Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/l0oAXA-db1OzfdPrqhaSMtljh30.roa
File: l0oAXA-db1OzfdPrqhaSMtljh30.roa (raw, json)
Hash identifier: mBLm1X2IlKDFIaie3AAkWVIqFP6iEX9wJareNv2kT+A=
Subject key identifier: 97:4A:00:5C:0F:9D:6F:53:B3:7D:D3:EB:AA:16:92:32:D9:63:87:7D
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 09E6
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/l0oAXA-db1OzfdPrqhaSMtljh30.roa
Signing time: Wed 29 Sep 2021 02:52:20 +0000
ROA not before: Wed 29 Sep 2021 02:52:20 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9918
IP address blocks: 61.61.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2534 (0x9e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 02:52:20 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=974A005C0F9D6F53B37DD3EBAA169232D963877D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d3:74:63:e8:b3:e7:72:b8:6f:17:a2:94:44:
5f:17:f1:6f:87:1f:78:1a:50:9d:96:5f:db:27:a4:
05:ad:d1:d9:0a:2a:fb:74:43:4d:36:5a:bd:1b:e2:
85:4c:dd:18:a1:f1:b1:d9:ae:fa:29:f9:6d:3f:bd:
9a:a0:f9:2e:70:bf:db:ac:9f:ae:ef:4d:3c:e2:08:
6d:4b:de:da:17:39:df:f3:9f:49:6c:93:ed:b9:dc:
68:34:93:30:6c:77:1d:a1:e5:f9:56:50:ff:1a:bf:
c0:06:43:f1:66:61:37:f2:c5:d1:cc:b8:32:fe:5f:
df:bf:dd:95:d9:f0:4f:cd:32:35:cf:58:0f:37:99:
2f:1a:21:66:12:37:01:b9:6d:9b:4d:ae:67:0c:58:
89:da:ec:e6:2c:2e:8d:09:6b:0d:98:52:e5:53:7a:
a9:6e:57:ba:09:5b:92:76:94:06:29:65:13:98:1d:
20:5b:c1:5e:53:09:03:94:c3:8c:07:00:f7:08:ab:
3d:fb:55:44:b5:70:2b:9e:3d:70:a9:cb:06:47:ea:
40:bb:bc:a9:e2:f4:44:ff:05:cd:4f:dd:ac:86:eb:
ea:d7:82:1a:43:b9:ec:46:03:84:9c:64:1c:97:74:
c8:75:cf:5c:09:56:76:cf:76:e9:ca:cc:f5:30:97:
71:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4A:00:5C:0F:9D:6F:53:B3:7D:D3:EB:AA:16:92:32:D9:63:87:7D
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/l0oAXA-db1OzfdPrqhaSMtljh30.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.0.0/17
Signature Algorithm: sha256WithRSAEncryption
45:a9:05:c8:5e:80:c4:d8:98:d6:e9:02:58:14:17:10:6e:1c:
c3:4a:f9:bc:44:15:31:77:b7:82:13:49:18:60:44:a7:16:ec:
eb:0f:7d:db:03:14:bc:bd:4c:30:a9:46:70:12:9f:f8:bc:a4:
61:bf:1c:83:4d:f8:f9:51:74:fd:f8:26:a6:0d:74:20:1a:b8:
90:63:39:06:e3:0d:bb:7d:9f:18:17:b5:28:99:b0:0a:24:5b:
b5:a8:76:78:dd:62:ce:82:95:5e:07:2e:1b:30:d9:89:50:e4:
72:5d:08:e1:f2:b1:7d:5b:ab:6a:24:1a:04:22:14:b9:1f:ce:
fe:b2:06:2b:03:9e:1e:62:f9:29:bd:a7:02:de:33:65:d6:50:
84:f0:14:f8:75:5d:6e:58:46:58:ff:e2:a1:fb:9a:80:56:2c:
24:ea:26:3c:37:c0:ae:4c:c6:88:24:0e:db:d7:87:ec:d2:40:
9f:45:55:2f:04:2d:dd:3d:85:c2:0b:fa:ad:4d:a6:fd:74:70:
be:33:20:18:5e:ce:80:cb:df:6c:88:9f:59:fb:06:92:ec:e5:
1e:a0:d5:1b:af:39:87:3e:bc:5f:ab:0f:ac:b8:40:36:9d:f4:
3c:7e:35:3b:be:93:fa:89:c0:d7:eb:45:03:b0:35:fd:34:44:
2d:98:78:b7
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMjBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk3NEEwMDVDMEY5RDZG
NTNCMzdERDNFQkFBMTY5MjMyRDk2Mzg3N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM03Rj6LPncrhvF6KURF8X8W+HH3gaUJ2WX9snpAWt0dkKKvt0
Q002Wr0b4oVM3Rih8bHZrvop+W0/vZqg+S5wv9usn67vTTziCG1L3toXOd/zn0ls
k+253Gg0kzBsdx2h5flWUP8av8AGQ/FmYTfyxdHMuDL+X9+/3ZXZ8E/NMjXPWA83
mS8aIWYSNwG5bZtNrmcMWIna7OYsLo0Jaw2YUuVTeqluV7oJW5J2lAYpZROYHSBb
wV5TCQOUw4wHAPcIqz37VUS1cCuePXCpywZH6kC7vKni9ET/Bc1P3ayG6+rXghpD
uexGA4ScZByXdMh1z1wJVnbPdunKzPUwl3HHAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUl0oAXA+db1OzfdPrqhaSMtljh30wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2wwb0FYQS1kYjFPemZkUHJxaGFTTXRs
amgzMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc9PQAwDQYJ
KoZIhvcNAQELBQADggEBAEWpBchegMTYmNbpAlgUFxBuHMNK+bxEFTF3t4ITSRhg
RKcW7OsPfdsDFLy9TDCpRnASn/i8pGG/HINN+PlRdP34JqYNdCAauJBjOQbjDbt9
nxgXtSiZsAokW7WodnjdYs6ClV4HLhsw2YlQ5HJdCOHysX1bq2okGgQiFLkfzv6y
BisDnh5i+Sm9pwLeM2XWUITwFPh1XW5YRlj/4qH7moBWLCTqJjw3wK5MxogkDtvX
h+zSQJ9FVS8ELd09hcIL+q1Npv10cL4zIBhezoDL32yIn1n7BpLs5R6g1RuvOYc+
vF+rD6y4QDad9Dx+NTu+k/qJwNfrRQOwNf00RC2YeLc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org