Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/KPG7Xsj7N3VJf10Zyr7pLVmxuOQ.roa
File: KPG7Xsj7N3VJf10Zyr7pLVmxuOQ.roa (raw, json)
Hash identifier: v7vfL+84fzvscTIXlq0IA41beDUXxAX8UV363jYsJAA=
Subject key identifier: 28:F1:BB:5E:C8:FB:37:75:49:7F:5D:19:CA:BE:E9:2D:59:B1:B8:E4
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 09E2
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/KPG7Xsj7N3VJf10Zyr7pLVmxuOQ.roa
Signing time: Sun 07 Feb 2021 12:39:22 +0000
ROA not before: Sun 07 Feb 2021 12:39:22 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131150
IP address blocks: 163.32.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2530 (0x9e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Feb 7 12:39:22 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=28F1BB5EC8FB3775497F5D19CABEE92D59B1B8E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:e7:aa:3b:78:23:bd:80:4a:4d:d5:81:da:
e0:b5:e7:cd:16:5d:7f:33:6f:55:8d:23:fd:35:d0:
7f:03:42:cb:f9:93:40:5b:07:d1:a4:88:fa:22:b1:
da:fe:74:03:d9:c1:6b:eb:72:c9:3f:77:49:a0:fb:
40:35:c0:f0:d2:7f:82:e3:d6:c9:6a:ea:3c:ba:7f:
00:04:ed:a1:0e:c2:84:82:03:e0:51:a5:07:73:4c:
f3:1c:5d:e6:9d:a7:09:cf:57:18:ba:14:a1:40:ef:
93:49:1a:a9:9e:d4:58:f0:b6:94:b4:fa:db:71:fd:
55:49:2a:84:de:3b:cd:14:b3:43:cf:8e:f2:47:a4:
58:7f:f5:1b:ce:05:00:78:e1:ff:05:04:f1:03:42:
ff:80:d8:f4:de:41:bd:31:59:35:b8:3c:a7:57:d5:
fc:55:3f:6a:43:80:e2:80:28:fe:40:d5:dc:33:b1:
a7:5a:f4:f0:6a:94:91:cb:e1:40:94:43:a6:47:9f:
83:18:8f:e7:b4:41:b6:7a:7b:b4:f7:c0:f2:69:47:
7c:3d:95:ab:6f:96:13:df:16:5b:53:26:d8:f7:b0:
5c:7e:44:4d:27:da:da:4e:33:01:18:6f:e6:48:cb:
6b:f1:1f:73:cb:77:f2:13:34:84:bd:d5:4e:9d:d0:
0b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F1:BB:5E:C8:FB:37:75:49:7F:5D:19:CA:BE:E9:2D:59:B1:B8:E4
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/KPG7Xsj7N3VJf10Zyr7pLVmxuOQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
163.32.140.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:3b:46:89:d0:36:23:06:e3:75:78:33:f3:3d:2a:ed:16:a0:
ce:ce:e3:68:a9:c7:41:4a:d8:a6:ad:1b:eb:dd:a5:8b:34:66:
59:e1:59:c8:ab:7e:e0:68:08:31:2c:8b:97:dc:e0:f2:57:f5:
44:a5:5c:eb:a7:d2:fe:fa:6e:ee:af:04:9b:b7:a9:04:85:fe:
28:5f:6f:38:9a:65:e9:42:79:e0:b0:10:0d:f3:cf:e4:bf:c9:
7d:fb:e0:02:ca:6c:22:e5:f7:69:e5:d3:ef:8c:a3:52:02:49:
79:5b:4e:76:8f:d9:78:96:5d:e6:5d:bb:8c:eb:5b:9c:c3:c4:
bd:e4:7a:70:3e:f5:63:3c:d6:b6:b7:ab:7a:4d:a6:5f:90:f1:
73:8e:62:c5:56:66:d2:b9:7a:42:35:21:c9:ea:30:39:db:a1:
b9:41:ba:e1:ba:8b:3c:1b:5d:79:62:db:8e:d1:fd:10:6c:83:
36:1e:08:66:71:f2:1d:63:de:f3:f2:7f:b3:bf:b8:dc:55:b8:
1c:ce:31:c3:4d:08:80:6d:81:07:9c:c7:e6:d2:c1:87:eb:81:
be:9a:31:a7:d5:bf:b6:60:5d:db:bf:3f:3d:25:f9:b4:54:90:
6f:4f:79:9e:78:8d:8f:45:d5:63:9e:5a:d8:69:66:e7:f5:d5:
9b:93:3f:5c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTAyMDcx
MjM5MjJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI4RjFCQjVFQzhGQjM3
NzU0OTdGNUQxOUNBQkVFOTJENTlCMUI4RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGweeqO3gjvYBKTdWB2uC1580WXX8zb1WNI/010H8DQsv5k0Bb
B9GkiPoisdr+dAPZwWvrcsk/d0mg+0A1wPDSf4Lj1slq6jy6fwAE7aEOwoSCA+BR
pQdzTPMcXeadpwnPVxi6FKFA75NJGqme1FjwtpS0+ttx/VVJKoTeO80Us0PPjvJH
pFh/9RvOBQB44f8FBPEDQv+A2PTeQb0xWTW4PKdX1fxVP2pDgOKAKP5A1dwzsada
9PBqlJHL4UCUQ6ZHn4MYj+e0QbZ6e7T3wPJpR3w9latvlhPfFltTJtj3sFx+RE0n
2tpOMwEYb+ZIy2vxH3PLd/ITNIS91U6d0AtdAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKPG7Xsj7N3VJf10Zyr7pLVmxuOQwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9LUEc3WHNqN04zVkpmMTBaeXI3
cExWbXh1T1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoyCM
MA0GCSqGSIb3DQEBCwUAA4IBAQC4O0aJ0DYjBuN1eDPzPSrtFqDOzuNoqcdBStim
rRvr3aWLNGZZ4VnIq37gaAgxLIuX3ODyV/VEpVzrp9L++m7urwSbt6kEhf4oX284
mmXpQnngsBAN88/kv8l9++ACymwi5fdp5dPvjKNSAkl5W052j9l4ll3mXbuM61uc
w8S95HpwPvVjPNa2t6t6TaZfkPFzjmLFVmbSuXpCNSHJ6jA526G5Qbrhuos8G115
YtuO0f0QbIM2HghmcfIdY97z8n+zv7jcVbgczjHDTQiAbYEHnMfm0sGH64G+mjGn
1b+2YF3bvz89Jfm0VJBvT3meeI2PRdVjnlrYaWbn9dWbkz9c
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org