Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/0XDStt720ewCOkBKCXjEt0f1sqY.roa
File: 0XDStt720ewCOkBKCXjEt0f1sqY.roa (raw, json)
Hash identifier: EfREmBVmJmQW2kQlK24OKYHpLULN4XAONhAUKIpNNm0=
Subject key identifier: D1:70:D2:B6:DE:F6:D1:EC:02:3A:40:4A:09:78:C4:B7:47:F5:B2:A6
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0AE5
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/0XDStt720ewCOkBKCXjEt0f1sqY.roa
Signing time: Thu 15 Sep 2022 02:49:46 +0000
ROA not before: Thu 15 Sep 2022 02:49:46 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 211.78.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2789 (0xae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 15 02:49:46 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D170D2B6DEF6D1EC023A404A0978C4B747F5B2A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:86:84:7a:13:58:c2:23:ba:f7:fd:83:53:2d:
97:ff:c8:2e:94:ef:b8:52:fc:d0:ae:c5:04:5d:dd:
7e:b1:df:d3:27:64:d4:95:21:86:7c:0c:77:01:a8:
2e:e8:14:c3:a2:cd:ed:90:e8:c8:ad:ed:d2:ee:8b:
52:79:42:34:08:eb:cd:5d:4a:a4:8a:c3:ad:92:92:
ac:64:3b:3c:6c:a3:55:20:57:bc:be:fd:5e:9f:e9:
fa:d6:52:29:b7:c2:d6:4f:47:5a:11:6e:b4:cf:c4:
5f:ad:82:00:7e:da:84:fd:03:79:fc:dd:d4:ea:7c:
66:ab:4c:67:df:31:6e:ef:6a:53:64:93:b0:f8:07:
ee:74:72:68:97:64:3b:a7:14:0f:6e:c0:93:34:99:
3d:b3:76:8c:64:28:2f:96:00:c9:2a:73:d4:98:05:
78:4f:76:e5:35:9e:cd:8d:2f:62:5f:a7:92:42:43:
7a:b9:d9:bf:ec:74:7b:9f:84:f9:de:f3:4b:9e:cb:
f5:59:37:ff:26:7d:97:bf:c1:19:f7:01:3a:63:c4:
90:32:81:3f:10:6d:5c:ed:79:6d:6f:16:e1:29:81:
6f:83:39:5b:41:d3:d1:0f:a5:94:aa:ab:44:24:f3:
a4:69:c6:20:cb:79:82:bf:d0:f5:ea:80:d3:a5:a8:
94:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:70:D2:B6:DE:F6:D1:EC:02:3A:40:4A:09:78:C4:B7:47:F5:B2:A6
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/0XDStt720ewCOkBKCXjEt0f1sqY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.8.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:67:48:55:82:08:c9:da:20:7d:e6:94:9c:46:2a:64:7a:16:
7b:2a:ca:43:1c:5a:b1:9c:c8:5d:f2:52:52:1e:07:67:a4:44:
7c:d0:31:48:26:f2:ad:3d:a8:05:75:ff:8c:f0:8c:6e:5c:d1:
1d:21:82:37:cf:75:dc:07:24:2f:3b:b8:78:48:67:ed:d1:25:
74:4e:48:6f:ef:a3:a3:8f:77:2f:34:3e:f2:df:86:7c:8c:85:
1b:5f:97:d3:1b:8b:08:f4:e9:2b:58:88:a9:63:2a:56:6c:54:
e5:30:4a:f3:d0:13:b3:86:e3:d3:bc:9e:38:ee:a6:e1:2f:7e:
27:34:3f:95:80:5d:f5:22:ff:39:5d:4a:43:08:39:ed:8b:e1:
6a:80:55:e4:97:76:e0:e5:a2:4a:6d:8a:61:28:97:52:f4:1f:
47:ed:89:6f:cf:ee:0f:3f:23:8e:a5:5d:05:b7:5b:7f:32:63:
a5:1e:0c:c0:2c:32:a0:fa:ac:45:8e:47:e8:9a:a4:6c:a2:ad:
ee:ef:bc:c2:c9:16:1e:95:9f:36:f2:a0:8e:e0:73:1a:3f:43:
2a:d3:59:8e:54:68:cf:7b:49:5a:d4:7c:12:d9:02:65:9d:32:
3f:06:f3:7d:0e:14:83:3c:2a:98:79:81:19:02:20:16:4d:63:
5c:25:69:27
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjA5MTUw
MjQ5NDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQxNzBEMkI2REVGNkQx
RUMwMjNBNDA0QTA5NzhDNEI3NDdGNUIyQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvhoR6E1jCI7r3/YNTLZf/yC6U77hS/NCuxQRd3X6x39MnZNSV
IYZ8DHcBqC7oFMOize2Q6Mit7dLui1J5QjQI681dSqSKw62SkqxkOzxso1UgV7y+
/V6f6frWUim3wtZPR1oRbrTPxF+tggB+2oT9A3n83dTqfGarTGffMW7valNkk7D4
B+50cmiXZDunFA9uwJM0mT2zdoxkKC+WAMkqc9SYBXhPduU1ns2NL2Jfp5JCQ3q5
2b/sdHufhPne80uey/VZN/8mfZe/wRn3ATpjxJAygT8QbVzteW1vFuEpgW+DOVtB
09EPpZSqq0Qk86RpxiDLeYK/0PXqgNOlqJTjAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU0XDStt720ewCOkBKCXjEt0f1sqYwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzBYRFN0dDcyMGV3Q09rQktDWGpFdDBm
MXNxWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTggwDQYJ
KoZIhvcNAQELBQADggEBAJxnSFWCCMnaIH3mlJxGKmR6FnsqykMcWrGcyF3yUlIe
B2ekRHzQMUgm8q09qAV1/4zwjG5c0R0hgjfPddwHJC87uHhIZ+3RJXROSG/vo6OP
dy80PvLfhnyMhRtfl9Mbiwj06StYiKljKlZsVOUwSvPQE7OG49O8njjupuEvfic0
P5WAXfUi/zldSkMIOe2L4WqAVeSXduDlokptimEol1L0H0ftiW/P7g8/I46lXQW3
W38yY6UeDMAsMqD6rEWOR+iapGyire7vvMLJFh6VnzbyoI7gcxo/QyrTWY5UaM97
SVrUfBLZAmWdMj8G830OFIM8Kph5gRkCIBZNY1wlaSc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org