Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/y4fq3AxTFM5JVyfW3ujKctiJT50.roa
File: y4fq3AxTFM5JVyfW3ujKctiJT50.roa (raw, json)
Hash identifier: AxA+pvy8a0YA5cYcinijOVevWy4JNqElbQpiMGnam0o=
Subject key identifier: CB:87:EA:DC:0C:53:14:CE:49:57:27:D6:DE:E8:CA:72:D8:89:4F:9D
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0C3F
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/y4fq3AxTFM5JVyfW3ujKctiJT50.roa
Signing time: Wed 29 Sep 2021 02:49:35 +0000
ROA not before: Wed 29 Sep 2021 02:49:35 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9924
IP address blocks: 210.17.49.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3135 (0xc3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 29 02:49:35 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=CB87EADC0C5314CE495727D6DEE8CA72D8894F9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ac:9a:f7:02:ad:e4:74:53:82:cc:d5:54:05:
93:43:a4:7e:9c:82:05:82:32:a2:bc:bf:26:d1:e9:
95:49:88:a1:84:93:5a:4c:a8:cb:db:60:1c:bd:3b:
03:7e:99:e6:e3:c2:14:f1:93:cb:24:46:3a:b2:1b:
8f:d3:60:45:90:3c:6b:21:42:fd:bd:72:15:43:64:
10:ba:00:07:13:c6:c6:f9:c3:75:14:b4:8e:d9:8e:
29:cf:67:af:0c:c4:5d:63:e0:26:46:50:b5:a5:94:
8d:74:fa:a8:cc:42:04:09:4e:82:3e:68:43:58:ee:
2d:75:8c:83:f5:2e:e6:4d:49:01:ed:fd:55:ae:ad:
0f:5b:88:ae:33:36:ea:d7:67:de:6e:f9:d2:3a:55:
64:d7:fa:ec:96:8e:19:c0:ae:a6:42:aa:c2:0a:c1:
61:99:5a:7d:f2:d2:61:ab:c8:33:e8:2c:99:f5:b8:
c8:36:6c:0f:73:66:23:0e:4a:b7:19:99:e6:b8:b0:
47:fd:35:ea:96:86:99:3f:0f:92:e8:c9:58:a4:9b:
56:8c:79:f9:01:6f:71:99:d7:59:19:b4:6e:92:b6:
28:67:36:19:cb:d8:36:3d:8c:bc:58:fa:e4:02:ad:
18:8f:f7:f3:33:b5:c0:5e:72:b7:3a:c8:1b:9a:64:
5a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:87:EA:DC:0C:53:14:CE:49:57:27:D6:DE:E8:CA:72:D8:89:4F:9D
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/y4fq3AxTFM5JVyfW3ujKctiJT50.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.17.49.0/24
Signature Algorithm: sha256WithRSAEncryption
61:83:a6:f0:04:fb:d3:17:09:85:2f:2e:38:d9:6e:f4:a1:30:
68:85:e0:0c:e5:50:6b:26:93:21:82:8e:c0:a3:b4:bc:e5:d3:
59:00:f8:70:74:02:87:06:08:21:d0:0c:b1:db:10:b4:a8:65:
79:6c:13:06:21:25:a7:e0:d5:7f:9a:a7:59:3b:81:3e:f1:59:
3e:87:03:f2:df:3b:10:f5:fd:d4:d3:a8:79:1d:9c:64:9f:98:
c9:e8:55:d0:e8:3e:ac:53:cf:06:8f:77:8a:61:a0:2e:59:6d:
8e:9d:f8:99:c7:23:52:75:ab:21:39:33:79:fa:9b:ed:f5:37:
8c:69:db:e0:0a:5b:1b:ac:82:ce:82:46:65:d1:14:b1:a0:eb:
59:fe:2d:0e:88:17:1c:33:fe:68:55:f4:67:27:2e:85:5c:55:
9e:74:69:94:e7:10:d6:4a:92:e8:73:78:b5:24:eb:9f:08:6f:
cc:e2:c2:ec:a2:45:98:60:30:7f:c3:69:06:07:fd:33:60:0d:
df:7c:38:e7:3a:a2:70:67:22:c3:e0:69:92:ec:ce:1a:d5:ac:
a5:c3:54:81:35:5d:e1:65:5f:fe:ee:f4:5d:ba:a6:f0:d9:1e:
97:a0:1d:2d:46:11:db:81:5d:ef:99:c2:0c:d2:00:05:c8:c2:
56:e4:ab:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDD8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjQ5MzVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENCODdFQURDMEM1MzE0
Q0U0OTU3MjdENkRFRThDQTcyRDg4OTRGOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnrJr3Aq3kdFOCzNVUBZNDpH6cggWCMqK8vybR6ZVJiKGEk1pM
qMvbYBy9OwN+mebjwhTxk8skRjqyG4/TYEWQPGshQv29chVDZBC6AAcTxsb5w3UU
tI7ZjinPZ68MxF1j4CZGULWllI10+qjMQgQJToI+aENY7i11jIP1LuZNSQHt/VWu
rQ9biK4zNurXZ95u+dI6VWTX+uyWjhnArqZCqsIKwWGZWn3y0mGryDPoLJn1uMg2
bA9zZiMOSrcZmea4sEf9NeqWhpk/D5LoyVikm1aMefkBb3GZ11kZtG6StihnNhnL
2DY9jLxY+uQCrRiP9/MztcBecrc6yBuaZFpNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUy4fq3AxTFM5JVyfW3ujKctiJT50wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQveTRmcTNBeFRGTTVKVnlm
VzN1aktjdGlKVDUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRMTANBgkqhkiG9w0BAQsFAAOCAQEAYYOm8AT70xcJhS8uONlu9KEwaIXgDOVQ
ayaTIYKOwKO0vOXTWQD4cHQChwYIIdAMsdsQtKhleWwTBiElp+DVf5qnWTuBPvFZ
PocD8t87EPX91NOoeR2cZJ+YyehV0Og+rFPPBo93imGgLlltjp34mccjUnWrITkz
efqb7fU3jGnb4ApbG6yCzoJGZdEUsaDrWf4tDogXHDP+aFX0ZycuhVxVnnRplOcQ
1kqS6HN4tSTrnwhvzOLC7KJFmGAwf8NpBgf9M2AN33w45zqicGciw+BpkuzOGtWs
pcNUgTVd4WVf/u70Xbqm8Nkel6AdLUYR24Fd75nCDNIABcjCVuSrCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org