Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/lgyatlL2tPh0eaT9bYsl32FsMlM.roa
File: lgyatlL2tPh0eaT9bYsl32FsMlM.roa (raw, json)
Hash identifier: mKrpKYIwXBFvZQ1syiak5czpzRsz5lvnWGn0oG6ffaw=
Subject key identifier: 96:0C:9A:B6:52:F6:B4:F8:74:79:A4:FD:6D:8B:25:DF:61:6C:32:53
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0AA4
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/lgyatlL2tPh0eaT9bYsl32FsMlM.roa
Signing time: Thu 23 Jun 2022 05:38:41 +0000
ROA not before: Thu 23 Jun 2022 05:38:41 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 61.61.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2724 (0xaa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Jun 23 05:38:41 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=960C9AB652F6B4F87479A4FD6D8B25DF616C3253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5b:1e:67:f0:8c:f6:5e:3c:92:53:da:a3:6f:
ad:db:62:ec:e8:5e:0e:da:52:25:48:4b:d1:07:c8:
0d:3d:08:a8:ce:13:70:c3:a2:9f:d1:66:18:a4:5f:
6b:81:2d:41:67:5a:1e:c5:f4:93:ea:42:c3:6e:24:
0b:ac:17:8f:10:da:3d:15:ea:4c:67:26:c5:0c:bc:
65:9f:2c:5b:b3:e2:7a:ee:dd:17:2e:44:b9:f8:dd:
cf:11:45:d3:36:05:55:56:6a:b0:f9:7e:65:57:d3:
c6:c8:0d:7b:1e:37:94:8a:89:9c:18:b0:10:28:6c:
4e:7c:42:01:d2:67:17:cc:86:75:bd:8a:5e:d2:ac:
47:44:47:72:69:15:90:e2:9e:c9:06:e5:1f:ce:76:
49:d2:e4:7e:55:f1:90:10:d0:5c:a3:8a:ee:27:40:
aa:39:c6:fc:b8:a7:7f:a8:6a:ce:9c:c2:f8:36:7f:
92:c5:ba:58:3c:74:46:0d:7c:72:d3:2d:21:fe:df:
60:2c:a5:93:ce:74:e5:65:ee:56:b7:a6:0b:a0:e1:
9b:8c:70:cb:67:5b:5d:c3:e9:a8:50:5c:4b:f7:82:
c8:96:cc:4c:b4:46:d9:98:7a:36:89:1d:66:53:13:
f4:5b:81:05:4b:ad:98:f3:22:41:b9:70:03:91:4e:
63:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0C:9A:B6:52:F6:B4:F8:74:79:A4:FD:6D:8B:25:DF:61:6C:32:53
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/lgyatlL2tPh0eaT9bYsl32FsMlM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.44.0/22
Signature Algorithm: sha256WithRSAEncryption
91:57:c9:64:ff:00:4d:7c:86:90:f8:c5:b4:5e:11:d7:51:d1:
b4:2d:a1:79:ec:30:58:5b:76:b5:45:b9:61:ad:fd:75:9d:d5:
40:ca:de:d1:d9:b0:07:b4:e4:ee:2b:7a:48:01:5d:da:5a:72:
16:9e:a6:a5:08:2f:12:cf:d7:aa:65:41:d7:3b:ca:fc:49:ed:
89:e2:3b:88:03:99:08:4c:12:0c:b8:ac:b8:d7:74:03:b6:f9:
df:83:87:ef:9d:ea:8a:77:2e:18:39:fc:dc:bb:67:25:f8:f0:
39:8f:7a:0a:43:91:67:bf:4f:1f:21:9b:ac:4c:5a:8f:14:a2:
59:ab:7e:4d:82:33:19:e8:6a:ed:db:81:f9:df:dc:23:11:86:
2a:eb:3d:03:29:1e:cb:cc:ee:a4:25:a2:87:9e:c7:59:37:9d:
82:8f:95:af:f9:a4:68:24:4c:50:47:0a:67:f1:f1:ad:78:49:
69:08:ab:6a:de:67:e9:78:ba:39:06:a3:ae:13:27:3a:de:e5:
f1:40:b1:2c:83:a7:fb:ff:1e:ad:47:35:b1:0d:8a:4d:ac:2e:
5a:2c:cf:0f:17:24:41:0b:ce:52:64:e1:c7:0b:a1:e9:6e:cc:
19:1f:d7:db:1e:f8:86:6f:48:07:6a:a0:1d:a8:c2:7f:d9:c7:
a3:c7:63:2d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCqQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjA2MjMw
NTM4NDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk2MEM5QUI2NTJGNkI0
Rjg3NDc5QTRGRDZEOEIyNURGNjE2QzMyNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqWx5n8Iz2XjySU9qjb63bYuzoXg7aUiVIS9EHyA09CKjOE3DD
op/RZhikX2uBLUFnWh7F9JPqQsNuJAusF48Q2j0V6kxnJsUMvGWfLFuz4nru3Rcu
RLn43c8RRdM2BVVWarD5fmVX08bIDXseN5SKiZwYsBAobE58QgHSZxfMhnW9il7S
rEdER3JpFZDinskG5R/OdknS5H5V8ZAQ0Fyjiu4nQKo5xvy4p3+oas6cwvg2f5LF
ulg8dEYNfHLTLSH+32AspZPOdOVl7la3pgug4ZuMcMtnW13D6ahQXEv3gsiWzEy0
RtmYejaJHWZTE/RbgQVLrZjzIkG5cAORTmO5AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUlgyatlL2tPh0eaT9bYsl32FsMlMwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2xneWF0bEwydFBoMGVhVDliWXNsMzJG
c01sTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PSwwDQYJ
KoZIhvcNAQELBQADggEBAJFXyWT/AE18hpD4xbReEddR0bQtoXnsMFhbdrVFuWGt
/XWd1UDK3tHZsAe05O4rekgBXdpachaepqUILxLP16plQdc7yvxJ7YniO4gDmQhM
Egy4rLjXdAO2+d+Dh++d6op3Lhg5/Ny7ZyX48DmPegpDkWe/Tx8hm6xMWo8Uolmr
fk2CMxnoau3bgfnf3CMRhirrPQMpHsvM7qQlooeex1k3nYKPla/5pGgkTFBHCmfx
8a14SWkIq2reZ+l4ujkGo64TJzre5fFAsSyDp/v/Hq1HNbENik2sLloszw8XJEEL
zlJk4ccLoeluzBkf19se+IZvSAdqoB2own/Zx6PHYy0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:57 2023 by rpki-client on console-ams.rpki-client.org