Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/n2NrNnAe1X3dVazvSBOGwyAVkmk.roa
File: n2NrNnAe1X3dVazvSBOGwyAVkmk.roa (raw, json)
Hash identifier: uQLu0nm16HGtBnZfEHusPici95UOPHVY8Q8hj2FwMxk=
Subject key identifier: 9F:63:6B:36:70:1E:D5:7D:DD:55:AC:EF:48:13:86:C3:20:15:92:69
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 08F7
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/n2NrNnAe1X3dVazvSBOGwyAVkmk.roa
Signing time: Sun 07 Feb 2021 11:54:07 +0000
ROA not before: Sun 07 Feb 2021 11:54:07 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 61.67.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2295 (0x8f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 7 11:54:07 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=9F636B36701ED57DDD55ACEF481386C320159269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bc:3e:27:fd:04:87:77:47:06:ad:39:bb:63:
ec:e9:63:73:c8:e3:07:3c:bf:e3:a2:41:ff:50:4c:
3c:f0:11:cc:2a:7b:c1:e8:80:e4:15:0f:2e:16:82:
d5:bd:c5:26:ca:74:06:e7:cb:c4:c4:7c:51:69:89:
f3:70:d4:19:24:2e:1b:81:22:5d:56:82:c8:45:48:
45:6e:80:45:35:f9:d4:5b:14:15:0d:39:04:34:c0:
f6:dc:83:39:93:8c:63:3a:fe:6c:a7:76:c1:7f:a8:
40:ab:d7:04:45:e8:d1:02:97:c7:3a:6f:bb:10:2d:
10:d1:ef:9c:18:74:a8:7d:35:66:af:08:b3:78:f6:
a0:df:6c:c2:35:00:d4:a6:c2:76:98:e2:7d:c7:6f:
8b:3d:d8:07:36:c9:9b:35:3b:7e:72:f2:cb:08:04:
62:85:18:f0:2a:3a:d3:52:fb:80:4e:92:b2:e9:f3:
9f:c8:07:fd:43:7a:eb:df:a1:85:8d:fa:f5:c1:d4:
fe:2c:96:96:24:a7:8d:8e:72:81:90:4d:70:c1:69:
aa:b8:64:55:65:99:f2:a3:b6:2e:29:f6:cd:19:00:
3b:25:bb:66:4f:91:50:b1:e4:64:c3:29:0c:d9:b6:
46:82:81:d9:8b:be:b2:66:d8:58:e5:73:d7:eb:26:
bf:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:63:6B:36:70:1E:D5:7D:DD:55:AC:EF:48:13:86:C3:20:15:92:69
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/n2NrNnAe1X3dVazvSBOGwyAVkmk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.67.209.0/24
Signature Algorithm: sha256WithRSAEncryption
48:f0:3a:07:e0:6c:28:6b:27:76:b6:05:12:88:e7:25:4c:2e:
4d:4e:56:a3:89:a2:0c:d8:55:ce:a7:b1:d5:21:1e:26:04:a5:
64:57:a9:79:b6:8b:6c:8e:b8:fe:cb:0e:ae:8b:6e:69:ce:61:
50:14:59:f3:9c:6e:42:9b:6e:27:ef:f4:99:d3:87:49:de:51:
75:cd:6b:fd:e5:1f:8a:5f:39:7c:90:a2:53:e1:a5:1c:9e:bd:
c5:a5:73:7c:80:a9:e3:97:d1:7c:92:80:a5:d0:e5:86:3a:6d:
23:3a:bd:84:10:9e:82:b6:65:49:e4:85:77:be:bd:3c:ff:48:
2b:c3:1a:f4:c7:d7:03:e3:38:1f:71:6c:02:ff:90:00:06:cf:
6a:bc:33:d2:53:05:5a:6d:8f:2a:ae:60:ee:ff:b9:17:32:2a:
23:9a:24:31:c7:9b:ac:9f:a4:e7:5c:b1:19:29:5e:06:17:16:
0a:f4:29:1a:d0:3f:26:95:ca:4a:90:44:52:0b:8f:c1:01:b5:
c8:a4:2b:91:95:3e:10:2a:f2:a2:a2:08:36:c2:be:cc:f9:78:
3d:b9:4d:88:fd:3a:b6:33:f1:56:9b:00:e6:79:1d:a4:ce:51:
d9:ec:13:f0:bd:64:1d:4a:26:57:10:05:a3:fb:6a:51:bf:e7:
19:dd:73:59
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAyMDcx
MTU0MDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlGNjM2QjM2NzAxRUQ1
N0RERDU1QUNFRjQ4MTM4NkMzMjAxNTkyNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnvD4n/QSHd0cGrTm7Y+zpY3PI4wc8v+OiQf9QTDzwEcwqe8Ho
gOQVDy4WgtW9xSbKdAbny8TEfFFpifNw1BkkLhuBIl1WgshFSEVugEU1+dRbFBUN
OQQ0wPbcgzmTjGM6/myndsF/qECr1wRF6NECl8c6b7sQLRDR75wYdKh9NWavCLN4
9qDfbMI1ANSmwnaY4n3Hb4s92Ac2yZs1O35y8ssIBGKFGPAqOtNS+4BOkrLp85/I
B/1DeuvfoYWN+vXB1P4slpYkp42OcoGQTXDBaaq4ZFVlmfKjti4p9s0ZADslu2ZP
kVCx5GTDKQzZtkaCgdmLvrJm2Fjlc9frJr/jAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUn2NrNnAe1X3dVazvSBOGwyAVkmkwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL24yTnJObkFlMVgzZFZhenZTQk9Hd3lB
Vmttay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9Q9EwDQYJ
KoZIhvcNAQELBQADggEBAEjwOgfgbChrJ3a2BRKI5yVMLk1OVqOJogzYVc6nsdUh
HiYEpWRXqXm2i2yOuP7LDq6LbmnOYVAUWfOcbkKbbifv9JnTh0neUXXNa/3lH4pf
OXyQolPhpRyevcWlc3yAqeOX0XySgKXQ5YY6bSM6vYQQnoK2ZUnkhXe+vTz/SCvD
GvTH1wPjOB9xbAL/kAAGz2q8M9JTBVptjyquYO7/uRcyKiOaJDHHm6yfpOdcsRkp
XgYXFgr0KRrQPyaVykqQRFILj8EBtcikK5GVPhAq8qKiCDbCvsz5eD25TYj9OrYz
8VabAOZ5HaTOUdnsE/C9ZB1KJlcQBaP7alG/5xndc1k=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:20:22 2025 by rpki-client