022 02:41:01 +0000
ROA not before: Thu 15 Sep 2022 02:41:01 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18042
IP address blocks: 58.86.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2721 (0xaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 15 02:41:01 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5B73C46D2E5BB730565992036E010315CBF6ABC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a9:a7:a8:9d:5f:b7:17:82:e5:de:47:d9:69:
01:47:4c:85:b8:2c:94:c9:e1:26:15:98:f7:62:b1:
71:eb:59:dd:fa:4b:0c:1a:16:7c:86:82:4c:d6:9b:
a1:09:aa:4a:bc:66:27:c3:bb:2e:1e:b5:82:9d:9b:
ca:99:b3:9d:ee:4c:37:14:47:8c:6f:63:5f:1b:d5:
c5:8b:72:3f:43:7f:5e:27:a5:f3:fe:20:6f:4c:fc:
af:5f:61:f4:14:90:4d:9e:8a:ee:47:e5:c8:0c:e3:
d1:80:46:57:9c:03:d2:eb:4f:dc:21:92:9a:21:87:
0b:d5:a8:1a:4f:03:f8:be:a5:be:22:6a:87:ad:3b:
e7:cf:f8:86:c9:fd:ba:05:2e:c9:f5:45:7b:ed:d8:
cf:87:ae:da:5a:08:ae:7b:11:70:e0:b4:ae:fe:2c:
a2:cc:81:28:4e:f3:56:06:ba:12:c7:17:18:6d:27:
36:09:99:6f:be:f2:f6:f2:ba:d2:28:d6:ea:84:c5:
60:9d:43:cb:9f:8a:39:a4:9d:ce:30:84:d3:3c:0b:
9a:a7:35:d6:9b:ab:e1:17:18:c6:5f:5c:80:d7:fc:
c5:c7:cf:c4:98:27:84:fa:62:4e:50:e0:93:42:6c:
8e:fd:d0:9e:58:37:41:68:5f:50:d2:41:2a:a0:e1:
47:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:73:C4:6D:2E:5B:B7:30:56:59:92:03:6E:01:03:15:CB:F6:AB:C2
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/W3PEbS5btzBWWZIDbgEDFcv2q8I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.46.0/24
Signature Algorithm: sha256WithRSAEncryption
22:a3:73:46:87:b9:7b:bf:dc:e4:1b:09:d0:62:7d:5a:c5:39:
dd:f3:a6:a6:0d:1f:c1:92:5e:ae:94:44:56:79:e9:10:17:70:
44:41:67:60:00:3e:5f:9f:6d:16:9f:2d:91:7f:0f:17:f9:05:
b1:2c:aa:f0:dc:1d:d1:96:07:4c:64:b1:f6:4d:9d:0c:6f:91:
64:ba:1a:3d:d5:c2:6b:fa:e1:67:d2:b0:ae:10:d2:a7:cb:64:
4b:42:f5:30:5d:af:6a:fa:77:1a:be:d9:15:3d:b7:9d:fe:4a:
6d:70:ec:82:71:63:cd:0c:2e:10:5a:ed:e5:06:f9:dd:a8:42:
db:b4:0a:ff:8a:d5:02:d5:d6:60:c8:e3:d0:91:5f:06:d3:10:
eb:d2:35:b7:f1:eb:91:21:b6:33:33:8d:79:2d:fb:ae:e1:cd:
44:ee:35:c2:bb:8e:e9:04:aa:67:5e:36:96:65:09:9e:2f:70:
dc:63:b6:3b:9c:b6:17:24:1a:d3:9e:c0:86:95:4f:32:fe:6f:
fa:ee:9a:d4:c7:50:6e:6c:fb:81:97:4c:04:d2:6a:53:b6:15:
6a:95:51:3f:b4:e1:88:2d:fe:e4:f2:91:b5:bf:16:15:59:5f:
5a:87:a6:ad:5c:3d:54:fc:bb:4d:5a:a7:9d:a5:da:b9:8a:98:
b5:e4:cf:73
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMjA5MTUw
MjQxMDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVCNzNDNDZEMkU1QkI3
MzA1NjU5OTIwMzZFMDEwMzE1Q0JGNkFCQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZqaeonV+3F4Ll3kfZaQFHTIW4LJTJ4SYVmPdisXHrWd36Swwa
FnyGgkzWm6EJqkq8ZifDuy4etYKdm8qZs53uTDcUR4xvY18b1cWLcj9Df14npfP+
IG9M/K9fYfQUkE2eiu5H5cgM49GARlecA9LrT9whkpohhwvVqBpPA/i+pb4iaoet
O+fP+IbJ/boFLsn1RXvt2M+HrtpaCK57EXDgtK7+LKLMgShO81YGuhLHFxhtJzYJ
mW++8vbyutIo1uqExWCdQ8ufijmknc4whNM8C5qnNdabq+EXGMZfXIDX/MXHz8SY
J4T6Yk5Q4JNCbI790J5YN0FoX1DSQSqg4UdrAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUW3PEbS5btzBWWZIDbgEDFcv2q8IwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1czUEViUzVidHpCV1daSURiZ0VERmN2
MnE4SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6Vi4wDQYJ
KoZIhvcNAQELBQADggEBACKjc0aHuXu/3OQbCdBifVrFOd3zpqYNH8GSXq6URFZ5
6RAXcERBZ2AAPl+fbRafLZF/Dxf5BbEsqvDcHdGWB0xksfZNnQxvkWS6Gj3Vwmv6
4WfSsK4Q0qfLZEtC9TBdr2r6dxq+2RU9t53+Sm1w7IJxY80MLhBa7eUG+d2oQtu0
Cv+K1QLV1mDI49CRXwbTEOvSNbfx65EhtjMzjXkt+67hzUTuNcK7jukEqmdeNpZl
CZ4vcNxjtjucthckGtOewIaVTzL+b/rumtTHUG5s+4GXTATSalO2FWqVUT+04Ygt
/uTykbW/FhVZX1qHpq1cPVT8u01ap52l2rmKmLXkz3M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org