Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/kMo5H5ocVnrt0x08WYQo6uxdxhU.roa
File: kMo5H5ocVnrt0x08WYQo6uxdxhU.roa (raw, json)
Hash identifier: KNnjbZwrXTSr+7gQLvnQZFQ9KsIM4B4I2pFT1u692rY=
Subject key identifier: 90:CA:39:1F:9A:1C:56:7A:ED:D3:1D:3C:59:84:28:EA:EC:5D:C6:15
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 09AE
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/kMo5H5ocVnrt0x08WYQo6uxdxhU.roa
Signing time: Wed 29 Sep 2021 02:40:43 +0000
ROA not before: Wed 29 Sep 2021 02:40:43 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18042
IP address blocks: 58.86.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2478 (0x9ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 29 02:40:43 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=90CA391F9A1C567AEDD31D3C598428EAEC5DC615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1b:6d:6a:8c:83:02:78:1f:f5:67:bc:40:cb:
05:46:67:a9:56:37:94:4c:58:38:66:2c:85:c7:67:
9f:ae:d5:e9:f5:f5:ad:4c:86:85:64:ca:08:ad:e6:
ac:9e:e4:2e:30:bb:ca:0b:53:7a:4b:39:47:4c:10:
d5:bf:ae:76:2f:d6:65:45:62:ae:79:a4:df:62:ca:
b9:4b:3f:2b:3f:25:0d:60:76:21:22:80:10:a8:b3:
9d:12:a4:a1:df:0e:a8:2d:d7:63:3e:a7:0e:f8:42:
0f:fc:7c:63:a7:f7:6b:bc:26:e6:3e:91:69:ee:0f:
db:ea:d2:f0:5d:66:c0:f2:35:7b:af:69:b6:ab:e1:
3e:75:5a:1f:27:0c:7a:63:b6:7f:0d:35:17:35:6a:
9b:03:09:87:c9:8a:c6:bf:b9:ea:73:4f:90:40:ff:
15:6b:fe:33:53:78:93:4e:e2:17:be:c5:97:48:02:
cb:5b:0c:65:3e:e1:29:3b:f1:61:1b:1c:59:58:28:
6d:cd:27:31:43:26:a9:9f:82:bd:8f:bc:74:5d:fe:
6d:57:1c:c7:e4:7e:f4:d9:fe:9f:15:07:b4:1c:19:
eb:ea:16:7a:a1:04:19:81:6c:77:80:8b:78:db:2b:
df:a3:96:b5:08:3f:8e:81:c4:c5:ef:83:7b:0f:08:
f6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CA:39:1F:9A:1C:56:7A:ED:D3:1D:3C:59:84:28:EA:EC:5D:C6:15
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/kMo5H5ocVnrt0x08WYQo6uxdxhU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:c4:52:38:24:af:8e:f9:bb:d4:de:f9:30:b6:bc:ac:f2:e5:
d5:c7:35:a0:6a:c7:ee:a6:8d:68:20:e8:d4:16:10:0a:d4:d2:
f3:08:63:51:c3:97:2f:26:03:90:6b:be:93:62:71:41:c1:95:
36:42:83:a3:9c:61:43:19:98:21:45:17:2e:2c:0f:72:d7:fb:
31:a4:d5:7a:2c:9a:62:82:55:9c:6c:87:6e:c7:74:1c:41:ce:
3e:99:d2:8d:4e:3c:99:10:12:81:56:94:99:58:de:4a:00:bd:
48:02:6b:8f:a8:fb:47:d5:29:93:1e:38:8f:58:1f:5d:d9:a1:
c2:22:d4:67:7f:67:51:0d:bf:d1:70:b0:0d:9c:ab:24:d3:1a:
66:ad:90:a6:43:8d:8b:78:a7:65:69:41:6c:3f:c0:58:9e:6d:
07:df:30:10:07:f7:60:0a:0f:13:78:e2:52:84:c9:80:b9:e3:
ae:ec:7c:7a:85:43:86:d0:87:4d:2a:8d:f7:9c:6e:18:13:1d:
e6:b9:22:98:f4:c1:d7:9c:49:a3:6b:cc:81:6e:e0:71:ea:e8:
c2:3f:d0:64:8b:28:a0:dc:91:45:bd:87:60:20:a1:92:a1:4c:
94:8a:f9:ea:f8:ce:22:30:7b:73:0f:3e:05:8f:27:f9:70:ec:
29:af:ac:9d
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICCa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTA5Mjkw
MjQwNDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDkwQ0EzOTFGOUExQzU2
N0FFREQzMUQzQzU5ODQyOEVBRUM1REM2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfG21qjIMCeB/1Z7xAywVGZ6lWN5RMWDhmLIXHZ5+u1en19a1M
hoVkygit5qye5C4wu8oLU3pLOUdMENW/rnYv1mVFYq55pN9iyrlLPys/JQ1gdiEi
gBCos50SpKHfDqgt12M+pw74Qg/8fGOn92u8JuY+kWnuD9vq0vBdZsDyNXuvabar
4T51Wh8nDHpjtn8NNRc1apsDCYfJisa/uepzT5BA/xVr/jNTeJNO4he+xZdIAstb
DGU+4Sk78WEbHFlYKG3NJzFDJqmfgr2PvHRd/m1XHMfkfvTZ/p8VB7QcGevqFnqh
BBmBbHeAi3jbK9+jlrUIP46BxMXvg3sPCPZZAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUkMo5H5ocVnrt0x08WYQo6uxdxhUwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL2tNbzVINW9jVm5ydDB4MDhXWVFvNnV4
ZHhoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwA6VjANBgkq
hkiG9w0BAQsFAAOCAQEAs8RSOCSvjvm71N75MLa8rPLl1cc1oGrH7qaNaCDo1BYQ
CtTS8whjUcOXLyYDkGu+k2JxQcGVNkKDo5xhQxmYIUUXLiwPctf7MaTVeiyaYoJV
nGyHbsd0HEHOPpnSjU48mRASgVaUmVjeSgC9SAJrj6j7R9Upkx44j1gfXdmhwiLU
Z39nUQ2/0XCwDZyrJNMaZq2QpkONi3inZWlBbD/AWJ5tB98wEAf3YAoPE3jiUoTJ
gLnjrux8eoVDhtCHTSqN95xuGBMd5rkimPTB15xJo2vMgW7gcerowj/QZIsooNyR
Rb2HYCChkqFMlIr56vjOIjB7cw8+BY8n+XDsKa+snQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org