Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/TOpZKbM8aPZcHsjH-tueDNCpYGw.roa
File: TOpZKbM8aPZcHsjH-tueDNCpYGw.roa (raw, json)
Hash identifier: LnNi+58Bl3g/IpiZSbTtVfyziJfFtWxG+L3qH+ACcNQ=
Subject key identifier: 4C:EA:59:29:B3:3C:68:F6:5C:1E:C8:C7:FA:DB:9E:0C:D0:A9:60:6C
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0CAF
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/TOpZKbM8aPZcHsjH-tueDNCpYGw.roa
Signing time: Wed 29 Sep 2021 02:50:08 +0000
ROA not before: Wed 29 Sep 2021 02:50:08 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131597
IP address blocks: 219.86.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3247 (0xcaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 29 02:50:08 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4CEA5929B33C68F65C1EC8C7FADB9E0CD0A9606C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4f:4e:9c:11:2e:f7:fa:e5:3d:aa:67:f4:ec:
d6:db:12:eb:2c:26:d0:e1:a3:40:b9:e3:e5:2b:bc:
1d:81:73:d6:a6:77:09:a0:ac:0f:34:ff:97:a3:00:
2f:f3:11:79:7d:c4:76:de:ed:ca:58:f7:4c:30:77:
3d:97:03:7b:dd:04:f3:74:cb:39:01:82:c9:2e:01:
7d:cd:1d:b8:75:5c:4f:ed:f1:c3:aa:6c:f3:0c:be:
aa:29:15:35:33:90:8a:ee:4c:5e:a6:43:3e:cc:6e:
b1:70:85:61:10:49:ff:1f:26:13:a2:d1:b2:96:48:
a9:8d:4b:a1:fc:e8:a0:b2:30:42:ae:bd:9a:d4:dc:
d6:47:81:02:7d:88:a5:24:22:fd:aa:ca:4a:ca:18:
86:7d:5c:8d:f2:d5:e2:f9:79:1b:1b:75:27:c5:fc:
03:8f:39:0b:71:35:b7:c1:73:6b:2e:21:82:ca:24:
04:81:eb:83:cc:40:9d:4c:03:be:09:86:65:99:5f:
44:f6:c3:f6:30:c3:2a:b6:b4:6f:ca:19:e5:06:f9:
e8:cc:59:39:5a:69:58:f0:88:0a:f6:af:3f:68:29:
5a:54:ca:1c:05:a7:97:a1:f0:da:1d:da:a1:be:29:
a5:ea:0f:6c:da:bb:6b:d0:25:0e:07:cb:e9:de:7c:
ec:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:EA:59:29:B3:3C:68:F6:5C:1E:C8:C7:FA:DB:9E:0C:D0:A9:60:6C
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/TOpZKbM8aPZcHsjH-tueDNCpYGw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.86.0.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:13:64:bc:99:a7:4d:a6:e4:db:1a:4a:b7:36:58:4b:18:5a:
88:b4:05:b3:81:55:a4:49:e7:fd:de:ee:6d:5b:5a:f2:52:61:
70:92:da:b0:88:a9:9a:39:0d:21:e4:64:50:24:de:c6:17:e3:
fb:17:66:f3:19:7b:75:e1:de:f2:0c:97:8b:75:17:6f:4c:1e:
ae:af:73:3f:d0:72:b0:e1:c9:99:1d:91:7a:ac:f9:6a:81:4e:
8f:35:27:bc:4c:40:8e:e1:64:b0:ab:de:fd:74:d8:26:d9:f9:
71:e3:7d:37:bd:6c:cf:7d:ee:41:17:cc:9f:7e:df:fa:df:b9:
ea:f4:db:83:73:5a:12:f2:0a:8e:62:0e:b4:ae:2f:85:1a:58:
1c:b9:34:65:32:9d:f7:cd:96:8a:37:e8:56:90:50:00:e1:0d:
17:66:de:84:f0:08:54:a8:31:eb:8b:f3:3d:e1:87:3a:af:2a:
69:fa:66:54:84:fa:72:5d:c4:41:ff:96:87:45:21:e6:f1:35:
07:d2:80:f4:0d:a3:92:ff:33:c1:6d:d2:87:ee:60:2d:8d:90:
a5:4f:dc:ca:52:75:3c:a8:1a:a2:5b:bc:2c:0b:8d:b1:81:24:
4b:cc:a1:04:ab:3b:88:39:5c:ff:43:b8:1e:50:01:0c:3a:85:
46:60:b0:64
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjUwMDhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDRDRUE1OTI5QjMzQzY4
RjY1QzFFQzhDN0ZBREI5RTBDRDBBOTYwNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGT06cES73+uU9qmf07NbbEussJtDho0C54+UrvB2Bc9amdwmg
rA80/5ejAC/zEXl9xHbe7cpY90wwdz2XA3vdBPN0yzkBgskuAX3NHbh1XE/t8cOq
bPMMvqopFTUzkIruTF6mQz7MbrFwhWEQSf8fJhOi0bKWSKmNS6H86KCyMEKuvZrU
3NZHgQJ9iKUkIv2qykrKGIZ9XI3y1eL5eRsbdSfF/AOPOQtxNbfBc2suIYLKJASB
64PMQJ1MA74JhmWZX0T2w/Ywwyq2tG/KGeUG+ejMWTlaaVjwiAr2rz9oKVpUyhwF
p5eh8Nod2qG+KaXqD2zau2vQJQ4Hy+nefOy5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTOpZKbM8aPZcHsjH+tueDNCpYGwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvVE9wWktiTThhUFpjSHNq
SC10dWVETkNwWUd3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BNtWADANBgkqhkiG9w0BAQsFAAOCAQEAGhNkvJmnTabk2xpKtzZYSxhaiLQFs4FV
pEnn/d7ubVta8lJhcJLasIipmjkNIeRkUCTexhfj+xdm8xl7deHe8gyXi3UXb0we
rq9zP9BysOHJmR2Reqz5aoFOjzUnvExAjuFksKve/XTYJtn5ceN9N71sz33uQRfM
n37f+t+56vTbg3NaEvIKjmIOtK4vhRpYHLk0ZTKd982WijfoVpBQAOENF2behPAI
VKgx64vzPeGHOq8qafpmVIT6cl3EQf+Wh0Uh5vE1B9KA9A2jkv8zwW3Sh+5gLY2Q
pU/cylJ1PKgaolu8LAuNsYEkS8yhBKs7iDlc/0O4HlABDDqFRmCwZA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:03 2023 by rpki-client on console-ams.rpki-client.org