Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/HdNrP5gZJYdbIzPk3bLTc7vEN3Y.roa
File: HdNrP5gZJYdbIzPk3bLTc7vEN3Y.roa (raw, json)
Hash identifier: qE6H2MulwNylJyqVS69vziNlPtf/wSWJSl5XJPrinVc=
Subject key identifier: 1D:D3:6B:3F:98:19:25:87:5B:23:33:E4:DD:B2:D3:73:BB:C4:37:76
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 09DA
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/HdNrP5gZJYdbIzPk3bLTc7vEN3Y.roa
Signing time: Wed 29 Sep 2021 02:52:17 +0000
ROA not before: Wed 29 Sep 2021 02:52:17 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 61.61.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2522 (0x9da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 02:52:17 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=1DD36B3F981925875B2333E4DDB2D373BBC43776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f0:36:6d:8a:88:6a:f1:46:13:bf:26:c1:77:
ed:ba:24:70:a8:3a:7e:e8:95:53:b7:d5:b0:e3:d7:
40:4a:52:0a:7b:87:b7:fe:22:08:43:34:20:ec:bf:
54:89:66:04:53:af:cf:0e:1d:78:b4:e3:9e:50:c8:
65:35:ea:f4:ed:b5:70:1c:7e:5b:18:92:0e:a8:3c:
5e:08:ba:93:fb:71:dc:60:2a:73:9b:e9:ce:24:29:
38:dd:63:9e:15:43:7f:f7:df:52:c3:a4:c1:43:4c:
9b:5c:02:a6:74:1d:31:e9:5e:8f:70:06:25:a0:d5:
6e:13:13:71:f7:c3:61:62:cc:e7:1e:fd:e6:3d:e6:
13:f6:f9:df:5c:64:d4:e1:ba:0d:1a:b2:0d:a8:e8:
93:ba:6f:fb:cd:0d:a4:38:b6:5a:65:2e:6f:a6:bb:
3c:d9:84:dc:96:94:ba:10:54:81:31:49:1f:03:fe:
97:92:1e:42:00:de:81:56:4a:a7:9e:b4:2f:26:a1:
d4:30:60:6e:45:03:49:a6:25:c8:38:52:6b:46:92:
a7:f3:e2:ba:d4:c1:2e:af:bb:6b:a1:c3:94:6c:00:
24:16:63:c4:db:65:0f:8e:7f:8e:e4:7a:e3:24:3d:
88:78:91:af:18:2b:25:e4:e4:99:8c:ce:36:35:f1:
0d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D3:6B:3F:98:19:25:87:5B:23:33:E4:DD:B2:D3:73:BB:C4:37:76
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/HdNrP5gZJYdbIzPk3bLTc7vEN3Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.64.0/22
Signature Algorithm: sha256WithRSAEncryption
85:0f:a3:74:c9:67:d1:d5:0d:b7:24:51:61:9a:b9:56:75:1f:
41:55:6c:db:fe:21:e3:8a:30:d7:10:a9:b2:8e:bf:35:e9:ac:
8c:7d:f9:95:f7:c8:c6:55:f2:c5:71:5c:15:84:ee:f5:cb:2e:
1b:98:20:c2:67:1e:1a:52:4b:64:7c:ce:10:f4:84:e0:5a:9c:
13:5e:e3:03:c5:1d:bf:da:e1:8a:de:b5:1a:ee:ce:11:84:25:
c9:fb:5f:d8:9e:18:b2:c1:a0:df:b6:b9:43:e0:b8:8a:e8:68:
08:05:a5:e5:97:82:c1:51:82:d6:a9:84:da:a2:96:b9:ed:0f:
01:6e:2e:32:bb:85:a8:02:ea:d7:25:6f:8e:e5:08:03:d0:03:
c5:b3:09:75:8a:5a:32:ff:95:df:dd:88:81:57:b0:37:df:b5:
ea:cd:d7:7c:05:2c:50:57:b7:1e:5b:6c:9b:19:92:87:4f:35:
b7:cf:a0:e0:cc:f8:7c:16:41:c2:05:77:0d:b7:81:c8:c5:b8:
02:e0:dc:78:e4:bb:1a:91:1a:8b:26:bf:93:3c:0b:5b:fb:5e:
1d:ff:59:e2:98:3d:f6:23:0a:89:3f:91:9e:7e:d4:d7:69:fe:
58:fc:83:bb:c2:2a:3c:70:20:d5:42:3f:eb:51:d8:fc:6a:c8:
7b:71:86:0a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFERDM2QjNGOTgxOTI1
ODc1QjIzMzNFNEREQjJEMzczQkJDNDM3NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI8DZtiohq8UYTvybBd+26JHCoOn7olVO31bDj10BKUgp7h7f+
IghDNCDsv1SJZgRTr88OHXi0455QyGU16vTttXAcflsYkg6oPF4IupP7cdxgKnOb
6c4kKTjdY54VQ3/331LDpMFDTJtcAqZ0HTHpXo9wBiWg1W4TE3H3w2FizOce/eY9
5hP2+d9cZNThug0asg2o6JO6b/vNDaQ4tlplLm+muzzZhNyWlLoQVIExSR8D/peS
HkIA3oFWSqeetC8modQwYG5FA0mmJcg4UmtGkqfz4rrUwS6vu2uhw5RsACQWY8Tb
ZQ+Of47keuMkPYh4ka8YKyXk5JmMzjY18Q2rAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUHdNrP5gZJYdbIzPk3bLTc7vEN3YwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL0hkTnJQNWdaSllkYkl6UGszYkxUYzd2
RU4zWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PUAwDQYJ
KoZIhvcNAQELBQADggEBAIUPo3TJZ9HVDbckUWGauVZ1H0FVbNv+IeOKMNcQqbKO
vzXprIx9+ZX3yMZV8sVxXBWE7vXLLhuYIMJnHhpSS2R8zhD0hOBanBNe4wPFHb/a
4YretRruzhGEJcn7X9ieGLLBoN+2uUPguIroaAgFpeWXgsFRgtaphNqilrntDwFu
LjK7hagC6tclb47lCAPQA8WzCXWKWjL/ld/diIFXsDffterN13wFLFBXtx5bbJsZ
kodPNbfPoODM+HwWQcIFdw23gcjFuALg3HjkuxqRGosmv5M8C1v7Xh3/WeKYPfYj
Cok/kZ5+1Ndp/lj8g7vCKjxwINVCP+tR2PxqyHtxhgo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org