Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/KBBSAPhCWQBGcgDgjAQkjW1IO74.roa
File: KBBSAPhCWQBGcgDgjAQkjW1IO74.roa (raw, json)
Hash identifier: Ac5V6RuGCXI+9Cv7+S93gcqDmQn+lky615plts30t+Q=
Subject key identifier: 28:10:52:00:F8:42:59:00:46:72:00:E0:8C:04:24:8D:6D:48:3B:BE
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0C41
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/KBBSAPhCWQBGcgDgjAQkjW1IO74.roa
Signing time: Wed 29 Sep 2021 02:49:36 +0000
ROA not before: Wed 29 Sep 2021 02:49:36 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9924
IP address blocks: 210.17.35.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3137 (0xc41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 29 02:49:36 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=28105200F8425900467200E08C04248D6D483BBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:b0:a8:ed:58:20:10:ca:85:2f:89:5d:eb:0d:
9b:dc:6d:6c:7b:3d:d1:bb:c9:05:83:c7:fe:7d:19:
0d:0d:11:57:a9:cf:23:4f:1c:82:da:27:13:a6:d0:
55:9e:e5:d2:c3:94:aa:e2:e1:76:1e:b1:4e:4a:3e:
74:da:29:98:b6:58:77:c7:d4:5d:13:39:6e:c3:b6:
be:78:33:c4:8c:25:ad:dd:a0:dc:03:52:db:2f:c0:
ce:d0:16:55:15:18:bf:51:90:94:f6:e1:60:18:48:
7e:af:83:50:73:4b:7c:59:a6:18:50:af:4b:55:13:
e5:04:ef:a1:88:a1:92:6d:9f:9d:da:f1:03:46:a9:
bd:bb:12:e7:d1:fd:ab:09:59:a2:cc:52:dd:ce:d0:
c0:f4:32:b3:4e:9f:48:19:2b:3d:d1:47:45:b1:5f:
df:5d:39:7f:b3:c7:21:20:b6:65:12:f0:5d:d0:82:
19:c4:aa:7d:c9:a1:3a:cc:40:17:31:b1:d8:8f:f8:
54:50:e7:05:4b:65:a0:42:b5:d5:14:3c:0b:1d:17:
e3:01:1c:92:c9:db:8a:d2:9b:11:e5:2e:15:93:1a:
b3:76:65:4f:1e:2e:5e:11:b2:18:1f:50:12:cb:6d:
30:a4:16:20:a5:03:9e:f0:ad:db:bd:3a:25:53:c3:
f1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:10:52:00:F8:42:59:00:46:72:00:E0:8C:04:24:8D:6D:48:3B:BE
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/KBBSAPhCWQBGcgDgjAQkjW1IO74.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.17.35.0/24
Signature Algorithm: sha256WithRSAEncryption
85:29:dd:6f:58:ab:c8:ca:0f:f9:30:d1:1e:d8:a6:af:4e:7c:
a7:f1:f5:3b:1e:e5:d5:18:a0:82:02:d3:ed:29:d4:33:a9:55:
80:ba:2a:d8:2b:19:36:40:6b:8b:06:a9:45:03:16:2a:01:81:
6c:b4:85:19:ec:49:78:d2:35:02:42:2a:b6:8d:35:3c:e6:ea:
81:b8:45:5b:a1:c1:5d:d4:f1:a3:2b:6c:fd:91:ee:73:7d:47:
09:15:a2:69:20:64:12:f8:d7:e3:e1:e7:64:2e:94:05:86:c1:
0c:63:31:3c:99:71:99:ae:f5:4f:09:c8:3d:fc:b1:24:15:75:
12:e7:72:1c:61:bb:4a:e9:e5:9d:8f:08:a8:6d:9b:7a:98:40:
36:f2:87:97:23:63:04:be:cd:a4:76:13:07:10:c4:08:3b:72:
98:9d:30:0e:4d:47:b0:d1:cb:b0:e6:db:1d:03:93:11:a8:47:
d5:bb:5a:e2:de:47:ae:40:f7:c3:fd:90:61:85:10:26:bc:ef:
21:fd:cb:68:d1:58:08:4c:5a:89:b2:51:59:a2:3f:26:8f:5e:
2a:df:99:2c:7f:9a:a8:74:d4:7b:71:fc:66:d2:7c:61:9b:2b:
6c:a2:f4:bb:5f:7d:67:d7:f5:23:85:37:ef:2f:70:72:98:a4:
aa:50:c4:0c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjQ5MzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI4MTA1MjAwRjg0MjU5
MDA0NjcyMDBFMDhDMDQyNDhENkQ0ODNCQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8sKjtWCAQyoUviV3rDZvcbWx7PdG7yQWDx/59GQ0NEVepzyNP
HILaJxOm0FWe5dLDlKri4XYesU5KPnTaKZi2WHfH1F0TOW7Dtr54M8SMJa3doNwD
UtsvwM7QFlUVGL9RkJT24WAYSH6vg1BzS3xZphhQr0tVE+UE76GIoZJtn53a8QNG
qb27EufR/asJWaLMUt3O0MD0MrNOn0gZKz3RR0WxX99dOX+zxyEgtmUS8F3QghnE
qn3JoTrMQBcxsdiP+FRQ5wVLZaBCtdUUPAsdF+MBHJLJ24rSmxHlLhWTGrN2ZU8e
Ll4RshgfUBLLbTCkFiClA57wrdu9OiVTw/FdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKBBSAPhCWQBGcgDgjAQkjW1IO74wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvS0JCU0FQaENXUUJHY2dE
Z2pBUWtqVzFJTzc0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRIzANBgkqhkiG9w0BAQsFAAOCAQEAhSndb1iryMoP+TDRHtimr058p/H1Ox7l
1RigggLT7SnUM6lVgLoq2CsZNkBriwapRQMWKgGBbLSFGexJeNI1AkIqto01PObq
gbhFW6HBXdTxoyts/ZHuc31HCRWiaSBkEvjX4+HnZC6UBYbBDGMxPJlxma71TwnI
PfyxJBV1EudyHGG7SunlnY8IqG2bephANvKHlyNjBL7NpHYTBxDECDtymJ0wDk1H
sNHLsObbHQOTEahH1bta4t5HrkD3w/2QYYUQJrzvIf3LaNFYCExaibJRWaI/Jo9e
Kt+ZLH+aqHTUe3H8ZtJ8YZsrbKL0u199Z9f1I4U37y9wcpikqlDEDA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:03 2023 by rpki-client on console-ams.rpki-client.org