Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/sNAPY80QBALKW9l6IfyTwi-aXA0.roa
File: sNAPY80QBALKW9l6IfyTwi-aXA0.roa (raw, json)
Hash identifier: VQSqzK2awQzz7gguJjetXxBm0+kfJywwgDBle1LUkaM=
Subject key identifier: B0:D0:0F:63:CD:10:04:02:CA:5B:D9:7A:21:FC:93:C2:2F:9A:5C:0D
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 08EB
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/sNAPY80QBALKW9l6IfyTwi-aXA0.roa
Signing time: Sun 07 Feb 2021 11:52:46 +0000
ROA not before: Sun 07 Feb 2021 11:52:46 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 58.86.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2283 (0x8eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 7 11:52:46 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=B0D00F63CD100402CA5BD97A21FC93C22F9A5C0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:10:c9:32:49:2f:81:bb:ad:7f:b5:2c:9d:07:
d9:d2:18:a0:7b:85:24:ca:a2:47:78:10:33:9b:36:
ad:2a:6b:f1:cf:dd:11:99:1e:02:12:08:cd:71:fc:
97:31:3e:75:2a:c1:e5:45:01:35:67:43:c9:b8:52:
9b:0f:99:65:24:77:02:61:6e:8d:e7:e4:6d:88:26:
e1:e6:8a:69:bc:cf:f8:af:26:d2:5a:68:b1:30:07:
b5:d9:7d:fa:75:24:40:41:01:32:2b:da:fa:27:e5:
3c:52:f3:fd:90:35:5b:9a:fe:5d:96:1e:78:75:88:
2b:e1:ed:9b:00:76:a3:ad:31:6d:72:6d:c3:0c:1b:
4f:72:72:4f:9d:2d:ad:a3:03:45:48:76:24:6b:57:
ce:d7:bb:64:e1:b3:a1:58:41:04:62:74:39:86:9a:
bf:eb:13:42:54:ea:54:66:17:9f:23:ca:44:ce:cf:
0b:47:29:ae:6d:07:bf:33:e3:e2:7f:68:e3:84:e8:
4b:55:87:b1:27:ee:78:ca:49:40:46:95:76:54:c0:
49:70:7d:a3:78:46:e0:0f:79:be:f3:ba:52:46:42:
7a:12:3b:88:7f:5b:fd:01:4d:25:17:7f:fd:e4:53:
1e:49:0f:56:25:33:2f:3a:af:d6:85:78:40:27:53:
2a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:D0:0F:63:CD:10:04:02:CA:5B:D9:7A:21:FC:93:C2:2F:9A:5C:0D
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/sNAPY80QBALKW9l6IfyTwi-aXA0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:ee:4a:dc:ee:8d:82:5d:78:bb:7f:10:71:5a:52:80:cb:53:
b2:b0:2c:2e:40:3b:09:ce:96:51:08:7b:dc:5c:01:28:ef:c4:
a6:e5:ce:03:b6:4e:2d:16:1b:86:a3:da:48:3e:77:8c:5d:3a:
4f:20:44:60:9b:1b:77:e1:84:80:3c:0b:4d:4f:29:8a:4a:bf:
3b:cd:16:14:83:f7:b2:a9:78:b9:1a:ae:12:06:28:dd:cc:12:
0f:79:9a:7e:16:d7:8a:89:8d:6d:d8:15:bc:b9:18:fb:7e:43:
ad:4a:64:19:8e:79:ab:f1:5d:9f:b4:0c:4e:f2:be:00:ad:27:
d2:fd:8e:fa:cd:26:12:a4:fc:7f:d3:9f:79:ae:e6:9e:91:17:
e1:e8:88:a6:c9:98:30:2f:54:2c:20:cc:8b:72:83:f3:79:1d:
f5:88:43:40:3f:8f:d3:0c:c1:05:7c:44:5c:b9:f8:07:fd:b0:
2d:85:18:1c:9e:81:a5:c9:20:a6:d4:dd:d4:50:85:fe:69:87:
bc:31:3c:70:0f:20:6b:ba:db:66:60:b7:73:1e:eb:7b:14:14:
ee:6d:3c:8a:11:f5:6e:92:e3:4d:75:0e:d6:45:1a:87:0a:22:
22:61:e2:e6:56:1e:0c:ab:76:a1:95:cc:b5:27:e7:87:ab:0b:
f1:1d:e7:0d
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICCOswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAyMDcx
MTUyNDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEIwRDAwRjYzQ0QxMDA0
MDJDQTVCRDk3QTIxRkM5M0MyMkY5QTVDMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+EMkySS+Bu61/tSydB9nSGKB7hSTKokd4EDObNq0qa/HP3RGZ
HgISCM1x/JcxPnUqweVFATVnQ8m4UpsPmWUkdwJhbo3n5G2IJuHmimm8z/ivJtJa
aLEwB7XZffp1JEBBATIr2von5TxS8/2QNVua/l2WHnh1iCvh7ZsAdqOtMW1ybcMM
G09yck+dLa2jA0VIdiRrV87Xu2Ths6FYQQRidDmGmr/rE0JU6lRmF58jykTOzwtH
Ka5tB78z4+J/aOOE6EtVh7En7njKSUBGlXZUwElwfaN4RuAPeb7zulJGQnoSO4h/
W/0BTSUXf/3kUx5JD1YlMy86r9aFeEAnUyopAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUsNAPY80QBALKW9l6IfyTwi+aXA0wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL3NOQVBZODBRQkFMS1c5bDZJZnlUd2kt
YVhBMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwA6VjANBgkq
hkiG9w0BAQsFAAOCAQEAdO5K3O6Ngl14u38QcVpSgMtTsrAsLkA7Cc6WUQh73FwB
KO/EpuXOA7ZOLRYbhqPaSD53jF06TyBEYJsbd+GEgDwLTU8pikq/O80WFIP3sql4
uRquEgYo3cwSD3mafhbXiomNbdgVvLkY+35DrUpkGY55q/Fdn7QMTvK+AK0n0v2O
+s0mEqT8f9Ofea7mnpEX4eiIpsmYMC9ULCDMi3KD83kd9YhDQD+P0wzBBXxEXLn4
B/2wLYUYHJ6BpckgptTd1FCF/mmHvDE8cA8ga7rbZmC3cx7rexQU7m08ihH1bpLj
TXUO1kUahwoiImHi5lYeDKt2oZXMtSfnh6sL8R3nDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org