Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/1WAcRS0PrLv1snyICKakK5Rxmio.roa
File: 1WAcRS0PrLv1snyICKakK5Rxmio.roa (raw, json)
Hash identifier: +s6UFWuJAzEoFde9ovN8Gy8TeqdGkb48WbPY5P4de+U=
Subject key identifier: D5:60:1C:45:2D:0F:AC:BB:F5:B2:7C:88:08:A6:A4:2B:94:71:9A:2A
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 08EF
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/1WAcRS0PrLv1snyICKakK5Rxmio.roa
Signing time: Wed 16 Dec 2020 08:55:55 +0000
ROA not before: Wed 16 Dec 2020 08:55:55 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9916
IP address blocks: 140.129.52.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2287 (0x8ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Dec 16 08:55:55 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D5601C452D0FACBBF5B27C8808A6A42B94719A2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6a:75:82:79:be:78:77:3e:bf:71:c5:18:a5:
6e:7a:c6:f0:ff:9f:31:a9:15:87:ce:7b:3a:e4:45:
21:3c:cb:35:38:6d:ff:c3:f7:ba:13:38:00:d8:42:
26:65:8e:dc:ad:9a:82:71:3f:af:c9:25:24:e1:57:
30:0f:d9:7b:96:b8:cf:c1:4c:2b:65:85:dc:da:29:
dd:ad:d3:a9:dd:98:2a:e9:35:77:bd:8b:ba:73:f1:
cc:1a:c4:78:e1:d6:e3:29:5c:5c:27:8f:7d:ee:46:
b4:38:53:15:0b:72:fc:a3:e2:ae:de:cf:3a:39:56:
82:74:ec:59:0a:eb:74:65:35:a6:c5:52:89:e2:b6:
02:5e:0f:ad:7a:5a:18:80:19:8d:34:20:3c:97:6c:
8c:11:8b:71:c3:ec:61:89:1b:72:18:85:1c:e9:58:
2a:f7:59:06:7d:dc:a8:cb:76:7d:56:71:00:ca:3c:
4d:2f:7a:51:b0:72:e3:66:7d:29:75:7c:03:3b:2e:
a2:05:c8:12:8a:c3:2d:8c:38:85:79:73:90:d1:b0:
5c:66:a0:10:ed:58:50:eb:81:31:6c:6c:86:a2:01:
3a:13:70:4f:da:43:98:a6:c5:f1:ff:e4:5e:05:35:
52:60:9a:47:4e:12:cc:f8:c2:4d:55:15:6f:88:a7:
44:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:60:1C:45:2D:0F:AC:BB:F5:B2:7C:88:08:A6:A4:2B:94:71:9A:2A
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/1WAcRS0PrLv1snyICKakK5Rxmio.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.52.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:89:39:3b:71:e5:a4:fc:cf:2f:dd:16:10:62:4c:6e:79:78:
64:ec:1b:70:66:fc:f2:3b:a8:dd:37:ab:3d:34:ba:be:6e:9e:
79:60:3f:ee:46:86:32:f2:1d:bd:a5:07:6a:8e:21:bd:c0:bf:
ee:c2:91:89:b9:1d:0a:ab:43:58:3e:07:f2:6f:07:61:21:b9:
e0:a4:a6:4c:cc:f6:21:13:3a:2e:e6:b9:7b:96:30:ff:cb:d2:
62:42:5e:69:b8:03:6a:be:c4:9b:4d:a2:12:50:93:78:ea:91:
1b:c8:7a:46:28:0a:f5:6b:96:8e:27:6e:37:37:12:66:5c:8d:
8b:15:8d:0c:74:8b:12:4d:7f:aa:a6:8b:6c:05:f4:dc:a0:a4:
f0:2c:50:97:09:cd:8f:8a:ff:22:b8:58:64:d2:e5:d1:de:5d:
64:dc:5a:6c:fe:ac:0e:3d:4d:d4:e1:a4:cd:45:d0:95:dc:0f:
f5:d7:50:c6:bb:49:27:b5:71:6b:fd:bd:c6:a6:38:e8:33:25:
99:28:56:30:70:bf:33:66:10:50:cd:07:23:2c:81:66:42:a2:
aa:d2:af:27:26:7c:41:05:89:3b:65:29:0a:fe:e9:23:cf:1e:
f1:3b:4e:62:e2:55:51:73:c7:b5:06:59:12:19:97:d8:53:da:
4d:10:43:a3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMDEyMTYw
ODU1NTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ1NjAxQzQ1MkQwRkFD
QkJGNUIyN0M4ODA4QTZBNDJCOTQ3MTlBMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmanWCeb54dz6/ccUYpW56xvD/nzGpFYfOezrkRSE8yzU4bf/D
97oTOADYQiZljtytmoJxP6/JJSThVzAP2XuWuM/BTCtlhdzaKd2t06ndmCrpNXe9
i7pz8cwaxHjh1uMpXFwnj33uRrQ4UxULcvyj4q7ezzo5VoJ07FkK63RlNabFUoni
tgJeD616WhiAGY00IDyXbIwRi3HD7GGJG3IYhRzpWCr3WQZ93KjLdn1WcQDKPE0v
elGwcuNmfSl1fAM7LqIFyBKKwy2MOIV5c5DRsFxmoBDtWFDrgTFsbIaiAToTcE/a
Q5imxfH/5F4FNVJgmkdOEsz4wk1VFW+Ip0T1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU1WAcRS0PrLv1snyICKakK5RxmiowHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC8xV0FjUlMwUHJMdjFzbnlJQ0th
a0s1UnhtaW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjIE0
MA0GCSqGSIb3DQEBCwUAA4IBAQCNiTk7ceWk/M8v3RYQYkxueXhk7BtwZvzyO6jd
N6s9NLq+bp55YD/uRoYy8h29pQdqjiG9wL/uwpGJuR0Kq0NYPgfybwdhIbngpKZM
zPYhEzou5rl7ljD/y9JiQl5puANqvsSbTaISUJN46pEbyHpGKAr1a5aOJ243NxJm
XI2LFY0MdIsSTX+qpotsBfTcoKTwLFCXCc2Piv8iuFhk0uXR3l1k3Fps/qwOPU3U
4aTNRdCV3A/111DGu0kntXFr/b3GpjjoMyWZKFYwcL8zZhBQzQcjLIFmQqKq0q8n
JnxBBYk7ZSkK/ukjzx7xO05i4lVRc8e1BlkSGZfYU9pNEEOj
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org