Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/7KLfla1uCmcpFB93grvtS0ypJSM.roa
File: 7KLfla1uCmcpFB93grvtS0ypJSM.roa (raw, json)
Hash identifier: tByuNsZ33J2JrAi1VhjYh3sSmUGpKN+Cfa7ySZWMIlY=
Subject key identifier: EC:A2:DF:95:AD:6E:0A:67:29:14:1F:77:82:BB:ED:4B:4C:A9:25:23
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0924
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/7KLfla1uCmcpFB93grvtS0ypJSM.roa
Signing time: Sun 07 Feb 2021 12:47:29 +0000
ROA not before: Sun 07 Feb 2021 12:47:29 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 61.61.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2340 (0x924)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 7 12:47:29 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=ECA2DF95AD6E0A6729141F7782BBED4B4CA92523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:14:a5:41:97:73:3c:5c:5c:52:6d:8c:ff:d1:
b5:7c:7c:b3:b3:3c:2a:26:3d:12:19:e0:40:d8:cc:
02:5c:88:39:6d:61:a6:2f:b1:bf:ff:67:9a:0c:2a:
17:75:a0:a2:20:cf:9b:66:a3:28:3f:4d:14:c7:95:
f3:7f:f8:3f:d3:10:7b:16:8f:56:06:37:77:d1:8b:
13:da:36:94:7b:ee:6a:d0:25:b4:fb:02:1f:ae:98:
e3:40:b2:78:81:5d:5a:fb:56:55:51:d1:4b:11:a6:
af:c8:4c:f5:21:d9:bf:f0:90:5b:bf:98:a8:7f:a9:
ed:b1:6a:f9:ff:3f:a4:b7:c5:8e:05:7d:3b:ae:a1:
e8:70:b3:4d:5a:66:f1:64:14:ee:41:20:98:57:70:
79:64:d7:30:fa:12:0b:6c:29:92:5d:b5:00:4a:a9:
94:63:5b:f3:b8:bb:33:13:26:b8:2e:60:b4:14:23:
01:16:a9:69:28:2c:25:db:b8:13:6c:57:72:f7:62:
30:a5:a2:87:1b:ce:b4:b0:f8:08:ac:5d:80:0a:95:
84:46:c8:6b:88:98:47:36:47:c9:bb:cc:b0:97:9c:
bc:5c:33:7a:8a:c7:ec:6a:09:6e:4b:c4:e1:fc:91:
ac:7b:43:3e:cb:6f:14:6b:f8:1d:b3:c6:8b:12:70:
72:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A2:DF:95:AD:6E:0A:67:29:14:1F:77:82:BB:ED:4B:4C:A9:25:23
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/7KLfla1uCmcpFB93grvtS0ypJSM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:52:95:69:2a:83:c2:bf:da:7d:3a:b1:9b:ae:0c:98:45:07:
dd:50:00:9b:dc:6a:69:96:5c:0f:37:91:b3:ec:14:0d:fa:e3:
ce:25:3c:68:60:80:44:79:e8:d2:44:9e:17:a8:2f:8f:e7:da:
a0:3f:36:23:e5:ae:a8:33:3b:7f:40:47:67:ce:08:2b:bc:85:
2d:be:84:a9:b5:8a:d6:14:cb:48:3e:70:be:19:6c:4c:49:d2:
a0:26:2c:a9:00:da:f1:3f:86:b9:4f:cf:50:1a:80:22:8e:62:
07:ae:88:2c:b6:6b:6e:f9:1a:be:5b:60:5f:42:52:1c:e5:96:
8f:d5:b3:f5:ac:79:dc:af:b4:e8:d4:73:b6:5e:b0:08:c5:e0:
43:4c:3c:48:d1:a1:24:7c:fd:66:a4:4f:f4:92:82:94:f6:5d:
6c:2d:8e:e5:2d:76:24:44:aa:d2:a2:da:46:62:4e:9d:e2:b3:
40:97:f8:9c:17:54:52:9c:7b:ad:1f:5c:4a:60:1f:c0:22:e6:
2d:58:90:27:81:78:5c:f0:97:46:1e:3d:a6:d0:0b:b8:4a:6b:
e5:40:bc:75:4e:45:64:ec:ef:c4:d4:47:e9:d8:c5:9d:65:dd:
bf:d6:2b:c4:27:46:2d:17:dd:c7:ab:bc:ce:a5:53:01:03:35:
46:ee:e9:87
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCSQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTAyMDcx
MjQ3MjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEVDQTJERjk1QUQ2RTBB
NjcyOTE0MUY3NzgyQkJFRDRCNENBOTI1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4FKVBl3M8XFxSbYz/0bV8fLOzPComPRIZ4EDYzAJciDltYaYv
sb//Z5oMKhd1oKIgz5tmoyg/TRTHlfN/+D/TEHsWj1YGN3fRixPaNpR77mrQJbT7
Ah+umONAsniBXVr7VlVR0UsRpq/ITPUh2b/wkFu/mKh/qe2xavn/P6S3xY4FfTuu
oehws01aZvFkFO5BIJhXcHlk1zD6EgtsKZJdtQBKqZRjW/O4uzMTJrguYLQUIwEW
qWkoLCXbuBNsV3L3YjCloocbzrSw+AisXYAKlYRGyGuImEc2R8m7zLCXnLxcM3qK
x+xqCW5LxOH8kax7Qz7LbxRr+B2zxosScHJvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU7KLfla1uCmcpFB93grvtS0ypJSMwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzdLTGZsYTF1Q21jcEZCOTNncnZ0UzB5
cEpTTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PSgwDQYJ
KoZIhvcNAQELBQADggEBAF9SlWkqg8K/2n06sZuuDJhFB91QAJvcammWXA83kbPs
FA36484lPGhggER56NJEnheoL4/n2qA/NiPlrqgzO39AR2fOCCu8hS2+hKm1itYU
y0g+cL4ZbExJ0qAmLKkA2vE/hrlPz1AagCKOYgeuiCy2a275Gr5bYF9CUhzllo/V
s/WsedyvtOjUc7ZesAjF4ENMPEjRoSR8/WakT/SSgpT2XWwtjuUtdiREqtKi2kZi
Tp3is0CX+JwXVFKce60fXEpgH8Ai5i1YkCeBeFzwl0YePabQC7hKa+VAvHVORWTs
78TUR+nYxZ1l3b/WK8QnRi0X3cervM6lUwEDNUbu6Yc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:07 2025 by rpki-client