Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/XjqjOPp1zPMIQZoQmNSRZhl1mMo.roa
File: XjqjOPp1zPMIQZoQmNSRZhl1mMo.roa (raw, json)
Hash identifier: nmueEs2RR7H/3xu1mGuNbQ7Q4/ia4pap16Bc2wXLGcE=
Subject key identifier: 5E:3A:A3:38:FA:75:CC:F3:08:41:9A:10:98:D4:91:66:19:75:98:CA
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 09D1
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/XjqjOPp1zPMIQZoQmNSRZhl1mMo.roa
Signing time: Wed 29 Sep 2021 02:52:15 +0000
ROA not before: Wed 29 Sep 2021 02:52:15 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 61.61.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2513 (0x9d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 02:52:15 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=5E3AA338FA75CCF308419A1098D49166197598CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:ba:d5:23:73:3c:2d:45:36:56:80:34:8c:
41:4a:75:ea:e8:a7:f6:76:20:87:0b:d4:6f:55:2a:
9f:44:33:63:5a:13:03:82:52:71:c7:ce:fa:38:53:
37:b4:b6:2c:d9:7e:91:5f:69:b0:1c:c8:29:ce:3a:
e4:dc:c0:2b:0c:67:2f:68:c9:b9:48:94:ed:9e:f7:
2c:91:a4:72:c6:e9:53:b3:c3:0d:fe:ba:73:e1:d4:
50:85:e8:2b:fc:31:7f:78:9f:93:5b:bd:d8:72:ee:
9e:ba:db:3f:fd:cd:48:11:a5:95:96:48:33:81:6f:
34:17:81:fe:78:a7:7a:0f:77:51:8e:1b:1b:52:6a:
b0:5b:ef:89:fe:85:3c:48:ee:83:26:94:01:35:8a:
e6:72:4e:0f:6b:cf:42:0c:81:f4:8d:fb:ad:54:92:
97:80:a9:7b:80:6f:1d:a5:e1:d1:0a:b1:8a:2f:94:
2b:ab:dc:9c:a6:a2:81:0a:76:cf:88:d4:ec:78:99:
1f:61:ee:ea:71:67:34:ce:f2:d5:69:2b:e9:d5:16:
da:7a:01:9a:af:8e:b4:66:52:9d:b0:4f:d0:e3:de:
09:fb:9a:63:08:eb:52:95:a9:27:f5:11:ad:f2:34:
f2:71:59:25:f9:72:1d:de:01:4c:70:18:a1:68:55:
52:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3A:A3:38:FA:75:CC:F3:08:41:9A:10:98:D4:91:66:19:75:98:CA
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/XjqjOPp1zPMIQZoQmNSRZhl1mMo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.168.0/21
Signature Algorithm: sha256WithRSAEncryption
94:13:e9:56:d8:c4:b7:d9:20:0f:3f:e5:cf:34:c7:80:1f:fe:
c3:b7:75:df:40:38:ac:55:f3:bb:23:7c:c0:54:8e:d9:03:d6:
c0:76:8e:41:01:e2:3e:b6:d6:f4:15:1c:96:d9:98:33:8d:96:
0f:69:78:50:08:b3:2a:d5:a2:31:c4:a4:f4:64:79:84:50:92:
f5:75:c0:45:e1:cb:70:6b:86:42:79:c6:c7:3c:66:a6:49:a4:
c2:87:72:f4:8f:ad:e8:c0:95:97:ef:a0:9d:30:38:20:dc:30:
d6:b7:b1:a3:cb:95:a9:9d:95:2d:23:c1:5e:a0:55:31:3f:ba:
6e:2f:5a:ed:d8:f5:1d:5e:26:b2:9d:ef:7f:27:02:4a:a8:8b:
ba:bf:bf:b1:80:32:04:33:73:72:10:d2:53:ed:eb:79:bc:27:
6f:d8:f6:d8:01:cd:89:0a:25:3d:d9:ed:b6:6d:4c:c2:9f:02:
cb:df:d3:1c:a5:67:3c:e5:cc:1f:b4:dd:c5:bb:3c:1c:49:0f:
cb:d6:08:d0:97:47:b2:0c:c4:90:95:ac:5f:2b:8d:ee:f8:7e:
7c:0b:47:b6:6f:4e:f7:bd:ce:f5:a1:2b:8b:fb:fd:30:3c:c7:
7b:c8:c7:98:d6:64:8b:07:5e:3b:49:3d:f3:8f:f5:5e:bb:04:
6a:b5:bb:b0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCdEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDVFM0FBMzM4RkE3NUND
RjMwODQxOUExMDk4RDQ5MTY2MTk3NTk4Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClhbrVI3M8LUU2VoA0jEFKderop/Z2IIcL1G9VKp9EM2NaEwOC
UnHHzvo4Uze0tizZfpFfabAcyCnOOuTcwCsMZy9oyblIlO2e9yyRpHLG6VOzww3+
unPh1FCF6Cv8MX94n5Nbvdhy7p662z/9zUgRpZWWSDOBbzQXgf54p3oPd1GOGxtS
arBb74n+hTxI7oMmlAE1iuZyTg9rz0IMgfSN+61UkpeAqXuAbx2l4dEKsYovlCur
3JymooEKds+I1Ox4mR9h7upxZzTO8tVpK+nVFtp6AZqvjrRmUp2wT9Dj3gn7mmMI
61KVqSf1Ea3yNPJxWSX5ch3eAUxwGKFoVVKvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUXjqjOPp1zPMIQZoQmNSRZhl1mMowHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1hqcWpPUHAxelBNSVFab1FtTlNSWmhs
MW1Nby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PagwDQYJ
KoZIhvcNAQELBQADggEBAJQT6VbYxLfZIA8/5c80x4Af/sO3dd9AOKxV87sjfMBU
jtkD1sB2jkEB4j621vQVHJbZmDONlg9peFAIsyrVojHEpPRkeYRQkvV1wEXhy3Br
hkJ5xsc8ZqZJpMKHcvSPrejAlZfvoJ0wOCDcMNa3saPLlamdlS0jwV6gVTE/um4v
Wu3Y9R1eJrKd738nAkqoi7q/v7GAMgQzc3IQ0lPt63m8J2/Y9tgBzYkKJT3Z7bZt
TMKfAsvf0xylZzzlzB+03cW7PBxJD8vWCNCXR7IMxJCVrF8rje74fnwLR7ZvTve9
zvWhK4v7/TA8x3vIx5jWZIsHXjtJPfOP9V67BGq1u7A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-fra.rpki-client.org