Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/Krdvg5NwPVVCzQste5rkNoeFtfI.roa
File: Krdvg5NwPVVCzQste5rkNoeFtfI.roa (raw, json)
Hash identifier: No3RIX6C9i2Zk6vz8s9pzqet0d5FSsqe69EwudjvdyU=
Subject key identifier: 2A:B7:6F:83:93:70:3D:55:42:CD:0B:2D:7B:9A:E4:36:87:85:B5:F2
Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial: 0B6E
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/Krdvg5NwPVVCzQste5rkNoeFtfI.roa
Signing time: Fri 01 Sep 2023 09:45:58 +0000
ROA not before: Fri 01 Sep 2023 09:45:58 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18182
IP address blocks: 61.64.128.0/17 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2926 (0xb6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Validity
Not Before: Sep 1 09:45:58 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2AB76F8393703D5542CD0B2D7B9AE4368785B5F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ff:df:cd:8b:b1:e1:3b:55:5a:71:97:2f:65:
0f:93:81:2b:f7:8e:9e:ab:73:0b:58:16:c2:8d:0d:
16:59:07:7c:e3:c2:be:13:1b:9c:3f:24:b6:86:3e:
87:4e:fd:97:1b:91:e0:d1:25:f6:af:51:64:fe:fe:
9d:e6:d9:68:a0:3d:4f:dc:13:62:ca:e2:24:65:9c:
7f:3c:0d:1e:44:fa:90:10:22:99:80:c1:2b:6a:77:
ad:e4:27:9a:e2:cc:1c:5b:8d:88:cb:1a:49:5d:cf:
32:6d:4a:d0:c4:17:91:e3:52:b6:6e:92:c6:12:71:
1b:6e:11:85:d6:a6:f5:fb:6f:c1:18:fe:88:93:71:
9c:4c:81:8f:94:9e:dc:8a:5c:90:e8:b7:f7:48:83:
ee:54:67:60:c4:0a:2b:66:ce:21:ac:9b:e7:56:91:
f2:dc:03:ed:0b:25:a5:ed:a3:53:e2:89:1b:3b:b9:
53:c5:e4:31:76:8c:d5:9d:9b:c8:00:94:5d:df:b0:
5c:c4:cd:40:fe:f8:3c:e0:88:08:40:94:60:a0:ae:
84:7c:8e:15:33:5a:23:77:f0:61:b4:54:e4:9f:a0:
a6:bd:44:7c:b3:fe:71:ab:3f:cf:1a:5e:86:01:9d:
ad:9d:3a:ce:8b:78:4c:75:60:09:9d:04:ac:af:f2:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B7:6F:83:93:70:3D:55:42:CD:0B:2D:7B:9A:E4:36:87:85:B5:F2
X509v3 Authority Key Identifier:
keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/Krdvg5NwPVVCzQste5rkNoeFtfI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.64.128.0/17
Signature Algorithm: sha256WithRSAEncryption
af:aa:c6:21:b5:9b:0b:f3:e1:6e:69:82:49:35:44:c3:e3:ca:
39:8d:48:ea:ae:1e:63:e7:54:8a:89:69:d2:bb:19:ec:1d:18:
9b:59:76:56:aa:60:f0:a6:f5:1a:b5:8f:ee:5d:f5:ae:1d:4d:
eb:c7:99:de:7a:01:e0:ca:d7:08:67:c1:65:70:f8:09:7d:db:
3e:34:ac:c6:ef:e5:72:c8:60:3f:f5:aa:47:ed:27:03:cf:95:
82:ba:53:c4:41:67:25:dd:db:72:6e:6b:0c:70:55:47:0d:96:
7b:13:91:67:ed:b8:a8:cc:34:ab:5c:f9:c4:ec:b5:37:49:e2:
1a:fb:d2:b3:4e:a6:55:cf:69:3a:f8:a7:6b:8b:eb:39:f5:d8:
86:2f:2a:c5:c9:7f:1c:59:7f:f6:8b:d5:90:34:94:ca:d3:7f:
77:3f:40:6d:6a:3b:d6:d9:0e:8e:89:18:e9:97:d8:26:16:d0:
e8:55:cd:d4:af:0e:2d:f6:3e:44:95:f9:ba:6d:ed:da:c3:b4:
d1:ed:0b:c8:c5:d2:67:2f:55:04:7d:c6:e6:ef:88:af:74:92:
79:41:e8:0b:44:b8:b9:74:a8:5b:a3:62:38:2e:1e:57:ca:9a:
bb:85:42:d6:aa:35:28:00:7a:94:ce:84:85:d6:44:31:63:fe:
98:36:a3:82
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC24wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yMzA5MDEw
OTQ1NThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJBQjc2RjgzOTM3MDNE
NTU0MkNEMEIyRDdCOUFFNDM2ODc4NUI1RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA/9/Ni7HhO1VacZcvZQ+TgSv3jp6rcwtYFsKNDRZZB3zjwr4T
G5w/JLaGPodO/ZcbkeDRJfavUWT+/p3m2WigPU/cE2LK4iRlnH88DR5E+pAQIpmA
wStqd63kJ5rizBxbjYjLGkldzzJtStDEF5HjUrZuksYScRtuEYXWpvX7b8EY/oiT
cZxMgY+UntyKXJDot/dIg+5UZ2DECitmziGsm+dWkfLcA+0LJaXto1PiiRs7uVPF
5DF2jNWdm8gAlF3fsFzEzUD++DzgiAhAlGCgroR8jhUzWiN38GG0VOSfoKa9RHyz
/nGrP88aXoYBna2dOs6LeEx1YAmdBKyv8r11AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKrdvg5NwPVVCzQste5rkNoeFtfIwHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9LcmR2ZzVOd1BWVkN6UXN0ZTVy
a05vZUZ0Zkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHPUCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCvqsYhtZsL8+FuaYJJNUTD48o5jUjqrh5j51SK
iWnSuxnsHRibWXZWqmDwpvUatY/uXfWuHU3rx5neegHgytcIZ8FlcPgJfds+NKzG
7+VyyGA/9apH7ScDz5WCulPEQWcl3dtybmsMcFVHDZZ7E5Fn7biozDSrXPnE7LU3
SeIa+9KzTqZVz2k6+Kdri+s59diGLyrFyX8cWX/2i9WQNJTK0393P0BtajvW2Q6O
iRjpl9gmFtDoVc3Urw4t9j5Elfm6be3aw7TR7QvIxdJnL1UEfcbm74ivdJJ5QegL
RLi5dKhbo2I4Lh5Xypq7hULWqjUoAHqUzoSF1kQxY/6YNqOC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:14 2025 by rpki-client