Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/ZOAkhjk5VtUlGBs526f-3sreMT0.roa
File: ZOAkhjk5VtUlGBs526f-3sreMT0.roa (raw, json)
Hash identifier: jcUSXvor9pqv9hLMu3IEyA7plscV2U+ByyPyolkG3Uw=
Subject key identifier: 64:E0:24:86:39:39:56:D5:25:18:1B:39:DB:A7:FE:DE:CA:DE:31:3D
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0B9C
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/ZOAkhjk5VtUlGBs526f-3sreMT0.roa
Signing time: Fri 01 Sep 2023 09:11:29 +0000
ROA not before: Fri 01 Sep 2023 09:11:29 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18018
IP address blocks: 58.86.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2972 (0xb9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 1 09:11:29 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=64E02486393956D525181B39DBA7FEDECADE313D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:47:23:33:77:3b:c6:21:33:91:9c:a4:5d:77:
26:c5:f2:70:b9:46:a1:92:b0:6b:11:e7:81:21:31:
4a:87:13:52:a2:55:d9:64:a0:a0:0b:4f:18:1f:86:
63:76:ec:b3:60:fe:53:7d:b5:bd:c4:b4:8b:f1:33:
07:46:3c:b4:21:41:0e:89:06:bb:10:b8:ee:26:f4:
33:a3:cd:b5:dd:78:71:22:ae:ab:24:47:93:a1:7a:
93:05:f1:b9:8a:1b:48:be:50:17:d2:4e:91:68:a6:
d8:7f:13:b6:6c:2b:7f:62:d3:b2:52:a5:18:fb:04:
b7:c4:3e:f4:1b:f9:38:ad:f1:48:81:30:6b:0d:f0:
d0:11:51:5d:d1:e7:7a:e9:35:82:c4:ae:80:45:a4:
77:2c:ed:01:4b:f9:99:79:bc:33:3a:68:5e:63:37:
4b:63:ec:4a:c3:fb:19:bc:5d:27:14:78:6d:53:c4:
7b:94:f9:cb:81:64:58:5d:b9:d5:d1:33:ed:f7:da:
f7:65:5d:4e:48:08:33:98:ad:16:5e:cc:01:e9:26:
1f:f7:c1:dc:dc:75:83:1c:8d:35:6c:29:bf:23:a8:
d2:2b:50:3b:25:18:dd:a0:eb:e4:24:3c:af:be:80:
51:2e:e7:4c:46:25:35:83:74:e3:df:17:2a:ee:96:
e1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E0:24:86:39:39:56:D5:25:18:1B:39:DB:A7:FE:DE:CA:DE:31:3D
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/ZOAkhjk5VtUlGBs526f-3sreMT0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.46.0/24
Signature Algorithm: sha256WithRSAEncryption
07:00:38:9b:49:07:2e:0c:a3:90:59:17:c1:f9:11:f3:e1:d1:
fd:2f:17:99:a7:01:a7:e1:08:6e:a1:2c:7b:29:6a:39:1d:8e:
12:0f:e0:18:6b:8e:0f:07:48:b8:93:9b:b6:ac:8f:c6:93:92:
e7:47:ce:af:b5:c1:04:97:01:e1:00:84:3d:c6:13:8b:d0:6d:
e3:61:7e:08:a3:e4:27:cd:05:5a:61:be:c6:f2:6a:d8:05:05:
f3:0b:60:be:5a:1a:eb:28:a0:34:88:b8:0a:ae:60:6d:2d:cb:
85:49:e4:9e:f6:30:c0:9f:fc:11:97:23:7e:bb:b4:fb:6a:39:
50:c7:30:51:ed:56:ce:60:ce:c3:c7:07:ce:55:e8:1f:8f:c8:
b6:eb:89:da:63:31:77:90:e9:4f:8c:9f:91:c3:3d:15:e7:c3:
62:aa:cc:c0:0e:01:3f:87:74:44:9a:b5:b5:58:4d:12:bb:94:
17:bc:d0:a9:4e:37:64:f7:1c:f1:3f:2f:1e:0c:0e:a8:6e:2b:
0f:54:d4:54:eb:f5:50:b1:7f:cf:11:b4:5f:38:2e:ee:af:5f:
b6:03:5a:45:e0:25:d4:fb:71:e8:75:2c:5c:23:ab:d7:63:34:
e6:c0:e1:57:37:e5:c7:0a:93:c5:e0:85:5a:2a:8d:ce:4a:08:
74:8c:8d:ac
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC5wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMzA5MDEw
OTExMjlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY0RTAyNDg2MzkzOTU2
RDUyNTE4MUIzOURCQTdGRURFQ0FERTMxM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeRyMzdzvGITORnKRddybF8nC5RqGSsGsR54EhMUqHE1KiVdlk
oKALTxgfhmN27LNg/lN9tb3EtIvxMwdGPLQhQQ6JBrsQuO4m9DOjzbXdeHEirqsk
R5OhepMF8bmKG0i+UBfSTpFopth/E7ZsK39i07JSpRj7BLfEPvQb+Tit8UiBMGsN
8NARUV3R53rpNYLEroBFpHcs7QFL+Zl5vDM6aF5jN0tj7ErD+xm8XScUeG1TxHuU
+cuBZFhdudXRM+332vdlXU5ICDOYrRZezAHpJh/3wdzcdYMcjTVsKb8jqNIrUDsl
GN2g6+QkPK++gFEu50xGJTWDdOPfFyruluHvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUZOAkhjk5VtUlGBs526f+3sreMT0wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1pPQWtoams1VnRVbEdCczUyNmYtM3Ny
ZU1UMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6Vi4wDQYJ
KoZIhvcNAQELBQADggEBAAcAOJtJBy4Mo5BZF8H5EfPh0f0vF5mnAafhCG6hLHsp
ajkdjhIP4Bhrjg8HSLiTm7asj8aTkudHzq+1wQSXAeEAhD3GE4vQbeNhfgij5CfN
BVphvsbyatgFBfMLYL5aGusooDSIuAquYG0ty4VJ5J72MMCf/BGXI367tPtqOVDH
MFHtVs5gzsPHB85V6B+PyLbridpjMXeQ6U+Mn5HDPRXnw2KqzMAOAT+HdESatbVY
TRK7lBe80KlON2T3HPE/Lx4MDqhuKw9U1FTr9VCxf88RtF84Lu6vX7YDWkXgJdT7
ceh1LFwjq9djNObA4Vc35ccKk8XghVoqjc5KCHSMjaw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:36 2025 by rpki-client