Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/on2V9h6lMwJFpujgqNl4InsAb7c.roa
File: on2V9h6lMwJFpujgqNl4InsAb7c.roa (raw, json)
Hash identifier: vLet9XOjwRVxVNHATRmwOUmqhNxu6af6AVgCTNWgiPc=
Subject key identifier: A2:7D:95:F6:1E:A5:33:02:45:A6:E8:E0:A8:D9:78:22:7B:00:6F:B7
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 09DE
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/on2V9h6lMwJFpujgqNl4InsAb7c.roa
Signing time: Wed 29 Sep 2021 02:52:18 +0000
ROA not before: Wed 29 Sep 2021 02:52:18 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9922
IP address blocks: 61.61.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2526 (0x9de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 29 02:52:18 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A27D95F61EA5330245A6E8E0A8D978227B006FB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:49:3b:19:92:79:2c:b1:23:36:4e:69:ad:9b:
12:20:bf:3a:e0:17:fd:bd:4b:54:a0:80:cb:73:78:
6c:26:a4:16:ef:a7:e5:f8:eb:36:58:63:c1:a4:d0:
eb:a1:e2:4a:0c:e3:31:09:f1:64:ef:c8:e9:ac:81:
55:9b:33:58:2d:16:f9:a0:da:6e:a4:f6:d7:4f:c0:
58:35:39:a7:ed:43:9e:94:f8:22:c6:c7:fe:f7:66:
ac:5f:29:b7:bb:a3:7a:cc:6a:73:b4:e3:6e:cc:f3:
61:33:13:0f:df:43:2b:4a:d4:df:35:19:a5:32:58:
9a:7a:39:32:26:8c:f5:93:15:b0:ea:b3:24:7c:38:
80:e8:e0:06:ee:16:9b:ae:c5:f7:07:c1:4a:76:39:
df:26:6b:4b:35:ef:cb:6b:79:88:12:54:d1:e8:85:
81:b5:cf:dc:05:56:ce:33:ae:d5:fd:28:48:44:b7:
79:5e:22:fa:89:e4:65:5d:1a:43:97:f4:dc:1c:5e:
0a:67:9a:fc:a5:5b:a6:ad:43:66:bf:02:24:64:53:
ed:b5:b9:dc:77:4e:0f:5b:e5:53:fa:f2:5f:cf:33:
ae:6c:38:0c:d7:43:5a:4b:d5:2d:f1:51:4b:62:89:
ec:8a:0b:86:5a:bd:6f:ee:64:44:1b:f6:79:64:75:
33:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7D:95:F6:1E:A5:33:02:45:A6:E8:E0:A8:D9:78:22:7B:00:6F:B7
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/on2V9h6lMwJFpujgqNl4InsAb7c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.76.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:16:d4:ed:3e:bc:84:1a:b4:4e:b1:30:1e:8d:4c:fb:8d:50:
a6:98:bf:0b:54:20:b4:45:68:d2:22:f3:e0:b2:7d:0f:33:e7:
6c:6d:e8:87:4e:7e:ca:94:9e:b9:2b:bd:a0:a7:63:28:dd:53:
c8:80:cc:b8:42:c5:54:64:8a:9e:e8:54:ab:03:dc:b6:08:09:
4f:7d:e0:53:ee:33:b2:ab:35:1e:88:9b:8a:5a:22:d6:53:e2:
33:04:b5:d0:1e:eb:95:60:35:7a:8e:17:79:5d:56:3d:6a:5f:
3b:94:fd:c2:49:d3:bb:76:5d:89:b0:0c:15:c1:1e:77:b7:63:
08:de:6f:e5:cf:c0:24:af:c3:d3:f1:97:02:88:f7:2e:aa:e6:
49:44:0d:ad:54:25:d2:2c:c8:fc:9b:29:d1:c4:36:8b:d9:15:
9f:7a:c0:31:45:b0:aa:7b:d7:a3:46:cf:21:78:58:fa:c9:3e:
84:aa:80:86:16:53:64:fc:2a:02:d3:fd:73:3d:53:a9:13:73:
b3:3f:71:9b:38:dc:de:30:49:55:f4:16:63:e5:37:49:cf:6e:
eb:b3:6e:ab:9f:4a:f8:f5:a1:0b:a4:bf:8a:75:92:51:23:48:
1c:cc:f3:e5:6b:28:8b:16:8d:81:31:4f:42:8e:b9:9d:13:c2:
63:1d:9a:5e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEyN0Q5NUY2MUVBNTMz
MDI0NUE2RThFMEE4RDk3ODIyN0IwMDZGQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaSTsZknkssSM2TmmtmxIgvzrgF/29S1SggMtzeGwmpBbvp+X4
6zZYY8Gk0Ouh4koM4zEJ8WTvyOmsgVWbM1gtFvmg2m6k9tdPwFg1OaftQ56U+CLG
x/73ZqxfKbe7o3rManO0427M82EzEw/fQytK1N81GaUyWJp6OTImjPWTFbDqsyR8
OIDo4AbuFpuuxfcHwUp2Od8ma0s178treYgSVNHohYG1z9wFVs4zrtX9KEhEt3le
IvqJ5GVdGkOX9NwcXgpnmvylW6atQ2a/AiRkU+21udx3Tg9b5VP68l/PM65sOAzX
Q1pL1S3xUUtiieyKC4ZavW/uZEQb9nlkdTPDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUon2V9h6lMwJFpujgqNl4InsAb7cwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL29uMlY5aDZsTXdKRnB1amdxTmw0SW5z
QWI3Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PUwwDQYJ
KoZIhvcNAQELBQADggEBAKQW1O0+vIQatE6xMB6NTPuNUKaYvwtUILRFaNIi8+Cy
fQ8z52xt6IdOfsqUnrkrvaCnYyjdU8iAzLhCxVRkip7oVKsD3LYICU994FPuM7Kr
NR6Im4paItZT4jMEtdAe65VgNXqOF3ldVj1qXzuU/cJJ07t2XYmwDBXBHne3Ywje
b+XPwCSvw9PxlwKI9y6q5klEDa1UJdIsyPybKdHENovZFZ96wDFFsKp716NGzyF4
WPrJPoSqgIYWU2T8KgLT/XM9U6kTc7M/cZs43N4wSVX0FmPlN0nPbuuzbqufSvj1
oQukv4p1klEjSBzM8+VrKIsWjYExT0KOuZ0TwmMdml4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org