Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/T5jtqn-uB-TOSI8uInICb9C4tC0.roa
File: T5jtqn-uB-TOSI8uInICb9C4tC0.roa (raw, json)
Hash identifier: Z73ZtkOBUfM5C/lyU7Wtgz+8YTguLEfu6HJeKF2ACes=
Subject key identifier: 4F:98:ED:AA:7F:AE:07:E4:CE:48:8F:2E:22:72:02:6F:D0:B8:B4:2D
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 09D4
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/T5jtqn-uB-TOSI8uInICb9C4tC0.roa
Signing time: Wed 29 Sep 2021 02:52:16 +0000
ROA not before: Wed 29 Sep 2021 02:52:16 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 61.61.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2516 (0x9d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 02:52:16 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4F98EDAA7FAE07E4CE488F2E2272026FD0B8B42D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:45:1b:68:6a:75:af:de:99:9a:d3:e2:66:1f:
cc:58:1e:88:34:aa:1c:ed:4a:e8:27:88:25:be:d7:
97:d3:24:a2:bd:70:fa:39:9e:ef:d0:60:1a:b6:4e:
62:14:0d:b3:10:6b:fa:c8:62:c5:95:10:c4:63:ed:
5c:21:89:4b:66:f0:bc:be:82:42:df:5e:78:77:cf:
aa:91:03:90:02:90:98:b8:e6:7a:83:96:ed:2e:46:
88:92:7d:f0:7b:f5:b0:6e:02:80:00:48:e6:92:aa:
d1:c2:54:04:1a:c2:25:0f:e3:a4:96:dd:ce:e0:f2:
26:69:c2:11:e5:1d:b4:a6:34:97:9b:ec:0f:79:6c:
fd:98:ae:0f:db:58:39:dd:ef:2f:5d:15:f3:3c:b7:
13:94:49:24:48:a4:d0:1d:64:05:65:db:2e:b8:99:
a8:36:39:fc:7e:a2:a4:ea:55:d3:67:c0:c4:ac:a3:
f7:38:56:88:15:40:63:6e:81:45:87:77:46:7e:21:
ba:7a:dc:07:3e:47:c2:62:38:19:ef:57:cd:3d:a0:
c9:0c:37:e7:63:1e:bc:1e:83:67:a1:37:d4:6a:a3:
cd:6c:b7:52:bd:43:21:df:4d:5f:88:a5:b6:19:70:
b8:8f:80:fe:64:a0:44:f8:20:67:5a:bb:58:b2:8e:
00:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:98:ED:AA:7F:AE:07:E4:CE:48:8F:2E:22:72:02:6F:D0:B8:B4:2D
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/T5jtqn-uB-TOSI8uInICb9C4tC0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.60.0/22
Signature Algorithm: sha256WithRSAEncryption
25:c1:68:db:02:9a:84:08:d1:18:c5:8a:00:d1:59:42:ee:07:
e9:31:d4:a6:ce:1c:39:69:79:c3:af:a5:52:d7:a3:4e:27:2f:
03:05:46:b5:85:8d:8a:4d:dd:bc:15:e6:f3:51:4a:50:db:4e:
43:a0:80:bc:c0:8e:c2:d5:ee:c4:87:9d:dc:46:8a:cb:ad:25:
0d:2a:b7:7e:3d:ce:0a:27:8b:5e:65:ee:89:dd:94:06:00:bc:
ad:e8:0f:c7:d5:89:69:c6:ed:13:1b:91:5e:ae:fe:96:8f:36:
77:67:4a:5a:9c:1c:69:7b:33:f1:38:13:63:19:51:8f:32:a2:
a5:20:3d:87:93:50:f7:dd:5d:ea:ed:52:e9:5a:09:7d:71:db:
d8:90:d9:a4:ec:58:89:c4:3e:83:f9:23:fe:f9:61:5a:4e:b0:
e9:f7:72:cd:51:dd:e9:e6:4c:85:c9:8f:7e:5e:70:89:0b:c2:
0f:e9:e6:83:41:98:c7:08:9f:26:43:3d:5e:b7:27:7c:e9:d9:
e6:b2:00:f8:e6:4a:37:3c:a2:4b:a9:6e:17:12:db:34:20:86:
35:2f:6d:14:7f:18:1d:21:87:42:66:32:81:58:6f:7c:3c:83:
a1:ad:94:a7:f3:f1:1b:9d:da:9c:05:77:21:70:53:13:50:ad:
42:a7:11:f0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCdQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDRGOThFREFBN0ZBRTA3
RTRDRTQ4OEYyRTIyNzIwMjZGRDBCOEI0MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBRRtoanWv3pma0+JmH8xYHog0qhztSugniCW+15fTJKK9cPo5
nu/QYBq2TmIUDbMQa/rIYsWVEMRj7VwhiUtm8Ly+gkLfXnh3z6qRA5ACkJi45nqD
lu0uRoiSffB79bBuAoAASOaSqtHCVAQawiUP46SW3c7g8iZpwhHlHbSmNJeb7A95
bP2Yrg/bWDnd7y9dFfM8txOUSSRIpNAdZAVl2y64mag2Ofx+oqTqVdNnwMSso/c4
VogVQGNugUWHd0Z+Ibp63Ac+R8JiOBnvV809oMkMN+djHrweg2ehN9Rqo81st1K9
QyHfTV+IpbYZcLiPgP5koET4IGdau1iyjgBLAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUT5jtqn+uB+TOSI8uInICb9C4tC0wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Q1anRxbi11Qi1UT1NJOHVJbklDYjlD
NHRDMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PTwwDQYJ
KoZIhvcNAQELBQADggEBACXBaNsCmoQI0RjFigDRWULuB+kx1KbOHDlpecOvpVLX
o04nLwMFRrWFjYpN3bwV5vNRSlDbTkOggLzAjsLV7sSHndxGisutJQ0qt349zgon
i15l7ondlAYAvK3oD8fViWnG7RMbkV6u/paPNndnSlqcHGl7M/E4E2MZUY8yoqUg
PYeTUPfdXertUulaCX1x29iQ2aTsWInEPoP5I/75YVpOsOn3cs1R3enmTIXJj35e
cIkLwg/p5oNBmMcInyZDPV63J3zp2eayAPjmSjc8okupbhcS2zQghjUvbRR/GB0h
h0JmMoFYb3w8g6GtlKfz8Rud2pwFdyFwUxNQrUKnEfA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org