Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/kI9M3wlUx5BOvXLTXVQP_AmxI4U.roa
File: kI9M3wlUx5BOvXLTXVQP_AmxI4U.roa (raw, json)
Hash identifier: 2PSzFOqNiczZb+E+1jm90zQgoBNkey1MFNpGFJ5O7hE=
Subject key identifier: 90:8F:4C:DF:09:54:C7:90:4E:BD:72:D3:5D:54:0F:FC:09:B1:23:85
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0BA8
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/kI9M3wlUx5BOvXLTXVQP_AmxI4U.roa
Signing time: Fri 01 Sep 2023 09:11:32 +0000
ROA not before: Fri 01 Sep 2023 09:11:32 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18042
IP address blocks: 58.86.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2984 (0xba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 1 09:11:32 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=908F4CDF0954C7904EBD72D35D540FFC09B12385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:03:51:81:0a:5d:71:64:a3:21:e5:d0:43:1d:
b0:02:b2:8b:70:c3:15:b8:26:bb:e4:c5:3e:9a:ae:
63:e2:79:1b:e1:33:ab:f5:76:cc:46:76:06:b3:5e:
93:2b:8c:3d:a6:a2:10:99:17:2f:2f:d6:63:76:86:
b4:e4:19:13:96:57:35:69:e8:08:eb:26:90:4c:3a:
b6:e9:fa:cd:39:bc:bc:c7:6b:2e:a3:41:da:82:4c:
ce:76:48:63:71:ca:02:c2:c4:c2:35:a4:75:f7:fe:
80:ed:24:6d:39:05:7f:5c:d0:8e:02:8b:8c:9b:c6:
65:b1:30:3b:73:da:d5:ad:4d:8f:5c:bc:00:9a:24:
fe:59:0e:d4:98:96:aa:85:fa:3d:bf:93:59:89:89:
9a:79:12:09:7a:ea:ae:9e:c3:46:50:33:23:2a:4c:
8b:3a:02:72:74:94:02:b2:f4:68:ed:25:5a:bf:39:
07:ae:c1:7c:7f:af:ef:57:3b:08:e5:fa:e4:1e:64:
92:9e:91:21:62:b6:f9:4d:89:f2:7c:17:9b:d9:e5:
dc:21:29:94:46:64:b4:3a:a4:a5:82:80:0a:da:ad:
a9:7b:79:11:75:dc:36:a9:97:4f:33:75:5d:21:15:
7a:8b:c9:50:34:a3:13:f1:13:a1:44:6b:48:fb:32:
bd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8F:4C:DF:09:54:C7:90:4E:BD:72:D3:5D:54:0F:FC:09:B1:23:85
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/kI9M3wlUx5BOvXLTXVQP_AmxI4U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:27:c8:53:09:d4:08:43:d1:78:19:0a:24:fb:85:82:ba:9c:
d8:c4:17:28:d2:20:aa:e0:08:fd:37:39:87:a7:26:40:3a:ad:
8c:41:3a:b7:8a:22:d8:e3:96:16:ff:ff:e5:21:77:b4:b0:e0:
53:67:5e:ce:e7:ee:c4:24:6b:b7:ad:f4:d1:ac:02:a8:de:76:
63:8c:c5:e6:c3:44:a9:13:f9:49:b0:91:e6:19:f8:ce:bb:b0:
6b:97:32:a3:d5:fb:08:41:93:38:a7:bf:67:2d:a2:09:b5:7f:
9a:10:4e:7c:a0:8f:e8:a1:06:4b:71:16:19:f4:69:ac:aa:1c:
d3:6b:dd:85:89:44:8b:a0:83:21:db:c5:95:f9:0e:70:49:d3:
77:82:3e:87:2b:7c:dc:a1:fc:ae:ff:b3:83:41:82:04:bc:82:
48:b1:6d:6a:84:cb:d3:85:43:c7:e3:c2:5e:c2:1f:64:db:ba:
40:1a:20:27:42:67:e3:37:1c:4d:8e:ed:42:97:00:d2:09:6f:
da:b8:b3:44:83:45:e0:d0:70:f5:0f:dc:de:39:81:1f:bd:3b:
22:74:41:6f:62:50:16:fd:ca:93:8f:f0:fa:86:28:16:bd:4d:
2f:4e:5f:36:94:fd:17:d5:fc:47:c8:03:3e:8b:25:9d:f6:06:
eb:fb:59:cf
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC6gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMzA5MDEw
OTExMzJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkwOEY0Q0RGMDk1NEM3
OTA0RUJENzJEMzVENTQwRkZDMDlCMTIzODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpA1GBCl1xZKMh5dBDHbACsotwwxW4JrvkxT6armPieRvhM6v1
dsxGdgazXpMrjD2mohCZFy8v1mN2hrTkGROWVzVp6AjrJpBMOrbp+s05vLzHay6j
QdqCTM52SGNxygLCxMI1pHX3/oDtJG05BX9c0I4Ci4ybxmWxMDtz2tWtTY9cvACa
JP5ZDtSYlqqF+j2/k1mJiZp5Egl66q6ew0ZQMyMqTIs6AnJ0lAKy9GjtJVq/OQeu
wXx/r+9XOwjl+uQeZJKekSFitvlNifJ8F5vZ5dwhKZRGZLQ6pKWCgAraral7eRF1
3Dapl08zdV0hFXqLyVA0oxPxE6FEa0j7Mr17AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUkI9M3wlUx5BOvXLTXVQP/AmxI4UwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL2tJOU0zd2xVeDVCT3ZYTFRYVlFQX0Ft
eEk0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6VjcwDQYJ
KoZIhvcNAQELBQADggEBADsnyFMJ1AhD0XgZCiT7hYK6nNjEFyjSIKrgCP03OYen
JkA6rYxBOreKItjjlhb//+Uhd7Sw4FNnXs7n7sQka7et9NGsAqjedmOMxebDRKkT
+UmwkeYZ+M67sGuXMqPV+whBkzinv2ctogm1f5oQTnygj+ihBktxFhn0aayqHNNr
3YWJRIuggyHbxZX5DnBJ03eCPocrfNyh/K7/s4NBggS8gkixbWqEy9OFQ8fjwl7C
H2TbukAaICdCZ+M3HE2O7UKXANIJb9q4s0SDReDQcPUP3N45gR+9OyJ0QW9iUBb9
ypOP8PqGKBa9TS9OXzaU/RfV/EfIAz6LJZ32Buv7Wc8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:10:15 2025 by rpki-client