Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/VswCldTzLHnSCIPCF06DIFOxpMk.roa
File: VswCldTzLHnSCIPCF06DIFOxpMk.roa (raw, json)
Hash identifier: E6A5WSONpkhcPrcQoPYJlRqOYXJs5Xd9PXk2BOjPVtM=
Subject key identifier: 56:CC:02:95:D4:F3:2C:79:D2:08:83:C2:17:4E:83:20:53:B1:A4:C9
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/VswCldTzLHnSCIPCF06DIFOxpMk.roa
Signing time: Thu 15 Sep 2022 02:47:17 +0000
ROA not before: Thu 15 Sep 2022 02:47:17 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131597
IP address blocks: 219.86.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3529 (0xdc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 15 02:47:17 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=56CC0295D4F32C79D20883C2174E832053B1A4C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:68:4b:72:0e:5d:25:61:26:56:df:28:73:
38:6e:60:80:05:65:63:24:b0:29:81:6e:ec:b9:32:
f9:3b:7a:c3:2f:01:53:09:7a:d7:59:07:bf:3d:e4:
61:42:59:f8:8d:cf:bd:88:81:9f:53:67:11:91:45:
07:12:e1:57:21:17:99:37:20:94:5e:6a:03:18:77:
0b:7e:84:4b:39:a7:92:8d:3d:30:b3:42:d3:f8:f9:
ef:4c:c8:47:26:e2:a5:b6:36:53:0d:4a:6b:fe:0d:
86:97:7e:c4:ec:31:a7:57:25:15:14:66:52:86:9c:
82:cb:5d:32:90:ba:20:81:cf:ef:07:86:48:fb:f2:
25:ee:06:89:de:a7:86:75:ea:37:57:32:5f:73:54:
79:44:12:54:97:22:89:10:9a:ac:ad:10:79:b4:31:
cb:56:f4:dd:b8:b5:bb:a9:1d:f2:54:7a:2b:24:c9:
79:13:08:ea:3e:eb:6c:c7:46:65:d1:a7:61:fb:54:
11:80:c1:de:0a:e5:58:e9:80:7b:9b:79:10:ca:49:
b2:75:b9:94:91:e4:04:ce:39:61:ef:cc:ba:98:53:
5c:3a:9d:85:94:7a:e5:53:cd:df:c0:dd:fd:83:29:
78:36:34:d3:78:59:9e:c0:5d:02:ed:59:c1:41:04:
90:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CC:02:95:D4:F3:2C:79:D2:08:83:C2:17:4E:83:20:53:B1:A4:C9
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/VswCldTzLHnSCIPCF06DIFOxpMk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.86.52.0/22
Signature Algorithm: sha256WithRSAEncryption
70:82:2a:32:7f:f0:9d:d7:e7:4b:93:ce:7e:18:c3:4b:fb:bf:
38:f1:cb:65:50:57:d6:72:61:c0:df:73:2b:cb:3b:f4:c9:15:
09:aa:d2:e2:91:9a:3a:c1:a3:71:d4:27:f7:4a:db:0d:48:a2:
d1:c3:a7:ab:04:88:88:a3:3b:43:a8:2b:d1:18:bb:a0:0a:58:
04:01:63:e5:76:fc:58:46:12:8c:12:d5:84:15:d4:8b:c2:0c:
5f:a1:6a:ef:03:f1:ad:7e:ab:28:09:bc:81:7b:61:3d:cd:d1:
3d:c6:e5:96:9e:b5:4b:23:c4:17:e0:cf:77:54:83:75:a8:b2:
f5:77:02:fb:a7:53:fd:b6:5c:b2:b0:c9:85:49:16:6a:d5:f4:
90:4a:7e:ac:3f:14:73:4f:f0:6d:2e:7e:66:bb:7a:c0:1e:06:
4d:3c:16:86:b4:50:fa:98:96:b4:2d:fa:eb:72:0f:e3:79:c0:
1d:82:32:3e:bb:9c:7f:06:c9:bf:dc:94:26:23:60:7f:eb:4b:
ee:d5:ef:bf:33:b8:ca:ab:a7:b1:25:e8:7d:3f:f1:e6:cd:fd:
ab:a2:02:de:7e:cf:14:43:0c:5d:3c:47:5e:e0:a8:b4:2d:03:
63:74:87:b0:37:d6:84:94:fe:80:47:f4:19:e5:8f:3c:fb:e7:
cb:1b:b7:ee
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDU2Q0MwMjk1RDRGMzJD
NzlEMjA4ODNDMjE3NEU4MzIwNTNCMUE0QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6SWhLcg5dJWEmVt8oczhuYIAFZWMksCmBbuy5Mvk7esMvAVMJ
etdZB7895GFCWfiNz72IgZ9TZxGRRQcS4VchF5k3IJReagMYdwt+hEs5p5KNPTCz
QtP4+e9MyEcm4qW2NlMNSmv+DYaXfsTsMadXJRUUZlKGnILLXTKQuiCBz+8Hhkj7
8iXuBonep4Z16jdXMl9zVHlEElSXIokQmqytEHm0MctW9N24tbupHfJUeiskyXkT
COo+62zHRmXRp2H7VBGAwd4K5VjpgHubeRDKSbJ1uZSR5ATOOWHvzLqYU1w6nYWU
euVTzd/A3f2DKXg2NNN4WZ7AXQLtWcFBBJBBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVswCldTzLHnSCIPCF06DIFOxpMkwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvVnN3Q2xkVHpMSG5TQ0lQ
Q0YwNkRJRk94cE1rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AttWNDANBgkqhkiG9w0BAQsFAAOCAQEAcIIqMn/wndfnS5POfhjDS/u/OPHLZVBX
1nJhwN9zK8s79MkVCarS4pGaOsGjcdQn90rbDUii0cOnqwSIiKM7Q6gr0Ri7oApY
BAFj5Xb8WEYSjBLVhBXUi8IMX6Fq7wPxrX6rKAm8gXthPc3RPcbllp61SyPEF+DP
d1SDdaiy9XcC+6dT/bZcsrDJhUkWatX0kEp+rD8Uc0/wbS5+Zrt6wB4GTTwWhrRQ
+piWtC3663IP43nAHYIyPrucfwbJv9yUJiNgf+tL7tXvvzO4yqunsSXofT/x5s39
q6IC3n7PFEMMXTxHXuCotC0DY3SHsDfWhJT+gEf0GeWPPPvnyxu37g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org