Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/MH4bqiDFC7DZYhyGtASeZ0u-nsc.roa
File: MH4bqiDFC7DZYhyGtASeZ0u-nsc.roa (raw, json)
Hash identifier: RfSOY5VeWy/QT7/0kjq3uzU38YL/bWsnH6IfEUWMXko=
Subject key identifier: 30:7E:1B:AA:20:C5:0B:B0:D9:62:1C:86:B4:04:9E:67:4B:BE:9E:C7
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0B06
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/MH4bqiDFC7DZYhyGtASeZ0u-nsc.roa
Signing time: Tue 01 Nov 2022 07:17:28 +0000
ROA not before: Tue 01 Nov 2022 07:17:28 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 61.61.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2822 (0xb06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Nov 1 07:17:28 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=307E1BAA20C50BB0D9621C86B4049E674BBE9EC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cc:1d:80:e2:c7:31:39:fc:17:a3:88:0e:04:
5e:b8:3f:f2:91:e4:35:f6:6c:81:c2:31:8b:d9:88:
f3:9d:a6:a1:ed:18:59:27:72:5c:cf:09:b2:1a:15:
a0:02:17:fa:57:d7:cd:42:b2:59:0d:38:de:ed:72:
e3:f2:fd:69:58:3d:32:da:95:fa:23:92:38:d0:ce:
10:e2:7e:78:18:ec:9a:4b:87:28:66:b5:34:37:d1:
c2:d3:60:f0:d9:e4:c8:04:e3:10:56:20:a2:d1:a5:
f5:84:63:b5:36:e8:31:c6:aa:8d:9a:29:fe:0b:c6:
51:82:4e:af:bc:5b:4f:22:13:7b:f0:8d:b5:8c:91:
d3:74:2e:39:c3:e8:70:38:60:46:0f:f0:ea:ba:e5:
3d:1e:af:1f:19:a2:23:5e:33:44:0b:a0:47:a2:c2:
16:5d:54:41:05:9a:85:ee:51:8d:78:3d:41:20:ed:
c1:55:3e:b9:70:01:e2:ac:d4:92:17:e0:de:ab:91:
a1:c5:f5:ea:5c:e7:2a:20:e1:3b:c7:2d:bb:ca:3e:
61:45:af:6f:42:57:d1:dd:63:38:d9:dd:d7:83:ff:
b4:6b:90:28:a6:80:ab:75:c6:0c:ec:68:0a:91:43:
59:a0:36:e8:2b:34:0e:7c:dd:e1:af:7e:eb:cf:ea:
39:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7E:1B:AA:20:C5:0B:B0:D9:62:1C:86:B4:04:9E:67:4B:BE:9E:C7
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/MH4bqiDFC7DZYhyGtASeZ0u-nsc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.176.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:c5:3d:d7:1a:6f:d9:65:eb:b5:55:dc:0d:9e:e1:76:e8:65:
b3:2d:d8:28:2c:4c:8a:44:86:86:d0:b3:e7:a6:a2:5c:fa:9a:
8b:b2:f1:dd:d7:38:b3:36:bb:55:e7:6f:19:dc:1f:17:64:10:
eb:c1:40:76:bc:61:be:b7:bb:56:f6:48:af:01:9d:03:94:3e:
11:fa:c3:3c:f1:ef:cd:07:bf:7f:fe:9b:1d:be:37:e1:c5:9b:
73:f7:33:1a:1d:a0:2d:89:9c:15:e4:ef:24:fe:54:a1:1e:26:
e2:dd:1f:ea:5a:ed:66:a0:5d:2d:d9:b3:41:e8:0e:4e:4f:3e:
51:74:91:9a:dc:41:50:de:f6:bf:32:18:1e:d3:84:b2:f0:a2:
a9:3a:6a:34:6a:16:ed:f9:9e:43:55:7c:f8:74:43:fa:95:77:
b2:8e:8d:d0:a5:c0:a3:e5:e3:f8:02:5c:7e:ea:06:65:d6:9e:
d5:61:bc:14:85:08:f8:bc:9f:03:89:ca:97:87:50:f6:e4:ec:
31:08:ff:53:da:3a:d8:10:bf:65:40:aa:09:c4:e0:46:a3:51:
c2:d3:81:fc:2a:ce:76:b9:23:df:a8:d9:30:29:00:08:da:33:
b5:52:a3:4e:ec:b4:7c:d9:75:90:68:a4:52:db:c8:c3:e9:48:
d4:4a:42:95
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCwYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjExMDEw
NzE3MjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMwN0UxQkFBMjBDNTBC
QjBEOTYyMUM4NkI0MDQ5RTY3NEJCRTlFQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClzB2A4scxOfwXo4gOBF64P/KR5DX2bIHCMYvZiPOdpqHtGFkn
clzPCbIaFaACF/pX181CslkNON7tcuPy/WlYPTLalfojkjjQzhDifngY7JpLhyhm
tTQ30cLTYPDZ5MgE4xBWIKLRpfWEY7U26DHGqo2aKf4LxlGCTq+8W08iE3vwjbWM
kdN0LjnD6HA4YEYP8Oq65T0erx8ZoiNeM0QLoEeiwhZdVEEFmoXuUY14PUEg7cFV
PrlwAeKs1JIX4N6rkaHF9epc5yog4TvHLbvKPmFFr29CV9HdYzjZ3deD/7RrkCim
gKt1xgzsaAqRQ1mgNugrNA583eGvfuvP6jkFAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUMH4bqiDFC7DZYhyGtASeZ0u+nscwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL01INGJxaURGQzdEWlloeUd0QVNlWjB1
LW5zYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9PbAwDQYJ
KoZIhvcNAQELBQADggEBAF3FPdcab9ll67VV3A2e4XboZbMt2CgsTIpEhobQs+em
olz6mouy8d3XOLM2u1XnbxncHxdkEOvBQHa8Yb63u1b2SK8BnQOUPhH6wzzx780H
v3/+mx2+N+HFm3P3MxodoC2JnBXk7yT+VKEeJuLdH+pa7WagXS3Zs0HoDk5PPlF0
kZrcQVDe9r8yGB7ThLLwoqk6ajRqFu35nkNVfPh0Q/qVd7KOjdClwKPl4/gCXH7q
BmXWntVhvBSFCPi8nwOJypeHUPbk7DEI/1PaOtgQv2VAqgnE4EajUcLTgfwqzna5
I9+o2TApAAjaM7VSo07stHzZdZBopFLbyMPpSNRKQpU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org