Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/iHXHN2s22jEP8igCORlE9e24_xw.roa
File: iHXHN2s22jEP8igCORlE9e24_xw.roa (raw, json)
Hash identifier: 8lDFHKhrL5UJH30UA62lgJjOE/QuC/U14lY4Tw7JZJ4=
Subject key identifier: 88:75:C7:37:6B:36:DA:31:0F:F2:28:02:39:19:44:F5:ED:B8:FF:1C
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0799
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/iHXHN2s22jEP8igCORlE9e24_xw.roa
Signing time: Tue 29 Sep 2020 10:04:26 +0000
ROA not before: Tue 29 Sep 2020 10:04:26 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 58.86.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1945 (0x799)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 29 10:04:26 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=8875C7376B36DA310FF22802391944F5EDB8FF1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ed:c4:cc:d5:60:04:38:b8:d3:81:ae:9b:a3:
31:fd:41:ed:35:65:c1:b1:29:9e:cc:30:f8:95:1f:
c6:ca:c7:1a:49:32:25:d7:79:1e:a7:1f:47:a8:41:
11:9c:8e:cd:bf:b9:7b:e2:94:85:91:3a:43:b7:18:
80:72:de:ab:57:25:7c:44:33:e8:7d:35:55:67:3a:
44:34:e0:09:c1:25:87:d4:2b:e3:07:b4:25:14:7e:
5d:af:76:5a:d7:01:a5:fa:de:4d:1e:84:68:72:08:
f5:02:7c:92:3e:6c:84:4a:8c:b4:ff:b3:f8:0d:ea:
b1:8e:d9:4e:75:1e:36:d8:2b:6f:d9:32:f9:50:d4:
8f:35:ec:1c:1c:c8:39:7b:e7:e0:7b:07:78:7a:25:
b4:32:92:2b:b4:89:c4:b2:8f:10:7f:4b:31:07:cb:
23:bd:a8:d2:ad:f9:f4:45:d3:7d:7b:7a:84:d1:9c:
11:b2:95:9e:51:27:86:52:3f:25:a1:a7:66:eb:84:
c5:87:e4:b5:32:b5:88:3d:c2:2f:e6:9d:b0:b6:a3:
0c:0f:02:72:6d:9e:f3:d0:16:ca:02:0a:ec:2d:b5:
f4:a3:0f:da:df:db:7d:00:0c:01:18:3a:d6:a4:60:
03:1c:02:fd:3e:db:06:90:be:6f:e5:88:fa:15:b3:
94:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:75:C7:37:6B:36:DA:31:0F:F2:28:02:39:19:44:F5:ED:B8:FF:1C
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/iHXHN2s22jEP8igCORlE9e24_xw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.46.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:7c:6b:21:bc:34:b7:49:70:24:4e:9f:94:84:af:33:de:8f:
6c:33:4a:cd:cf:3b:8d:89:2c:41:68:0f:7e:4c:88:07:d3:e1:
e3:4b:bd:f4:1a:8c:e8:13:b1:7d:8f:0a:17:15:dd:f6:c6:cd:
e8:f5:8f:df:4b:71:82:ff:06:22:9b:14:11:58:0c:e8:d9:89:
71:f7:03:e9:3b:bb:73:84:3f:e1:35:5c:43:12:cb:30:a2:a8:
04:68:4d:ff:9d:43:24:14:6d:e7:43:f8:ed:4f:8f:1e:ec:e8:
1a:cd:11:f3:2d:6a:40:bf:d3:c7:52:7f:49:d1:85:77:3b:49:
aa:0a:7b:a7:ae:4a:07:46:f0:48:33:aa:93:53:7d:72:fe:5c:
54:10:ae:1d:4a:c2:41:42:01:10:94:86:2d:be:84:50:3f:d9:
f2:0e:ea:dc:ab:73:be:cc:88:23:75:0b:d9:dc:47:6f:08:ad:
ee:12:a0:69:72:09:23:53:19:fa:30:ca:25:19:35:b2:66:1d:
da:89:3d:e5:12:41:7d:90:22:da:61:db:e5:cf:b0:8b:23:d5:
ab:23:33:9d:5d:91:98:2f:1e:02:75:4d:52:be:c3:31:a0:c2:
dd:c0:fa:17:85:13:80:d6:cf:99:55:ff:ae:61:b2:2c:4e:56:
72:1f:38:21
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB5kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMDA5Mjkx
MDA0MjZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg4NzVDNzM3NkIzNkRB
MzEwRkYyMjgwMjM5MTk0NEY1RURCOEZGMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC87cTM1WAEOLjTga6bozH9Qe01ZcGxKZ7MMPiVH8bKxxpJMiXX
eR6nH0eoQRGcjs2/uXvilIWROkO3GIBy3qtXJXxEM+h9NVVnOkQ04AnBJYfUK+MH
tCUUfl2vdlrXAaX63k0ehGhyCPUCfJI+bIRKjLT/s/gN6rGO2U51HjbYK2/ZMvlQ
1I817BwcyDl75+B7B3h6JbQykiu0icSyjxB/SzEHyyO9qNKt+fRF0317eoTRnBGy
lZ5RJ4ZSPyWhp2brhMWH5LUytYg9wi/mnbC2owwPAnJtnvPQFsoCCuwttfSjD9rf
230ADAEYOtakYAMcAv0+2waQvm/liPoVs5ShAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUiHXHN2s22jEP8igCORlE9e24/xwwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL2lIWEhOMnMyMmpFUDhpZ0NPUmxFOWUy
NF94dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6Vi4wDQYJ
KoZIhvcNAQELBQADggEBAD98ayG8NLdJcCROn5SErzPej2wzSs3PO42JLEFoD35M
iAfT4eNLvfQajOgTsX2PChcV3fbGzej1j99LcYL/BiKbFBFYDOjZiXH3A+k7u3OE
P+E1XEMSyzCiqARoTf+dQyQUbedD+O1Pjx7s6BrNEfMtakC/08dSf0nRhXc7SaoK
e6euSgdG8EgzqpNTfXL+XFQQrh1KwkFCARCUhi2+hFA/2fIO6tyrc77MiCN1C9nc
R28Ire4SoGlyCSNTGfowyiUZNbJmHdqJPeUSQX2QItph2+XPsIsj1asjM51dkZgv
HgJ1TVK+wzGgwt3A+heFE4DWz5lV/65hsixOVnIfOCE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:34:01 2025 by rpki-client