Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/4Hxn2R1UEAHvZfFgoK6DW9dxqQg.roa
File: 4Hxn2R1UEAHvZfFgoK6DW9dxqQg.roa (raw, json)
Hash identifier: a9wIp3x24eNB69y8/gGN0eIIulUkHXJORzvbP+pDiks=
Subject key identifier: E0:7C:67:D9:1D:54:10:01:EF:65:F1:60:A0:AE:83:5B:D7:71:A9:08
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 092C
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/4Hxn2R1UEAHvZfFgoK6DW9dxqQg.roa
Signing time: Sun 07 Feb 2021 13:06:19 +0000
ROA not before: Sun 07 Feb 2021 13:06:19 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131627
IP address blocks: 61.61.144.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2348 (0x92c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 7 13:06:19 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=E07C67D91D541001EF65F160A0AE835BD771A908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d9:94:bc:aa:32:9d:ca:65:f0:15:26:2c:b9:
ec:0e:b4:46:b8:b2:87:04:5a:01:78:4f:28:fe:da:
de:18:6c:41:07:11:ed:b9:8d:11:d0:9d:ca:61:35:
6f:0b:2f:85:07:76:d0:2b:8d:7a:8c:c1:10:02:29:
9a:6d:b8:74:d3:1f:13:2a:c5:de:37:01:c7:52:94:
c9:0d:fb:11:a0:1e:fe:05:84:6a:09:9f:73:9e:6e:
d8:b1:a0:d5:01:86:22:e4:69:ea:4f:fd:6a:c6:e3:
96:d0:be:da:d5:d1:84:7e:02:a7:64:ee:da:c2:4e:
77:c9:9c:83:51:7a:e5:54:cd:4c:f0:e5:61:52:cf:
56:cc:8a:a7:86:0d:fd:b5:41:fc:1e:7f:63:b3:76:
f8:f8:ee:62:3c:de:5d:ec:aa:e9:99:f9:61:f8:ad:
e5:a1:d4:18:6f:a2:07:30:c2:17:a3:d7:dc:37:89:
76:d9:11:41:83:76:ba:83:2a:2f:c1:a2:23:37:db:
84:6e:0b:e3:dc:0b:7f:92:a6:da:59:01:c9:94:4a:
e0:fa:45:d5:55:ad:e9:da:13:98:bc:7a:1a:2c:60:
c3:ef:e7:72:5c:7f:42:57:6c:d3:bf:4e:3c:b9:6c:
43:7c:77:0d:52:a2:19:a5:74:d4:e4:b0:3e:2d:83:
90:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7C:67:D9:1D:54:10:01:EF:65:F1:60:A0:AE:83:5B:D7:71:A9:08
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/4Hxn2R1UEAHvZfFgoK6DW9dxqQg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.144.0/21
Signature Algorithm: sha256WithRSAEncryption
24:c0:b4:f6:2a:17:ae:6b:8e:57:cd:62:97:6e:35:99:92:c9:
43:1f:21:b2:6f:7a:bc:5f:86:51:d4:e9:b3:51:1c:45:55:80:
59:bf:f7:ba:7a:8c:a8:6d:24:2f:72:93:3d:af:a5:a5:ad:2d:
46:41:41:d4:e5:de:5f:8c:86:31:2f:b5:d6:63:38:c9:ef:c4:
ed:a8:8f:13:b9:ec:93:cf:15:e2:e1:22:ba:91:2c:88:c6:17:
22:fa:32:5c:d1:45:f7:ec:c0:4e:8e:1c:ee:ad:55:70:22:7e:
ad:2a:b3:48:8c:d3:2e:28:bf:3d:71:33:86:98:cf:42:69:79:
2b:e9:c2:ad:a6:ab:9e:4b:01:a2:a0:23:e3:e4:10:b8:9f:db:
0a:e2:e9:5b:dd:76:5c:8f:30:4f:5f:a4:17:c2:f4:fa:da:bc:
da:fb:38:e5:db:29:e3:e8:79:e2:9d:7c:1e:63:c0:68:39:79:
53:71:06:62:75:51:5d:9e:2a:6c:b5:fd:29:89:be:f6:52:66:
18:35:ca:71:0c:51:02:84:91:47:3a:8e:dc:68:24:f7:7c:aa:
d1:93:a9:26:62:da:d6:11:fd:53:37:a3:05:dd:7b:ab:5e:43:
d8:81:dc:b1:27:dc:ba:bc:0c:29:d4:dd:72:f8:ee:92:1c:22:
ec:32:ff:5c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCSwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTAyMDcx
MzA2MTlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEUwN0M2N0Q5MUQ1NDEw
MDFFRjY1RjE2MEEwQUU4MzVCRDc3MUE5MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ2ZS8qjKdymXwFSYsuewOtEa4socEWgF4Tyj+2t4YbEEHEe25
jRHQncphNW8LL4UHdtArjXqMwRACKZptuHTTHxMqxd43AcdSlMkN+xGgHv4FhGoJ
n3OebtixoNUBhiLkaepP/WrG45bQvtrV0YR+Aqdk7trCTnfJnINReuVUzUzw5WFS
z1bMiqeGDf21Qfwef2Ozdvj47mI83l3squmZ+WH4reWh1Bhvogcwwhej19w3iXbZ
EUGDdrqDKi/BoiM324RuC+PcC3+SptpZAcmUSuD6RdVVrenaE5i8ehosYMPv53Jc
f0JXbNO/Tjy5bEN8dw1SohmldNTksD4tg5CnAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU4Hxn2R1UEAHvZfFgoK6DW9dxqQgwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzRIeG4yUjFVRUFIdlpmRmdvSzZEVzlk
eHFRZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PZAwDQYJ
KoZIhvcNAQELBQADggEBACTAtPYqF65rjlfNYpduNZmSyUMfIbJverxfhlHU6bNR
HEVVgFm/97p6jKhtJC9ykz2vpaWtLUZBQdTl3l+MhjEvtdZjOMnvxO2ojxO57JPP
FeLhIrqRLIjGFyL6MlzRRffswE6OHO6tVXAifq0qs0iM0y4ovz1xM4aYz0JpeSvp
wq2mq55LAaKgI+PkELif2wri6VvddlyPME9fpBfC9PravNr7OOXbKePoeeKdfB5j
wGg5eVNxBmJ1UV2eKmy1/SmJvvZSZhg1ynEMUQKEkUc6jtxoJPd8qtGTqSZi2tYR
/VM3owXde6teQ9iB3LEn3Lq8DCnU3XL47pIcIuwy/1w=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:32 2025 by rpki-client