Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/1rqDZzFPRwQVbobF7umebLXwxM4.roa
File: 1rqDZzFPRwQVbobF7umebLXwxM4.roa (raw, json)
Hash identifier: InO3gpuJiNx0qf1PeVoLt6ESHMLehl0MsRCEd/CX8/Q=
Subject key identifier: D6:BA:83:67:31:4F:47:04:15:6E:86:C5:EE:E9:9E:6C:B5:F0:C4:CE
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0B4A
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/1rqDZzFPRwQVbobF7umebLXwxM4.roa
Signing time: Sun 07 Feb 2021 13:12:48 +0000
ROA not before: Sun 07 Feb 2021 13:12:48 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 210.17.76.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2890 (0xb4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 7 13:12:48 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D6BA8367314F4704156E86C5EEE99E6CB5F0C4CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:94:86:31:c6:25:d1:5c:c4:72:16:eb:41:83:
c7:b1:c9:4b:2d:9d:33:84:3e:34:11:9c:d5:e6:a0:
cb:e4:65:3a:ed:13:8c:53:6a:5f:2b:86:b4:49:9e:
64:9f:10:11:0f:3a:13:0b:f0:6f:39:19:35:66:9c:
d5:73:0e:00:20:3c:a0:3d:30:93:bd:3d:f6:45:e1:
97:91:ad:6d:fd:76:49:6a:f5:82:cc:b4:47:8a:91:
34:30:9c:82:41:d0:1c:4d:96:bb:fd:39:a4:3d:27:
21:71:56:60:28:13:14:89:3c:4d:bf:7f:73:fc:5c:
4c:41:6a:87:48:42:a7:d3:c4:f1:77:ac:cf:46:33:
b2:85:88:34:8c:54:46:29:bc:0d:f6:49:5a:ba:7d:
0e:cc:23:62:1d:25:5e:84:b9:f3:63:63:91:89:d9:
76:fa:ba:00:c8:3f:76:42:ef:45:cf:1b:25:e4:61:
bb:96:d7:d6:ee:57:14:46:45:9c:5e:df:07:31:f2:
5d:fe:b6:36:43:5b:0b:f9:3d:98:46:db:ec:81:cd:
44:d1:24:0f:7a:0f:5b:01:79:88:5b:7f:b1:f6:e8:
b1:3d:de:c8:66:da:3e:3a:75:12:11:a5:68:cc:25:
0e:02:33:a2:29:d4:31:3b:14:3c:6b:fd:8a:58:d2:
2e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BA:83:67:31:4F:47:04:15:6E:86:C5:EE:E9:9E:6C:B5:F0:C4:CE
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/1rqDZzFPRwQVbobF7umebLXwxM4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.17.76.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:3c:12:47:bb:ac:34:6e:d3:ad:0c:b4:d9:85:ed:82:88:dd:
e2:41:3c:5f:22:72:b6:36:71:88:73:a8:de:98:d7:9c:2b:31:
d3:28:9e:f2:f0:ba:69:f8:bb:bb:b5:ba:df:2a:17:72:20:22:
28:ea:34:00:11:fd:01:5b:b9:39:81:bb:65:1c:c9:15:81:60:
7a:24:50:95:96:b6:84:3e:47:fa:0e:60:ef:0f:2a:04:0a:d2:
7f:c8:78:82:d2:23:ab:23:f3:db:62:55:90:fc:0a:3a:21:13:
c0:e0:7c:cf:ca:e9:ab:66:1e:77:35:69:5b:c1:44:dc:c4:22:
54:f2:56:50:91:d7:15:a1:dd:be:f6:4b:8a:fe:ed:06:f6:97:
53:1b:ba:24:d1:8c:7d:35:c3:e6:68:36:a9:b7:d0:e1:36:46:
f5:bf:14:b1:e7:30:3e:5f:df:22:d3:3e:d3:4d:8e:2d:06:d5:
74:64:12:c3:6a:aa:5f:34:ed:f2:b7:3f:25:a3:d6:99:55:85:
b6:77:79:dd:31:79:b7:3b:b7:8f:6f:4f:8d:78:e8:67:df:dc:
8d:16:11:6b:fe:4d:e3:2d:3a:45:c2:13:7d:74:3d:e8:e9:37:
d2:08:52:47:e2:99:12:bf:92:c2:7b:5a:7b:30:31:20:b5:84:
00:b5:21:f1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICC0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MzEyNDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ2QkE4MzY3MzE0RjQ3
MDQxNTZFODZDNUVFRTk5RTZDQjVGMEM0Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmlIYxxiXRXMRyFutBg8exyUstnTOEPjQRnNXmoMvkZTrtE4xT
al8rhrRJnmSfEBEPOhML8G85GTVmnNVzDgAgPKA9MJO9PfZF4ZeRrW39dklq9YLM
tEeKkTQwnIJB0BxNlrv9OaQ9JyFxVmAoExSJPE2/f3P8XExBaodIQqfTxPF3rM9G
M7KFiDSMVEYpvA32SVq6fQ7MI2IdJV6EufNjY5GJ2Xb6ugDIP3ZC70XPGyXkYbuW
19buVxRGRZxe3wcx8l3+tjZDWwv5PZhG2+yBzUTRJA96D1sBeYhbf7H26LE93shm
2j46dRIRpWjMJQ4CM6Ip1DE7FDxr/YpY0i4VAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1rqDZzFPRwQVbobF7umebLXwxM4wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvMXJxRFp6RlBSd1FWYm9i
Rjd1bWViTFh3eE00LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AtIRTDANBgkqhkiG9w0BAQsFAAOCAQEAHjwSR7usNG7TrQy02YXtgojd4kE8XyJy
tjZxiHOo3pjXnCsx0yie8vC6afi7u7W63yoXciAiKOo0ABH9AVu5OYG7ZRzJFYFg
eiRQlZa2hD5H+g5g7w8qBArSf8h4gtIjqyPz22JVkPwKOiETwOB8z8rpq2YedzVp
W8FE3MQiVPJWUJHXFaHdvvZLiv7tBvaXUxu6JNGMfTXD5mg2qbfQ4TZG9b8Usecw
Pl/fItM+002OLQbVdGQSw2qqXzTt8rc/JaPWmVWFtnd53TF5tzu3j29PjXjoZ9/c
jRYRa/5N4y06RcITfXQ96Ok30ghSR+KZEr+SwntaezAxILWEALUh8Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:02 2023 by rpki-client on console-ams.rpki-client.org