Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/R3YRY-tkw6PrUOq9NUKlZUDuG90.roa
File: R3YRY-tkw6PrUOq9NUKlZUDuG90.roa (raw, json)
Hash identifier: KgtkglOHTACysToo9JzWEzEporSlvdSLT1x7QyrPREk=
Subject key identifier: 47:76:11:63:EB:64:C3:A3:EB:50:EA:BD:35:42:A5:65:40:EE:1B:DD
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 07A0
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3YRY-tkw6PrUOq9NUKlZUDuG90.roa
Signing time: Tue 29 Sep 2020 09:59:47 +0000
ROA not before: Tue 29 Sep 2020 09:59:47 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18049
IP address blocks: 61.61.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1952 (0x7a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 09:59:47 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=47761163EB64C3A3EB50EABD3542A56540EE1BDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:17:02:36:9c:3b:db:aa:6b:6c:c6:c0:b4:
82:98:e5:ad:80:81:e8:62:87:63:9a:3f:11:60:e1:
3e:17:e9:c5:ef:ff:19:98:72:32:d5:00:32:40:80:
10:11:d2:32:15:02:d2:51:12:74:24:48:a1:ec:bb:
5c:aa:4d:39:97:3f:e7:9c:ba:d5:e5:31:2a:62:22:
4d:ea:62:7b:58:55:29:46:f4:82:8b:c6:ef:ef:16:
fe:b4:dc:79:a9:91:31:83:c8:00:75:e3:fd:0e:91:
b3:39:67:31:d6:cd:df:e8:07:19:c6:de:0e:7f:ce:
1a:04:18:df:95:9e:b7:e2:c3:b1:d1:64:9e:99:1e:
99:9e:df:77:c6:fe:32:6c:e0:3c:cd:9e:35:e2:2c:
d8:e1:25:17:3d:f2:a3:b0:6c:59:4b:17:49:d1:60:
50:33:27:47:4b:a6:45:70:d3:f5:d4:ca:42:fa:15:
52:31:eb:ce:d8:20:0c:a6:9e:57:fd:46:51:09:15:
26:aa:77:48:23:01:f3:35:35:81:c4:fb:40:41:a8:
21:59:e3:2f:e2:30:54:b4:37:a9:4c:f1:81:4a:74:
d9:fb:bc:11:03:d9:7b:f8:2c:d2:74:49:f6:fb:a1:
d1:4c:b9:c9:06:90:d4:14:47:c5:92:64:32:3a:a8:
1a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:76:11:63:EB:64:C3:A3:EB:50:EA:BD:35:42:A5:65:40:EE:1B:DD
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3YRY-tkw6PrUOq9NUKlZUDuG90.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.8.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:e7:e4:79:40:37:4e:e0:b8:bc:5d:b3:50:56:e6:1d:31:94:
7e:12:30:61:2c:35:0f:a0:ec:37:c8:ce:eb:59:e0:0e:a1:20:
1b:45:13:bf:d3:f5:d5:bd:d8:5c:1b:63:bc:b6:f1:11:50:cb:
51:df:1f:a9:f4:7a:8a:5d:ba:3c:e8:70:e6:22:1b:55:97:23:
64:f4:c9:20:d6:b2:7f:67:1c:1d:88:f6:e7:b3:12:79:89:11:
27:3c:07:b1:64:af:74:e0:46:27:3d:ff:9f:84:6c:84:6f:43:
a6:50:c4:e2:60:be:02:d0:14:d2:fc:61:49:e2:0a:d6:a1:43:
94:a9:36:c6:ca:ba:7b:a3:e0:7a:ad:19:77:c2:83:48:a5:b1:
92:0b:07:19:0e:72:4a:53:bb:94:8d:ce:42:5d:d5:0f:78:14:
ef:ed:f0:c9:9d:cf:a8:20:65:98:d0:74:32:cf:77:0b:13:d5:
6a:80:0e:4d:f9:77:b9:43:2c:d4:90:7d:28:7c:2c:4f:3f:77:
0d:80:b4:2c:a4:13:b5:7f:12:c8:9a:30:4f:66:9e:ab:d7:83:
f0:80:45:41:1f:38:06:98:99:f0:0a:d2:8d:e8:49:07:dc:f5:
d3:8b:11:b5:96:99:e7:b8:43:08:1e:2a:40:2d:f2:fc:11:c1:
e7:c9:9a:e2
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMDA5Mjkw
OTU5NDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQ3NzYxMTYzRUI2NEMz
QTNFQjUwRUFCRDM1NDJBNTY1NDBFRTFCREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv5BcCNpw726prbMbAtIKY5a2Agehih2OaPxFg4T4X6cXv/xmY
cjLVADJAgBAR0jIVAtJREnQkSKHsu1yqTTmXP+ecutXlMSpiIk3qYntYVSlG9IKL
xu/vFv603HmpkTGDyAB14/0OkbM5ZzHWzd/oBxnG3g5/zhoEGN+Vnrfiw7HRZJ6Z
Hpme33fG/jJs4DzNnjXiLNjhJRc98qOwbFlLF0nRYFAzJ0dLpkVw0/XUykL6FVIx
687YIAymnlf9RlEJFSaqd0gjAfM1NYHE+0BBqCFZ4y/iMFS0N6lM8YFKdNn7vBED
2Xv4LNJ0Sfb7odFMuckGkNQUR8WSZDI6qBqTAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUR3YRY+tkw6PrUOq9NUKlZUDuG90wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1IzWVJZLXRrdzZQclVPcTlOVUtsWlVE
dUc5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PQgwDQYJ
KoZIhvcNAQELBQADggEBAKfn5HlAN07guLxds1BW5h0xlH4SMGEsNQ+g7DfIzutZ
4A6hIBtFE7/T9dW92FwbY7y28RFQy1HfH6n0eopdujzocOYiG1WXI2T0ySDWsn9n
HB2I9uezEnmJESc8B7Fkr3TgRic9/5+EbIRvQ6ZQxOJgvgLQFNL8YUniCtahQ5Sp
NsbKunuj4HqtGXfCg0ilsZILBxkOckpTu5SNzkJd1Q94FO/t8Mmdz6ggZZjQdDLP
dwsT1WqADk35d7lDLNSQfSh8LE8/dw2AtCykE7V/EsiaME9mnqvXg/CARUEfOAaY
mfAK0o3oSQfc9dOLEbWWmee4QwgeKkAt8vwRwefJmuI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org