Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/QyHFS3N2BMf6fSdYt8SIi0pXLbs.roa
File: QyHFS3N2BMf6fSdYt8SIi0pXLbs.roa (raw, json)
Hash identifier: p2/ELt2m6OEt19XRDZEJ0ZxnbKNnAi/UIho+aKDzPwg=
Subject key identifier: 43:21:C5:4B:73:76:04:C7:FA:7D:27:58:B7:C4:88:8B:4A:57:2D:BB
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 09D8
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/QyHFS3N2BMf6fSdYt8SIi0pXLbs.roa
Signing time: Wed 29 Sep 2021 02:52:16 +0000
ROA not before: Wed 29 Sep 2021 02:52:16 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 61.61.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2520 (0x9d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 02:52:16 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4321C54B737604C7FA7D2758B7C4888B4A572DBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:28:33:d7:cf:66:a3:f3:a4:ab:50:d1:23:d3:
9b:23:36:73:d6:ac:ae:6a:11:3d:98:c5:16:b0:10:
c2:c0:37:c2:f9:90:f4:a9:b1:f2:8a:7a:b2:9a:0c:
56:32:03:8f:59:dc:de:0f:1e:59:4e:15:cd:f9:0e:
9c:ec:b9:72:bc:f8:d9:df:96:fe:5b:51:0f:56:96:
a6:e1:fb:fd:2f:08:08:99:ca:e5:d5:7b:3d:65:29:
a8:1c:0e:61:5d:2d:19:48:29:87:52:99:d1:6e:d1:
ee:28:7f:e1:d0:e5:61:bf:0e:f6:9f:3e:05:f3:84:
c8:48:c0:6f:45:14:26:a3:8e:c6:e5:2b:a2:79:d5:
df:f7:9b:3b:6e:c6:e3:d6:03:5f:d1:62:fc:0b:c2:
66:f1:fe:fe:bf:5f:c2:b4:b6:b0:ab:78:ae:e3:41:
9b:a6:c4:9c:ce:d3:a7:94:92:8e:c5:5b:f2:7d:e1:
1a:40:74:12:32:5c:f9:94:5d:94:dd:ba:54:36:a4:
91:2a:5a:02:87:0b:8e:73:5d:0f:7d:b4:0b:a3:c7:
4d:93:98:cc:b9:75:6b:e2:cf:11:b3:ee:bc:ba:4d:
f3:1e:49:06:51:a4:d0:9e:81:52:60:6f:82:b0:7d:
b4:25:7c:44:c5:87:c6:ae:2f:68:a7:59:67:5f:f3:
d3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:21:C5:4B:73:76:04:C7:FA:7D:27:58:B7:C4:88:8B:4A:57:2D:BB
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/QyHFS3N2BMf6fSdYt8SIi0pXLbs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.69.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:83:92:c9:0d:b0:59:50:36:a8:c0:f1:9e:81:31:13:75:d1:
8e:c4:1f:9a:c1:92:f7:c6:18:5e:b0:51:0e:0b:cb:3f:66:b7:
e6:d3:0c:3a:27:84:10:3f:ad:7a:e0:d9:1d:9a:a9:df:68:8e:
6d:a1:ff:66:29:e8:1c:ab:2d:57:6e:e2:1e:9f:0b:d3:ba:8e:
64:8f:a1:a1:e0:fc:6b:9b:d5:5a:64:49:61:6a:3b:83:cd:46:
f9:e5:e6:c9:6d:ec:31:cf:ca:3d:7c:75:49:87:af:1c:e4:39:
36:84:86:3a:b1:18:9b:55:1c:a7:3e:53:2d:cf:ce:b3:24:d3:
2f:40:d0:8d:ad:3b:2d:d4:45:aa:30:28:08:d6:6e:9c:9b:a0:
48:06:f1:69:c6:24:8a:bd:c5:18:6f:3f:57:85:0e:1f:d2:ac:
b4:38:09:5e:3d:a9:8e:5e:0a:a5:a1:c0:0e:1e:ef:5e:34:f4:
fb:82:b5:60:1a:2d:4e:54:7a:22:ec:96:91:93:51:91:69:41:
be:a7:ce:7b:5e:c4:cd:e2:ba:85:68:9a:c9:fc:ba:9a:72:01:
29:b4:5f:f4:06:f8:e3:57:21:cd:73:91:34:f9:74:d2:c1:32:
14:a8:e4:bb:e3:b0:fc:f1:71:da:dc:bb:e7:55:c2:fb:6f:46:
99:6a:23:b4
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQzMjFDNTRCNzM3NjA0
QzdGQTdEMjc1OEI3QzQ4ODhCNEE1NzJEQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnKDPXz2aj86SrUNEj05sjNnPWrK5qET2YxRawEMLAN8L5kPSp
sfKKerKaDFYyA49Z3N4PHllOFc35DpzsuXK8+Nnflv5bUQ9Wlqbh+/0vCAiZyuXV
ez1lKagcDmFdLRlIKYdSmdFu0e4of+HQ5WG/DvafPgXzhMhIwG9FFCajjsblK6J5
1d/3mztuxuPWA1/RYvwLwmbx/v6/X8K0trCreK7jQZumxJzO06eUko7FW/J94RpA
dBIyXPmUXZTdulQ2pJEqWgKHC45zXQ99tAujx02TmMy5dWvizxGz7ry6TfMeSQZR
pNCegVJgb4KwfbQlfETFh8auL2inWWdf89NZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUQyHFS3N2BMf6fSdYt8SIi0pXLbswHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1F5SEZTM04yQk1mNmZTZFl0OFNJaTBw
WExicy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PUUwDQYJ
KoZIhvcNAQELBQADggEBAF6DkskNsFlQNqjA8Z6BMRN10Y7EH5rBkvfGGF6wUQ4L
yz9mt+bTDDonhBA/rXrg2R2aqd9ojm2h/2Yp6ByrLVdu4h6fC9O6jmSPoaHg/Gub
1VpkSWFqO4PNRvnl5slt7DHPyj18dUmHrxzkOTaEhjqxGJtVHKc+Uy3PzrMk0y9A
0I2tOy3URaowKAjWbpyboEgG8WnGJIq9xRhvP1eFDh/SrLQ4CV49qY5eCqWhwA4e
71409PuCtWAaLU5UeiLslpGTUZFpQb6nzntexM3iuoVomsn8uppyASm0X/QG+ONX
Ic1zkTT5dNLBMhSo5LvjsPzxcdrcu+dVwvtvRplqI7Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org