Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/qHsw0keuGha5QVJ_zZmeJsxiFx0.roa
File: qHsw0keuGha5QVJ_zZmeJsxiFx0.roa (raw, json)
Hash identifier: exYWFfciWEERYQFvOR2I1Dt9Hc8aYhTYa/BFgnfgXSg=
Subject key identifier: A8:7B:30:D2:47:AE:1A:16:B9:41:52:7F:CD:99:9E:26:CC:62:17:1D
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 08F1
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/qHsw0keuGha5QVJ_zZmeJsxiFx0.roa
Signing time: Sun 07 Feb 2021 11:52:50 +0000
ROA not before: Sun 07 Feb 2021 11:52:50 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 61.63.64.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2289 (0x8f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 7 11:52:50 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A87B30D247AE1A16B941527FCD999E26CC62171D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:9c:bc:e1:ff:42:b6:ac:fc:d4:00:17:65:
57:17:88:3f:a6:ab:cb:fb:4e:34:9c:01:4e:67:d5:
46:a2:42:3c:1f:11:78:f1:47:48:e1:2f:9b:e9:1c:
77:eb:f5:41:7a:15:55:33:91:60:e3:e1:07:c8:6f:
ae:82:e6:f7:df:27:eb:a1:7d:1d:b9:b4:97:34:e0:
bd:fc:77:ba:e1:3d:42:20:c2:06:37:f8:75:d3:9f:
6d:5b:d6:ee:68:f9:cf:01:04:53:b5:f1:78:fb:86:
94:e3:28:cf:56:8b:ed:1f:90:c3:16:ae:fd:f5:57:
87:f5:c1:30:12:ab:60:96:d1:03:02:b1:67:c1:3f:
bd:15:ca:50:ae:bd:b8:ea:13:b4:90:56:98:2e:56:
57:d6:de:0e:34:2c:37:b4:d7:c8:0c:76:6f:64:7f:
ed:8e:4d:cd:46:c8:02:3f:e4:d0:0d:3b:ef:f6:aa:
1f:ac:08:a8:b2:92:1f:fe:a1:8c:5c:1a:73:11:3c:
d4:2e:0f:6b:38:81:eb:bc:f4:0a:37:7a:07:a5:3e:
9f:95:99:77:33:80:3a:ba:fd:17:c4:b6:95:aa:18:
97:62:35:21:fa:b9:02:d8:85:00:88:17:6f:fa:97:
cf:ee:b9:67:52:e8:99:29:0e:a5:70:49:34:0f:d5:
b3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:7B:30:D2:47:AE:1A:16:B9:41:52:7F:CD:99:9E:26:CC:62:17:1D
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/qHsw0keuGha5QVJ_zZmeJsxiFx0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.64.0/19
Signature Algorithm: sha256WithRSAEncryption
46:d0:c5:ee:f2:cf:fd:56:22:ed:80:86:84:4a:b2:cc:13:46:
23:43:c3:d7:e6:11:a8:bd:d5:0d:d4:8c:ff:c4:d8:b2:5c:7e:
fc:78:8c:6c:4d:11:ad:8f:dd:00:17:19:f1:0a:a5:f7:50:57:
3f:d1:ce:fd:38:ff:54:1b:90:7d:54:73:89:e3:66:d2:54:37:
5e:08:cb:00:d1:f6:0e:65:6b:00:f8:47:8b:91:6b:00:7e:22:
83:6c:b3:1b:2f:83:56:c9:f9:7e:38:16:59:1c:c7:ec:c3:bd:
a2:8c:c1:77:25:4f:7f:d1:da:ea:8a:15:3f:5f:02:92:0a:e5:
48:bd:8b:16:70:53:dd:1b:97:ca:a3:99:cf:10:0a:d3:ed:44:
4b:f2:02:16:9d:00:83:f9:5f:ee:60:0e:ca:3a:58:6e:49:1a:
34:06:28:b2:e3:1c:d6:eb:1e:a2:96:92:d2:7d:de:4a:c3:4a:
34:56:a1:10:2c:a1:ba:b2:5a:dc:d9:95:41:b4:7b:d1:fe:27:
ff:1f:14:fd:e0:a2:2c:37:0e:9b:89:55:5a:90:ca:3d:85:45:
41:b9:56:ef:c1:be:cf:df:2b:5c:20:07:25:22:87:e5:e9:ba:
5b:b2:7a:c1:ca:39:f7:3d:7d:78:f7:1c:43:31:7a:01:9a:14:
6f:7e:ea:8e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAyMDcx
MTUyNTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEE4N0IzMEQyNDdBRTFB
MTZCOTQxNTI3RkNEOTk5RTI2Q0M2MjE3MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7K5y84f9Ctqz81AAXZVcXiD+mq8v7TjScAU5n1UaiQjwfEXjx
R0jhL5vpHHfr9UF6FVUzkWDj4QfIb66C5vffJ+uhfR25tJc04L38d7rhPUIgwgY3
+HXTn21b1u5o+c8BBFO18Xj7hpTjKM9Wi+0fkMMWrv31V4f1wTASq2CW0QMCsWfB
P70VylCuvbjqE7SQVpguVlfW3g40LDe018gMdm9kf+2OTc1GyAI/5NANO+/2qh+s
CKiykh/+oYxcGnMRPNQuD2s4geu89Ao3egelPp+VmXczgDq6/RfEtpWqGJdiNSH6
uQLYhQCIF2/6l8/uuWdS6JkpDqVwSTQP1bNjAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUqHsw0keuGha5QVJ/zZmeJsxiFx0wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL3FIc3cwa2V1R2hhNVFWSl96Wm1lSnN4
aUZ4MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9P0AwDQYJ
KoZIhvcNAQELBQADggEBAEbQxe7yz/1WIu2AhoRKsswTRiNDw9fmEai91Q3UjP/E
2LJcfvx4jGxNEa2P3QAXGfEKpfdQVz/Rzv04/1QbkH1Uc4njZtJUN14IywDR9g5l
awD4R4uRawB+IoNssxsvg1bJ+X44Flkcx+zDvaKMwXclT3/R2uqKFT9fApIK5Ui9
ixZwU90bl8qjmc8QCtPtREvyAhadAIP5X+5gDso6WG5JGjQGKLLjHNbrHqKWktJ9
3krDSjRWoRAsobqyWtzZlUG0e9H+J/8fFP3goiw3DpuJVVqQyj2FRUG5Vu/Bvs/f
K1wgByUih+XpuluyesHKOfc9fXj3HEMxegGaFG9+6o4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org