Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/Q2z8ZZlihDvP4wtH0IqbOOlyZVA.roa
File: Q2z8ZZlihDvP4wtH0IqbOOlyZVA.roa (raw, json)
Hash identifier: VlcPRy8T34yz5gRRF6lRRpR7+HMQXwvvuNCFVxCBP54=
Subject key identifier: 43:6C:FC:65:99:62:84:3B:CF:E3:0B:47:D0:8A:9B:38:E9:72:65:50
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 09D9
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Q2z8ZZlihDvP4wtH0IqbOOlyZVA.roa
Signing time: Wed 29 Sep 2021 02:52:17 +0000
ROA not before: Wed 29 Sep 2021 02:52:17 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 61.61.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2521 (0x9d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 02:52:17 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=436CFC659962843BCFE30B47D08A9B38E9726550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0f:59:e6:d2:b9:99:b1:9f:6e:73:2a:00:95:
ea:9f:40:03:de:f8:57:98:59:64:ca:43:c6:4a:09:
1b:6d:73:f4:ec:93:12:bc:84:dd:4c:0b:88:7c:24:
b4:1f:38:06:73:33:4a:e4:87:a1:b3:46:de:3c:20:
a2:85:92:d9:d7:17:a8:7a:ae:d0:fd:11:8f:f7:dd:
e8:a4:dd:f6:95:bc:7f:f7:ff:b6:a8:b3:c0:70:c3:
d9:be:e7:e2:b0:ee:d3:1f:3d:1c:01:a0:cc:db:02:
4a:8c:f6:c3:79:32:44:b3:88:f2:3f:91:21:5c:5d:
8c:a8:2b:2e:9d:ce:9e:bc:33:95:aa:9f:40:00:d8:
e0:7c:ea:16:db:78:a8:27:cf:45:5b:97:80:92:bd:
fb:76:e0:1f:a0:98:0a:61:31:05:d4:2b:46:34:41:
a4:6f:9b:0e:21:a3:73:af:ce:0c:ab:16:e6:86:6c:
f2:51:ea:95:70:50:19:37:d1:cf:cf:c6:9f:55:99:
bd:18:22:dc:33:0f:fe:97:b2:0c:ec:a8:0a:cb:10:
72:85:4a:ab:7e:19:5f:5d:74:e2:f2:db:8d:58:1e:
c3:0c:31:db:a9:66:7d:7b:9e:aa:d4:02:74:40:45:
bb:9d:c8:80:60:0b:e8:44:fa:5b:08:ca:cd:bc:32:
cd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6C:FC:65:99:62:84:3B:CF:E3:0B:47:D0:8A:9B:38:E9:72:65:50
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Q2z8ZZlihDvP4wtH0IqbOOlyZVA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.72.0/22
Signature Algorithm: sha256WithRSAEncryption
96:19:da:be:6d:b9:2c:c3:99:a1:23:31:e1:20:6b:73:df:56:
b4:c8:0d:29:62:22:fc:06:a4:53:30:42:30:db:83:2d:ae:b9:
01:c2:4d:43:e3:96:f7:7e:4d:da:d0:63:99:69:cb:55:d5:3f:
d9:98:be:62:0c:95:c3:14:0d:09:01:6c:1d:f7:1b:0c:0e:20:
d4:95:30:09:6d:f0:9d:27:9c:e1:a7:a3:fb:3c:49:08:08:11:
41:4d:64:d2:1c:13:01:bb:32:71:39:19:37:12:1e:8c:1e:9b:
dd:86:e5:1e:20:6b:b7:c3:00:73:f8:26:5f:c7:44:59:2b:85:
1d:08:48:9d:5f:f7:57:c1:20:4d:e7:a3:a4:22:63:3e:5a:7f:
fd:bf:09:8e:ed:72:7a:d8:2a:08:28:32:6e:58:0f:2e:a9:85:
53:30:73:66:03:8d:d6:0d:c7:93:19:6e:52:a9:24:63:b1:fc:
18:9e:fb:56:a6:1b:ae:df:45:32:2b:1c:84:bb:78:2d:f4:88:
4c:23:b5:0e:1d:e5:57:9d:4f:a2:58:74:71:84:ac:73:19:ba:
2d:0a:b3:c0:10:a8:cc:34:9f:b0:24:51:84:a6:1e:dc:5f:6b:
23:63:16:9a:64:01:45:6e:ff:fa:ab:d8:05:12:2c:0f:2f:72:
5c:87:de:f1
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQzNkNGQzY1OTk2Mjg0
M0JDRkUzMEI0N0QwOEE5QjM4RTk3MjY1NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaD1nm0rmZsZ9ucyoAleqfQAPe+FeYWWTKQ8ZKCRttc/TskxK8
hN1MC4h8JLQfOAZzM0rkh6GzRt48IKKFktnXF6h6rtD9EY/33eik3faVvH/3/7ao
s8Bww9m+5+Kw7tMfPRwBoMzbAkqM9sN5MkSziPI/kSFcXYyoKy6dzp68M5Wqn0AA
2OB86hbbeKgnz0Vbl4CSvft24B+gmAphMQXUK0Y0QaRvmw4ho3OvzgyrFuaGbPJR
6pVwUBk30c/Pxp9Vmb0YItwzD/6XsgzsqArLEHKFSqt+GV9ddOLy241YHsMMMdup
Zn17nqrUAnRARbudyIBgC+hE+lsIys28Ms31AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUQ2z8ZZlihDvP4wtH0IqbOOlyZVAwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1EyejhaWmxpaER2UDR3dEgwSXFiT09s
eVpWQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PUgwDQYJ
KoZIhvcNAQELBQADggEBAJYZ2r5tuSzDmaEjMeEga3PfVrTIDSliIvwGpFMwQjDb
gy2uuQHCTUPjlvd+TdrQY5lpy1XVP9mYvmIMlcMUDQkBbB33GwwOINSVMAlt8J0n
nOGno/s8SQgIEUFNZNIcEwG7MnE5GTcSHowem92G5R4ga7fDAHP4Jl/HRFkrhR0I
SJ1f91fBIE3no6QiYz5af/2/CY7tcnrYKggoMm5YDy6phVMwc2YDjdYNx5MZblKp
JGOx/Bie+1amG67fRTIrHIS7eC30iEwjtQ4d5VedT6JYdHGErHMZui0Ks8AQqMw0
n7AkUYSmHtxfayNjFppkAUVu//qr2AUSLA8vclyH3vE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:56 2025 by rpki-client