Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/4Q2osKyZ6m7ABKpdyEbUAkRrhpc.roa
File: 4Q2osKyZ6m7ABKpdyEbUAkRrhpc.roa (raw, json)
Hash identifier: KrXk8wpUbQvexg/owbNyMgYU/QxmZFIaF3IrkMoB4X4=
Subject key identifier: E1:0D:A8:B0:AC:99:EA:6E:C0:04:AA:5D:C8:46:D4:02:44:6B:86:97
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 08F1
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4Q2osKyZ6m7ABKpdyEbUAkRrhpc.roa
Signing time: Wed 16 Dec 2020 08:56:49 +0000
ROA not before: Wed 16 Dec 2020 08:56:49 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9916
IP address blocks: 140.129.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2289 (0x8f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Dec 16 08:56:49 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=E10DA8B0AC99EA6EC004AA5DC846D402446B8697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:79:f2:ce:9e:dd:a0:57:3e:99:e3:1b:61:
49:db:5e:20:5a:8d:ae:c4:52:2e:00:6e:44:f6:de:
79:a8:b8:e2:2b:ef:54:df:b4:cf:6c:85:47:df:6b:
fd:a3:4f:4b:3a:24:4f:04:bd:3f:cd:d2:4e:5e:71:
25:b6:7a:38:13:dd:f9:5b:63:81:03:38:72:cd:f5:
79:ca:89:81:e2:d0:1b:7d:e4:5a:0f:30:cc:31:81:
dc:33:8e:83:d6:0a:e3:36:0a:c4:d7:1b:47:b4:d9:
18:38:29:c5:46:4b:e3:3a:fd:74:e0:2d:9a:d9:e0:
1f:50:b9:c1:06:f9:0e:93:46:6c:d3:bb:ec:23:17:
9b:c0:69:c7:fc:41:e3:db:f3:e4:51:f7:2d:93:70:
b6:f5:9e:2f:79:d8:6f:c1:fe:19:fd:8a:4a:ee:d8:
3b:0a:fd:37:01:29:7b:18:8a:53:ba:f9:2a:42:06:
85:c8:44:16:48:b6:12:00:85:de:90:75:bd:23:90:
16:8a:35:dd:ef:b1:e9:c0:8a:c5:18:40:7b:b6:da:
43:69:e0:69:37:2c:4e:85:e2:b2:36:37:57:f3:72:
d6:98:aa:90:56:80:5b:6d:72:c4:76:4a:24:3b:44:
25:ab:eb:5d:66:de:58:1b:32:a2:1b:66:a4:28:ab:
42:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:0D:A8:B0:AC:99:EA:6E:C0:04:AA:5D:C8:46:D4:02:44:6B:86:97
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4Q2osKyZ6m7ABKpdyEbUAkRrhpc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.56.0/21
Signature Algorithm: sha256WithRSAEncryption
20:55:40:ee:9b:14:bf:f4:5c:53:af:62:ee:99:f3:4c:01:88:
09:66:2f:f2:e3:b6:c0:58:c7:8b:00:ac:f7:8e:aa:ab:23:d0:
95:62:c7:cf:e4:08:d9:8b:be:ec:e2:fa:82:05:47:bf:5a:e8:
40:08:b5:57:96:bb:17:c1:e9:1a:63:72:c6:70:ab:7a:08:55:
b7:e2:16:ad:57:c9:8d:73:f2:2a:6e:0e:08:c6:57:0e:fb:80:
a5:f3:d5:06:5a:92:51:2a:a9:6e:7d:08:9c:94:46:2d:8d:cf:
b4:c1:40:15:14:69:01:f3:b9:37:74:2c:5f:cc:54:db:39:a9:
90:bb:21:b5:28:b2:e6:bd:e4:93:b7:34:d5:82:57:01:d3:a6:
84:89:dc:70:f6:b3:e5:38:ca:b6:d4:f8:ed:bd:14:33:0f:7b:
99:7d:b9:5b:a8:ce:26:1e:8a:e7:af:2e:e8:66:e5:73:3b:86:
8f:25:a9:50:4c:4e:c0:70:ce:0d:8f:0f:91:97:7e:a4:56:d7:
e2:2d:34:58:0d:9a:57:5f:29:c8:1e:ad:ca:c4:93:88:31:6f:
fe:6b:83:01:ac:1b:0b:ca:cd:a4:89:12:dd:75:ba:58:b0:ed:
6d:6f:a3:e9:78:8a:59:14:a6:75:c7:c0:53:f0:d7:31:f9:f7:
10:14:a7:62
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMDEyMTYw
ODU2NDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEUxMERBOEIwQUM5OUVB
NkVDMDA0QUE1REM4NDZENDAyNDQ2Qjg2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Annyzp7doFc+meMbYUnbXiBaja7EUi4AbkT23nmouOIr71Tf
tM9shUffa/2jT0s6JE8EvT/N0k5ecSW2ejgT3flbY4EDOHLN9XnKiYHi0Bt95FoP
MMwxgdwzjoPWCuM2CsTXG0e02Rg4KcVGS+M6/XTgLZrZ4B9QucEG+Q6TRmzTu+wj
F5vAacf8QePb8+RR9y2TcLb1ni952G/B/hn9ikru2DsK/TcBKXsYilO6+SpCBoXI
RBZIthIAhd6Qdb0jkBaKNd3vsenAisUYQHu22kNp4Gk3LE6F4rI2N1fzctaYqpBW
gFttcsR2SiQ7RCWr611m3lgbMqIbZqQoq0K5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU4Q2osKyZ6m7ABKpdyEbUAkRrhpcwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC80UTJvc0t5WjZtN0FCS3BkeUVi
VUFrUnJocGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDjIE4
MA0GCSqGSIb3DQEBCwUAA4IBAQAgVUDumxS/9FxTr2LumfNMAYgJZi/y47bAWMeL
AKz3jqqrI9CVYsfP5AjZi77s4vqCBUe/WuhACLVXlrsXwekaY3LGcKt6CFW34hat
V8mNc/Iqbg4IxlcO+4Cl89UGWpJRKqlufQiclEYtjc+0wUAVFGkB87k3dCxfzFTb
OamQuyG1KLLmveSTtzTVglcB06aEidxw9rPlOMq21PjtvRQzD3uZfblbqM4mHorn
ry7oZuVzO4aPJalQTE7AcM4Njw+Rl36kVtfiLTRYDZpXXynIHq3KxJOIMW/+a4MB
rBsLys2kiRLddbpYsO1tb6PpeIpZFKZ1x8BT8Ncx+fcQFKdi
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org