Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/y5c1xaGbeHvOCh69ZsJF3Qxr1ak.roa
File: y5c1xaGbeHvOCh69ZsJF3Qxr1ak.roa (raw, json)
Hash identifier: OWQv2ZtVhrgE6Lo4+WckRK98/M7jRcHAk8tf+pyydFg=
Subject key identifier: CB:97:35:C5:A1:9B:78:7B:CE:0A:1E:BD:66:C2:45:DD:0C:6B:D5:A9
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 099C
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/y5c1xaGbeHvOCh69ZsJF3Qxr1ak.roa
Signing time: Wed 16 Dec 2020 02:37:01 +0000
ROA not before: Wed 16 Dec 2020 02:37:01 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 210.17.76.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2460 (0x99c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Dec 16 02:37:01 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=CB9735C5A19B787BCE0A1EBD66C245DD0C6BD5A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:30:61:f0:32:6d:74:8f:39:bc:45:4c:77:b1:
9a:45:d0:34:a9:82:ed:2c:e9:b8:c6:40:53:64:6c:
0d:54:33:71:df:60:27:02:b1:10:1a:b5:40:53:60:
64:b7:e2:c9:0e:63:1e:90:be:71:54:7a:3a:9b:eb:
6f:51:00:f1:00:f6:8d:8d:1d:b9:6a:82:65:0c:89:
01:6f:bf:35:7f:d1:17:29:16:86:ac:f7:41:40:8a:
b8:ec:c1:12:28:9a:56:bd:70:d2:50:cc:74:58:f2:
96:e3:89:7e:a6:34:d1:cf:a7:2c:95:75:fa:ba:43:
53:6f:fa:12:83:e4:60:66:ca:c8:2c:04:28:0a:57:
34:f9:18:fd:97:f6:13:e9:f2:0e:a7:23:ce:35:07:
b1:0b:38:d8:63:7d:93:7c:b3:a9:97:ac:7c:f5:16:
db:a2:a9:34:c5:31:16:20:7a:d2:92:e3:df:95:23:
fa:35:f9:cb:3e:c8:d6:e9:2c:71:c8:61:05:03:39:
f4:bd:b6:de:08:21:9a:9a:89:15:98:78:4f:ce:4b:
91:1c:ca:d5:ea:b7:2d:f4:18:6f:5a:a6:d7:f9:8e:
3b:cf:5e:d5:b9:5a:c3:bc:80:55:d0:65:ce:0d:41:
d3:a2:87:69:7f:51:b3:d5:9b:a6:91:69:e4:75:e6:
f8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:97:35:C5:A1:9B:78:7B:CE:0A:1E:BD:66:C2:45:DD:0C:6B:D5:A9
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/y5c1xaGbeHvOCh69ZsJF3Qxr1ak.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.17.76.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:cd:16:f4:fb:fd:86:ca:9b:c2:29:48:95:7c:78:98:7c:e4:
42:05:f7:0c:30:88:86:77:db:dc:3a:91:16:cc:e5:ac:87:95:
2e:21:e4:20:2f:fa:25:79:84:ec:7d:49:82:ed:e1:86:30:52:
11:29:fd:20:7b:fe:53:d6:81:07:55:5e:b8:2b:6d:f1:da:69:
8f:19:00:1f:fa:43:46:96:ca:8e:20:40:b6:64:83:51:76:71:
63:13:ff:80:26:6e:2c:a4:5d:00:12:e4:6e:a6:89:e5:83:33:
1b:df:ca:79:ea:36:92:95:89:f2:dc:14:09:cf:23:b4:59:48:
28:78:39:8d:80:7c:1d:3e:9c:f2:fe:cb:30:b2:ee:df:3c:86:
6e:b4:ab:78:b0:a6:b8:16:41:b3:8f:e7:42:fc:de:e7:dc:b6:
b6:0b:7c:28:0a:1c:9f:c7:06:7a:e6:62:b2:ed:26:90:68:a1:
47:48:b4:d0:41:c4:14:a1:97:1e:52:04:6b:0e:d2:9a:5e:a5:
45:91:fc:91:1e:d6:3d:8a:0f:20:42:71:ab:1d:67:db:74:e0:
66:de:d5:15:fa:6b:ab:dc:d4:bc:a7:55:b2:f3:82:b3:7e:74:
8f:7e:6b:eb:8e:f9:f3:95:76:bd:88:a3:59:58:86:d1:da:78:
c9:ce:a6:6a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCZwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTYw
MjM3MDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENCOTczNUM1QTE5Qjc4
N0JDRTBBMUVCRDY2QzI0NUREMEM2QkQ1QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVMGHwMm10jzm8RUx3sZpF0DSpgu0s6bjGQFNkbA1UM3HfYCcC
sRAatUBTYGS34skOYx6QvnFUejqb629RAPEA9o2NHblqgmUMiQFvvzV/0RcpFoas
90FAirjswRIomla9cNJQzHRY8pbjiX6mNNHPpyyVdfq6Q1Nv+hKD5GBmysgsBCgK
VzT5GP2X9hPp8g6nI841B7ELONhjfZN8s6mXrHz1FtuiqTTFMRYgetKS49+VI/o1
+cs+yNbpLHHIYQUDOfS9tt4IIZqaiRWYeE/OS5EcytXqty30GG9aptf5jjvPXtW5
WsO8gFXQZc4NQdOih2l/UbPVm6aRaeR15vhdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUy5c1xaGbeHvOCh69ZsJF3Qxr1akwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQveTVjMXhhR2JlSHZPQ2g2
OVpzSkYzUXhyMWFrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRTDANBgkqhkiG9w0BAQsFAAOCAQEACs0W9Pv9hsqbwilIlXx4mHzkQgX3DDCI
hnfb3DqRFszlrIeVLiHkIC/6JXmE7H1Jgu3hhjBSESn9IHv+U9aBB1VeuCtt8dpp
jxkAH/pDRpbKjiBAtmSDUXZxYxP/gCZuLKRdABLkbqaJ5YMzG9/Keeo2kpWJ8twU
Cc8jtFlIKHg5jYB8HT6c8v7LMLLu3zyGbrSreLCmuBZBs4/nQvze59y2tgt8KAoc
n8cGeuZisu0mkGihR0i00EHEFKGXHlIEaw7Sml6lRZH8kR7WPYoPIEJxqx1n23Tg
Zt7VFfprq9zUvKdVsvOCs350j35r647585V2vYijWViG0dp4yc6mag==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:03 2023 by rpki-client on console-ams.rpki-client.org