Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/lbJrmOGDFX5R2-q-AethTfX9JkM.roa
File: lbJrmOGDFX5R2-q-AethTfX9JkM.roa (raw, json)
Hash identifier: I5zFt0qqvFmE4Z9MeySkvAFs7ddvHqgZBRQkjkXCOAE=
Subject key identifier: 95:B2:6B:98:E1:83:15:7E:51:DB:EA:BE:01:EB:61:4D:F5:FD:26:43
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0A34
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/lbJrmOGDFX5R2-q-AethTfX9JkM.roa
Signing time: Thu 13 Jan 2022 08:35:47 +0000
ROA not before: Thu 13 Jan 2022 08:35:47 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4780
IP address blocks: 211.78.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2612 (0xa34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Jan 13 08:35:47 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=95B26B98E183157E51DBEABE01EB614DF5FD2643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:59:77:1d:9f:e0:c1:d6:86:f3:82:c4:67:36:
be:ba:2d:49:fe:37:ad:87:87:7c:1e:6e:90:c7:e2:
da:bf:72:29:0b:e0:18:9f:53:d8:2b:5d:3f:76:ce:
69:31:c6:27:4d:fa:fd:7a:e0:e5:a2:0d:78:2a:15:
86:86:72:3b:0e:28:7f:58:61:b8:b4:e2:ba:c9:85:
44:d1:01:c2:38:f7:c3:40:52:24:7b:5f:57:e5:24:
34:16:33:5a:eb:30:18:dd:6e:73:72:e2:8e:ed:ea:
c2:c7:8a:db:ac:69:91:f1:8f:a8:91:c4:5f:72:33:
91:38:89:45:19:be:fc:ce:bb:4c:2f:1a:07:77:c5:
a4:8f:25:85:65:1f:3e:6b:ec:e8:bf:dc:85:9a:e6:
81:9a:18:65:4f:87:8c:ec:ee:ed:54:2c:27:52:cd:
d1:43:99:75:58:01:24:75:01:50:c5:31:f3:3c:d1:
33:dc:3f:b4:1c:74:72:e5:98:13:d0:4f:94:59:c4:
82:f7:e1:88:2e:0b:ea:a3:e8:e4:6d:c2:c3:e6:e1:
ad:c8:24:26:61:97:eb:44:0d:8b:03:01:b5:f8:40:
aa:ef:28:fe:af:1b:65:78:5b:27:c4:85:c0:68:f3:
27:98:98:60:5c:f7:e1:d3:13:80:48:53:a5:74:ab:
a1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B2:6B:98:E1:83:15:7E:51:DB:EA:BE:01:EB:61:4D:F5:FD:26:43
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/lbJrmOGDFX5R2-q-AethTfX9JkM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.8.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:03:70:36:ec:37:ce:9e:ee:ce:8b:31:24:64:6d:81:13:c5:
67:e4:cc:86:6c:dc:79:b8:f6:9c:5a:86:ad:8c:df:eb:46:bb:
81:e6:2e:df:2b:59:9c:f9:24:22:dc:b3:4e:56:56:03:a4:04:
10:53:cf:3c:28:27:94:01:fc:22:90:b4:71:d8:fa:40:eb:11:
22:8d:6e:d5:2d:48:7a:86:ce:af:ba:91:b0:79:fe:01:a2:4c:
1c:a5:00:c9:2d:fc:f5:e5:c6:b1:e2:a3:12:91:86:7d:85:7f:
b4:96:f3:91:0a:48:cd:88:36:a1:26:aa:e6:26:77:48:40:11:
f1:43:99:31:a3:c4:28:0f:03:de:3f:5e:df:c1:0f:a3:ae:ec:
74:ce:94:37:17:0f:56:b2:e2:9d:08:94:fd:cf:31:3d:22:c3:
f0:51:e3:83:3b:33:d5:28:76:7e:fc:49:6a:73:17:ca:d2:18:
6d:b3:cd:44:33:2d:0d:59:cc:95:88:0a:d7:2b:6b:a7:32:e4:
fb:e0:e7:0a:e6:67:f7:ca:4d:67:00:dc:52:e0:51:af:0e:f8:
72:89:ac:6d:ed:4a:52:e2:97:4d:b1:5f:13:60:7c:94:72:cb:
7b:b5:70:c3:94:09:3d:d4:0e:09:b9:b7:13:c1:de:04:82:2a:
36:91:2a:17
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCjQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjAxMTMw
ODM1NDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk1QjI2Qjk4RTE4MzE1
N0U1MURCRUFCRTAxRUI2MTRERjVGRDI2NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBWXcdn+DB1obzgsRnNr66LUn+N62Hh3webpDH4tq/cikL4Bif
U9grXT92zmkxxidN+v164OWiDXgqFYaGcjsOKH9YYbi04rrJhUTRAcI498NAUiR7
X1flJDQWM1rrMBjdbnNy4o7t6sLHitusaZHxj6iRxF9yM5E4iUUZvvzOu0wvGgd3
xaSPJYVlHz5r7Oi/3IWa5oGaGGVPh4zs7u1ULCdSzdFDmXVYASR1AVDFMfM80TPc
P7QcdHLlmBPQT5RZxIL34YguC+qj6ORtwsPm4a3IJCZhl+tEDYsDAbX4QKrvKP6v
G2V4WyfEhcBo8yeYmGBc9+HTE4BIU6V0q6FLAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUlbJrmOGDFX5R2+q+AethTfX9JkMwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2xiSnJtT0dERlg1UjItcS1BZXRoVGZY
OUprTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTggwDQYJ
KoZIhvcNAQELBQADggEBAD4DcDbsN86e7s6LMSRkbYETxWfkzIZs3Hm49pxahq2M
3+tGu4HmLt8rWZz5JCLcs05WVgOkBBBTzzwoJ5QB/CKQtHHY+kDrESKNbtUtSHqG
zq+6kbB5/gGiTBylAMkt/PXlxrHioxKRhn2Ff7SW85EKSM2INqEmquYmd0hAEfFD
mTGjxCgPA94/Xt/BD6Ou7HTOlDcXD1ay4p0IlP3PMT0iw/BR44M7M9Uodn78SWpz
F8rSGG2zzUQzLQ1ZzJWICtcra6cy5Pvg5wrmZ/fKTWcA3FLgUa8O+HKJrG3tSlLi
l02xXxNgfJRyy3u1cMOUCT3UDgm5txPB3gSCKjaRKhc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:56 2025 by rpki-client