Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/lI5UXhIvirbekvG7hqXPPw62hQw.roa
File: lI5UXhIvirbekvG7hqXPPw62hQw.roa (raw, json)
Hash identifier: +kR2R47jS5P79Wj/fzPL3cqnknKNsrJa3CjTRouVerU=
Subject key identifier: 94:8E:54:5E:12:2F:8A:B6:DE:92:F1:BB:86:A5:CF:3F:0E:B6:85:0C
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 09D2
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/lI5UXhIvirbekvG7hqXPPw62hQw.roa
Signing time: Wed 29 Sep 2021 02:52:15 +0000
ROA not before: Wed 29 Sep 2021 02:52:15 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 61.61.70.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2514 (0x9d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 02:52:15 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=948E545E122F8AB6DE92F1BB86A5CF3F0EB6850C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:72:4e:af:7f:b4:fd:1d:83:7c:a8:ff:e4:e8:
28:3a:ec:c2:4e:09:79:a1:d5:bc:da:03:49:c8:1d:
38:d8:2a:f5:56:1a:67:24:40:48:5c:6c:be:9c:97:
24:1a:c1:14:d5:14:6a:20:5a:1d:82:38:04:60:8f:
78:36:1d:a3:bd:8e:e2:7e:8b:d5:38:7d:dd:51:0a:
d2:2f:62:08:ab:9e:f1:a2:68:0d:6e:7f:16:13:2a:
b7:0d:16:c5:60:d3:74:74:04:1f:67:bd:ba:2f:f6:
69:94:b3:a2:6b:27:7a:d2:f5:09:af:0c:15:46:a0:
75:6b:8a:ad:1b:3d:e7:82:02:1a:72:bf:1d:f6:b1:
c3:79:d2:87:80:d9:d2:e0:3e:51:76:75:08:ec:38:
d9:4a:58:df:6a:77:7d:7d:8a:e0:05:1e:6e:81:21:
22:72:61:a9:ee:8a:be:72:f7:b9:d5:df:b3:8b:51:
bc:9d:8d:a4:e3:25:c0:62:9b:19:94:2f:21:60:f3:
dc:8f:ba:9e:f3:d7:2e:c3:de:18:16:f6:ec:51:27:
a6:20:1f:cc:54:99:47:44:cb:9d:31:ad:01:71:08:
4d:c7:42:fd:3f:0d:07:f2:f1:ca:69:6b:70:ec:32:
29:b3:30:21:18:a0:1a:77:73:00:ae:b5:e1:d3:8d:
15:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8E:54:5E:12:2F:8A:B6:DE:92:F1:BB:86:A5:CF:3F:0E:B6:85:0C
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/lI5UXhIvirbekvG7hqXPPw62hQw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.70.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:23:25:01:fa:79:58:91:77:0a:4a:5e:19:4c:55:eb:2d:0c:
c7:1f:af:c6:5a:62:b1:bb:ed:92:77:52:ea:ee:44:c5:ec:82:
55:8c:e5:bf:80:69:0b:73:92:b2:b7:f5:2c:8d:73:d8:6b:de:
ae:ca:62:d6:90:d0:d6:dc:cf:7e:53:02:85:45:be:c4:01:cd:
5c:66:ad:59:d7:1b:24:9b:12:6b:48:05:0e:15:d3:e7:30:e0:
b5:14:aa:db:f3:56:06:1b:4a:3e:97:e9:14:f1:12:ec:49:e1:
d1:3b:5d:c1:70:46:87:a4:87:2b:71:42:6e:18:3d:93:98:56:
eb:e1:41:f2:17:56:75:c4:3f:2b:76:50:aa:d9:b8:f0:22:21:
8c:f1:fc:d2:3f:78:fb:ff:bb:4c:bd:7e:1a:5a:d1:7a:42:7c:
ff:04:f9:b1:59:fe:45:26:93:48:bf:f8:2a:51:52:ad:34:92:
75:db:1a:c4:3f:33:4d:14:dc:1c:e3:72:1e:4e:8b:d8:05:3c:
ca:7f:81:a2:f6:39:79:9a:13:b0:5e:9f:75:20:a4:9f:75:b5:
a8:46:c9:fe:5c:53:57:64:7d:b1:48:73:3d:6d:f7:c8:96:4c:
d6:46:9a:f5:aa:6b:35:6c:be:d1:fc:1c:ed:55:4d:c4:57:d6:
33:1c:4c:92
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk0OEU1NDVFMTIyRjhB
QjZERTkyRjFCQjg2QTVDRjNGMEVCNjg1MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXck6vf7T9HYN8qP/k6Cg67MJOCXmh1bzaA0nIHTjYKvVWGmck
QEhcbL6clyQawRTVFGogWh2COARgj3g2HaO9juJ+i9U4fd1RCtIvYgirnvGiaA1u
fxYTKrcNFsVg03R0BB9nvbov9mmUs6JrJ3rS9QmvDBVGoHVriq0bPeeCAhpyvx32
scN50oeA2dLgPlF2dQjsONlKWN9qd319iuAFHm6BISJyYanuir5y97nV37OLUbyd
jaTjJcBimxmULyFg89yPup7z1y7D3hgW9uxRJ6YgH8xUmUdEy50xrQFxCE3HQv0/
DQfy8cppa3DsMimzMCEYoBp3cwCuteHTjRWnAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUlI5UXhIvirbekvG7hqXPPw62hQwwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2xJNVVYaEl2aXJiZWt2RzdocVhQUHc2
MmhRdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAE9PUYwDQYJ
KoZIhvcNAQELBQADggEBAE4jJQH6eViRdwpKXhlMVestDMcfr8ZaYrG77ZJ3Uuru
RMXsglWM5b+AaQtzkrK39SyNc9hr3q7KYtaQ0Nbcz35TAoVFvsQBzVxmrVnXGySb
EmtIBQ4V0+cw4LUUqtvzVgYbSj6X6RTxEuxJ4dE7XcFwRoekhytxQm4YPZOYVuvh
QfIXVnXEPyt2UKrZuPAiIYzx/NI/ePv/u0y9fhpa0XpCfP8E+bFZ/kUmk0i/+CpR
Uq00knXbGsQ/M00U3Bzjch5Oi9gFPMp/gaL2OXmaE7Ben3UgpJ91tahGyf5cU1dk
fbFIcz1t98iWTNZGmvWqazVsvtH8HO1VTcRX1jMcTJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org