Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/yOXflgvJX9ra7zbC1U8l0vXDCgU.roa
File: yOXflgvJX9ra7zbC1U8l0vXDCgU.roa (raw, json)
Hash identifier: WDZT/3PMCkUl3f5168I7Q57prBIqnlUA89z3jO+XByw=
Subject key identifier: C8:E5:DF:96:0B:C9:5F:DA:DA:EF:36:C2:D5:4F:25:D2:F5:C3:0A:05
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 08F9
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/yOXflgvJX9ra7zbC1U8l0vXDCgU.roa
Signing time: Sun 07 Feb 2021 11:54:37 +0000
ROA not before: Sun 07 Feb 2021 11:54:37 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 58.86.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2297 (0x8f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 7 11:54:37 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C8E5DF960BC95FDADAEF36C2D54F25D2F5C30A05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:40:d7:f5:f6:04:86:11:3c:7e:d0:cd:26:ae:
f2:6f:61:5d:14:cb:31:37:39:76:20:de:10:fd:5a:
b7:6e:f7:13:f0:d8:c5:1a:0e:49:75:5a:1c:f8:ce:
e1:45:94:a8:ea:40:09:51:9f:da:bb:a4:c4:87:c0:
92:a9:cd:a0:b0:79:4d:2e:54:d6:66:33:e1:ba:f2:
12:71:c2:30:ba:76:da:a1:56:5c:98:dd:66:2f:53:
a2:42:42:bd:f3:c4:22:54:73:83:37:67:6c:6c:77:
c0:80:6a:8a:95:7b:9f:b2:1c:ac:09:72:4e:e6:aa:
66:04:e6:87:c5:ac:9a:44:d0:21:d0:82:96:e7:73:
c9:87:61:21:e3:ae:2f:b7:c0:24:56:48:92:46:9a:
18:8f:5e:2b:bd:dc:ac:7b:5a:ef:ff:03:d6:99:22:
57:ea:a9:f0:e7:0d:7a:00:90:66:5b:95:c2:87:ce:
25:02:d8:09:ee:a7:6b:2b:f0:a9:ab:77:43:0c:35:
e7:7b:f0:d9:7f:b1:54:d1:1e:90:54:1f:e8:02:71:
ac:9f:de:99:1a:31:98:5b:01:6c:da:63:1a:76:5d:
f4:48:20:30:56:34:5b:86:7c:6d:15:27:ec:93:56:
5d:b7:64:8e:50:ae:9c:c9:91:48:04:f3:8a:fc:93:
2c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E5:DF:96:0B:C9:5F:DA:DA:EF:36:C2:D5:4F:25:D2:F5:C3:0A:05
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/yOXflgvJX9ra7zbC1U8l0vXDCgU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.38.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c9:79:e0:4f:24:3b:ea:5e:67:78:10:bc:69:6e:78:11:b6:
04:e7:ff:c0:d3:03:aa:af:c4:2f:46:5e:8c:de:48:a6:7b:29:
0a:91:09:8a:eb:d7:cd:32:20:b7:e2:55:7a:70:54:f6:42:e2:
b6:d7:98:8f:c5:02:61:4c:85:24:fe:1e:a6:00:5b:d6:c1:c1:
a1:e3:81:73:3c:46:2a:ce:ad:fd:4b:da:e9:bb:0f:92:a1:a1:
18:c9:b8:9b:1e:ba:7e:2b:74:46:1e:ef:1a:12:74:bf:8f:d5:
f0:9e:6f:9b:2b:11:16:f8:34:ad:35:eb:da:2f:80:7a:cc:42:
11:a1:99:4b:b2:a8:f7:b0:89:c9:99:5e:ef:e8:41:55:17:d4:
74:6c:ae:75:9a:0a:a6:78:65:62:24:3b:04:54:da:3e:dd:5b:
10:cc:9e:1c:5a:7f:c6:23:64:74:e8:87:37:08:5b:74:c6:34:
1c:e2:01:13:c7:b0:7f:e3:fc:61:e5:a2:fa:f7:5a:f4:ef:a8:
e3:b2:e5:8a:23:82:ed:1f:bb:97:cf:5c:44:11:60:e8:d6:5c:
09:19:e9:c5:ec:55:c5:35:a5:8b:d9:30:e3:0a:6c:4a:89:40:
0b:e7:34:5b:e2:94:9a:bb:c1:3a:7b:11:89:6d:38:3e:7b:44:
38:e6:e8:01
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAyMDcx
MTU0MzdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM4RTVERjk2MEJDOTVG
REFEQUVGMzZDMkQ1NEYyNUQyRjVDMzBBMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMQNf19gSGETx+0M0mrvJvYV0UyzE3OXYg3hD9Wrdu9xPw2MUa
Dkl1Whz4zuFFlKjqQAlRn9q7pMSHwJKpzaCweU0uVNZmM+G68hJxwjC6dtqhVlyY
3WYvU6JCQr3zxCJUc4M3Z2xsd8CAaoqVe5+yHKwJck7mqmYE5ofFrJpE0CHQgpbn
c8mHYSHjri+3wCRWSJJGmhiPXiu93Kx7Wu//A9aZIlfqqfDnDXoAkGZblcKHziUC
2Anup2sr8Kmrd0MMNed78Nl/sVTRHpBUH+gCcayf3pkaMZhbAWzaYxp2XfRIIDBW
NFuGfG0VJ+yTVl23ZI5QrpzJkUgE84r8kywPAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUyOXflgvJX9ra7zbC1U8l0vXDCgUwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL3lPWGZsZ3ZKWDlyYTd6YkMxVThsMHZY
RENnVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6ViYwDQYJ
KoZIhvcNAQELBQADggEBAB/JeeBPJDvqXmd4ELxpbngRtgTn/8DTA6qvxC9GXoze
SKZ7KQqRCYrr180yILfiVXpwVPZC4rbXmI/FAmFMhST+HqYAW9bBwaHjgXM8RirO
rf1L2um7D5KhoRjJuJseun4rdEYe7xoSdL+P1fCeb5srERb4NK0169ovgHrMQhGh
mUuyqPewicmZXu/oQVUX1HRsrnWaCqZ4ZWIkOwRU2j7dWxDMnhxaf8YjZHTohzcI
W3TGNBziARPHsH/j/GHlovr3WvTvqOOy5Yojgu0fu5fPXEQRYOjWXAkZ6cXsVcU1
pYvZMOMKbEqJQAvnNFvilJq7wTp7EYltOD57RDjm6AE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org