Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/tEpOFhE5QzCwr7TzqxbAwaelBPQ.roa
File: tEpOFhE5QzCwr7TzqxbAwaelBPQ.roa (raw, json)
Hash identifier: ABcWDFodTrA+DZFOkvCBCgtVoCG058blBj+osAdsXuk=
Subject key identifier: B4:4A:4E:16:11:39:43:30:B0:AF:B4:F3:AB:16:C0:C1:A7:A5:04:F4
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 091A
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/tEpOFhE5QzCwr7TzqxbAwaelBPQ.roa
Signing time: Wed 03 Mar 2021 02:09:56 +0000
ROA not before: Wed 03 Mar 2021 02:09:56 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 61.63.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2330 (0x91a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Mar 3 02:09:56 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=B44A4E1611394330B0AFB4F3AB16C0C1A7A504F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:33:85:91:5c:ac:44:6b:86:b2:db:ca:f3:36:
85:a8:96:35:3c:1a:13:b6:9d:48:0d:82:72:ae:82:
2f:cd:cf:4e:f4:31:13:2d:6d:e5:3f:1c:d6:53:9f:
6e:48:b7:5b:17:4a:33:e7:cf:15:6f:05:fb:98:24:
21:ea:e3:e4:b8:63:e6:be:2b:c2:35:67:44:23:fb:
09:be:af:9a:e4:0f:39:94:34:88:ea:af:cc:b8:5b:
7d:89:0e:38:3c:4b:41:1f:7c:2a:d2:ec:ad:d6:f9:
69:60:54:5e:d9:48:bf:e4:8b:30:a9:9d:78:43:bd:
e9:b6:e4:47:01:9c:ed:ec:b6:3b:92:6b:1d:d9:79:
e0:07:c2:36:15:6e:79:2b:ec:72:0b:b4:29:e1:89:
c9:70:6d:51:db:81:c8:48:d3:3a:1a:8c:14:db:8a:
dd:a3:e8:32:b8:f8:52:54:39:0c:78:42:db:b9:93:
c5:9d:1c:25:db:f9:1a:b3:da:14:6a:b6:a6:f1:7f:
7f:b4:4c:f1:b3:0b:63:05:90:db:ca:8b:f1:cb:6a:
22:0a:75:a6:9c:3d:4d:dd:69:34:e9:0e:2b:45:49:
5f:1c:b5:3c:65:04:2f:00:7c:68:52:be:3d:c0:44:
a4:5b:17:8d:42:22:29:6c:fb:26:93:97:a4:be:dc:
0f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4A:4E:16:11:39:43:30:B0:AF:B4:F3:AB:16:C0:C1:A7:A5:04:F4
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/tEpOFhE5QzCwr7TzqxbAwaelBPQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.64.0/19
Signature Algorithm: sha256WithRSAEncryption
98:f1:ec:7e:f8:91:3b:3d:15:74:d3:28:c3:84:90:12:40:f7:
a0:39:7e:dd:f2:97:f2:11:be:56:cb:98:bf:03:47:3d:9e:93:
f5:05:fc:29:43:e2:51:3f:e8:24:20:5f:f5:59:c1:ea:ef:e9:
1b:5d:4b:e0:8e:cf:61:51:2d:13:4c:f4:07:c3:aa:be:8c:4f:
e6:5b:49:7c:85:a2:d8:fd:83:02:82:0f:46:bb:13:a9:8e:13:
e4:b5:a1:f4:81:80:3f:e2:a4:1f:45:5e:81:68:07:8d:72:17:
41:bb:80:f3:29:60:b8:e8:01:ef:b6:64:7d:c6:3c:b8:c9:97:
87:94:f6:65:2f:9c:8d:c5:a9:00:a2:1b:e2:e3:48:6f:17:67:
1f:a3:53:c9:5a:c0:35:b9:6c:01:90:e0:76:47:65:25:a7:43:
42:97:a8:70:98:bc:2a:9a:0f:6d:e0:9e:0c:d1:70:df:52:94:
85:b2:3c:65:92:28:f6:f3:f7:e8:70:8b:0a:86:ff:43:31:99:
7a:c0:1b:b7:7d:fc:3c:88:7c:d4:ee:b7:1a:60:85:1d:bc:18:
e4:86:46:78:08:e8:70:75:fe:14:d3:6d:8c:fc:f5:9e:94:51:
c4:57:6b:97:6d:c1:2a:a7:51:a3:e2:aa:ba:2e:ed:86:a1:fa:
28:5d:b5:c2
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCRowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAzMDMw
MjA5NTZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEI0NEE0RTE2MTEzOTQz
MzBCMEFGQjRGM0FCMTZDMEMxQTdBNTA0RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXM4WRXKxEa4ay28rzNoWoljU8GhO2nUgNgnKugi/Nz070MRMt
beU/HNZTn25It1sXSjPnzxVvBfuYJCHq4+S4Y+a+K8I1Z0Qj+wm+r5rkDzmUNIjq
r8y4W32JDjg8S0EffCrS7K3W+WlgVF7ZSL/kizCpnXhDvem25EcBnO3stjuSax3Z
eeAHwjYVbnkr7HILtCnhiclwbVHbgchI0zoajBTbit2j6DK4+FJUOQx4Qtu5k8Wd
HCXb+Rqz2hRqtqbxf3+0TPGzC2MFkNvKi/HLaiIKdaacPU3daTTpDitFSV8ctTxl
BC8AfGhSvj3ARKRbF41CIils+yaTl6S+3A+dAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUtEpOFhE5QzCwr7TzqxbAwaelBPQwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL3RFcE9GaEU1UXpDd3I3VHpxeGJBd2Fl
bEJQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9P0AwDQYJ
KoZIhvcNAQELBQADggEBAJjx7H74kTs9FXTTKMOEkBJA96A5ft3yl/IRvlbLmL8D
Rz2ek/UF/ClD4lE/6CQgX/VZwerv6RtdS+COz2FRLRNM9AfDqr6MT+ZbSXyFotj9
gwKCD0a7E6mOE+S1ofSBgD/ipB9FXoFoB41yF0G7gPMpYLjoAe+2ZH3GPLjJl4eU
9mUvnI3FqQCiG+LjSG8XZx+jU8lawDW5bAGQ4HZHZSWnQ0KXqHCYvCqaD23gngzR
cN9SlIWyPGWSKPbz9+hwiwqG/0MxmXrAG7d9/DyIfNTutxpghR28GOSGRngI6HB1
/hTTbYz89Z6UUcRXa5dtwSqnUaPiqrou7Yah+ihdtcI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org