Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/KkYPdPi_BQWJVJFp5E81EWRJjqI.roa
File: KkYPdPi_BQWJVJFp5E81EWRJjqI.roa (raw, json)
Hash identifier: 2Mzq/dak1qLCyjvT3jNqLrylvXIUWZpu+Z/luIOhJeE=
Subject key identifier: 2A:46:0F:74:F8:BF:05:05:89:54:91:69:E4:4F:35:11:64:49:8E:A2
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0CAA
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/KkYPdPi_BQWJVJFp5E81EWRJjqI.roa
Signing time: Wed 29 Sep 2021 02:50:07 +0000
ROA not before: Wed 29 Sep 2021 02:50:07 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17213
IP address blocks: 60.198.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3242 (0xcaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 29 02:50:07 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=2A460F74F8BF050589549169E44F351164498EA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:07:4b:9b:3d:c9:13:96:a2:ba:1a:98:0e:81:
e5:7d:77:79:3f:e4:8b:3a:59:d5:f2:e9:d6:0a:13:
8f:31:a1:48:5a:e6:9e:5d:4b:f5:f2:13:32:cc:f9:
b2:54:62:25:2c:87:1b:ef:84:01:18:62:6e:fd:55:
f6:c7:5a:28:fd:1d:6a:f8:2b:76:a9:78:d9:05:1c:
1c:46:9e:27:75:36:c0:02:db:b6:01:18:8c:f2:21:
3e:6a:79:ce:53:49:0c:0b:1c:dd:39:76:70:33:fd:
3a:9f:78:6c:81:d4:3a:6b:a0:21:97:44:56:8b:7b:
10:95:c0:7c:cd:dc:b7:70:52:a3:06:89:7a:03:6c:
f2:6f:54:73:60:b3:f6:2b:75:cb:2c:4e:d8:b7:25:
75:da:d4:28:f6:82:03:ae:f6:05:b0:39:89:02:9e:
0d:10:2a:6a:e5:8f:92:ff:33:9c:03:68:2a:9d:ca:
64:bb:d6:b6:9e:56:1a:b4:3e:f8:82:af:37:11:f4:
07:54:4d:dd:f1:97:26:7a:ce:73:25:a2:7e:32:26:
76:54:c0:e3:b8:86:52:66:2a:68:57:21:3d:81:7e:
fe:16:ba:1f:df:22:a7:74:36:9d:67:14:81:81:29:
3b:1e:74:0a:b9:87:29:2c:62:16:16:eb:cc:f3:e2:
d4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:46:0F:74:F8:BF:05:05:89:54:91:69:E4:4F:35:11:64:49:8E:A2
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/KkYPdPi_BQWJVJFp5E81EWRJjqI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.198.155.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:5f:3f:ca:02:b6:88:f2:a4:80:4f:6c:87:d1:0e:f3:66:f3:
5f:25:5f:36:6d:29:47:c4:30:9e:a0:c7:be:12:1e:07:2b:5a:
d2:9f:37:f1:f8:d1:98:96:2a:c3:9a:d1:0b:4e:9a:f6:45:c9:
57:1a:36:11:66:32:e4:52:97:23:61:d3:15:3e:98:e9:10:9c:
df:84:fe:93:18:51:f6:45:d6:94:97:31:28:d4:42:44:81:38:
b4:0d:f8:8c:75:b4:30:0f:22:76:09:34:51:5c:f3:db:ce:9d:
d9:ba:04:74:94:25:62:d8:b6:dd:5b:30:e6:47:69:40:71:4e:
a4:b3:9a:f7:4a:f8:af:f5:25:03:e9:22:99:d7:9c:08:32:22:
2b:04:0c:6e:a1:05:ab:78:8b:67:0e:3b:3c:fc:67:05:6a:4f:
3a:4c:f1:6f:bb:1a:99:3e:29:0a:47:18:39:c1:77:d8:41:3f:
3b:8d:6d:81:3e:e3:00:6d:a2:b5:2b:fb:6b:85:50:ca:f5:0a:
04:2a:d4:36:57:e3:a8:34:17:f1:45:d3:5f:ff:ce:ad:f6:58:
82:9a:99:b7:8e:d7:55:b5:9a:b7:6c:85:d9:25:7f:3d:3e:8e:
7e:ce:3c:4d:eb:89:41:24:df:a5:65:e2:c0:5d:5e:b9:e9:a2:
f4:2d:04:a4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjUwMDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDJBNDYwRjc0RjhCRjA1
MDU4OTU0OTE2OUU0NEYzNTExNjQ0OThFQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbB0ubPckTlqK6GpgOgeV9d3k/5Is6WdXy6dYKE48xoUha5p5d
S/XyEzLM+bJUYiUshxvvhAEYYm79VfbHWij9HWr4K3apeNkFHBxGnid1NsAC27YB
GIzyIT5qec5TSQwLHN05dnAz/TqfeGyB1DproCGXRFaLexCVwHzN3LdwUqMGiXoD
bPJvVHNgs/YrdcssTti3JXXa1Cj2ggOu9gWwOYkCng0QKmrlj5L/M5wDaCqdymS7
1raeVhq0PviCrzcR9AdUTd3xlyZ6znMlon4yJnZUwOO4hlJmKmhXIT2Bfv4Wuh/f
Iqd0Np1nFIGBKTsedAq5hyksYhYW68zz4tT1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKkYPdPi/BQWJVJFp5E81EWRJjqIwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvS2tZUGRQaV9CUVdKVkpG
cDVFODFFV1JKanFJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzGmzANBgkqhkiG9w0BAQsFAAOCAQEASl8/ygK2iPKkgE9sh9EO82bzXyVfNm0p
R8QwnqDHvhIeByta0p838fjRmJYqw5rRC06a9kXJVxo2EWYy5FKXI2HTFT6Y6RCc
34T+kxhR9kXWlJcxKNRCRIE4tA34jHW0MA8idgk0UVzz286d2boEdJQlYti23Vsw
5kdpQHFOpLOa90r4r/UlA+kimdecCDIiKwQMbqEFq3iLZw47PPxnBWpPOkzxb7sa
mT4pCkcYOcF32EE/O41tgT7jAG2itSv7a4VQyvUKBCrUNlfjqDQX8UXTX//OrfZY
gpqZt47XVbWat2yF2SV/PT6Ofs48TeuJQSTfpWXiwF1euemi9C0EpA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:15 2023 by rpki-client on console-fra.rpki-client.org