Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/QhmqaCL1un_8B1nFbxys-tOLXEA.roa
File: QhmqaCL1un_8B1nFbxys-tOLXEA.roa (raw, json)
Hash identifier: kEUcwiTyUac3JZajET3r6xjU+SdqCrict7pbfHPSwNY=
Subject key identifier: 42:19:AA:68:22:F5:BA:7F:FC:07:59:C5:6F:1C:AC:FA:D3:8B:5C:40
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 07F7
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/QhmqaCL1un_8B1nFbxys-tOLXEA.roa
Signing time: Tue 29 Sep 2020 10:06:41 +0000
ROA not before: Tue 29 Sep 2020 10:06:41 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131150
IP address blocks: 163.32.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2039 (0x7f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Sep 29 10:06:41 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=4219AA6822F5BA7FFC0759C56F1CACFAD38B5C40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b6:9a:fc:4a:eb:50:94:fd:6f:3d:3f:bc:e0:
8a:a4:cc:dc:69:2b:58:0f:9c:b7:0c:8b:0f:e9:e8:
99:12:3c:85:bc:11:35:b1:e9:9d:01:da:68:2e:fd:
83:bf:f4:21:ee:16:22:28:86:38:1a:38:ef:f5:2c:
b3:6e:9c:a5:15:4e:4a:a9:d7:85:1c:c7:61:5b:ef:
3d:4d:e3:84:09:d8:a0:e4:81:a2:dc:2a:b8:f3:e2:
9f:dd:14:9c:32:04:f7:81:a3:8d:b4:66:0a:92:38:
5b:b2:95:ad:da:e1:2d:ab:d2:8a:7b:1f:ad:55:91:
4c:4b:4d:9a:08:26:7f:5c:4a:c0:28:1a:fd:64:66:
10:e9:09:56:40:7a:6f:4c:2a:4b:10:fc:1f:db:72:
57:3f:02:b5:6d:62:00:75:5d:73:74:3d:b9:21:f9:
f3:cc:f7:87:b7:64:23:e3:70:cb:bf:33:78:10:a9:
3d:99:8c:c5:6c:90:08:66:06:07:13:44:62:58:66:
a1:e0:d9:00:3b:00:a3:00:ad:99:cb:52:6f:9a:70:
bf:02:f4:d5:da:e7:f8:0b:63:3b:4f:98:77:e1:fc:
db:d6:fb:df:ab:14:71:7a:5c:eb:c6:2b:22:29:40:
a5:51:34:21:a8:e9:58:db:50:86:35:e0:3c:65:8c:
af:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:19:AA:68:22:F5:BA:7F:FC:07:59:C5:6F:1C:AC:FA:D3:8B:5C:40
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/QhmqaCL1un_8B1nFbxys-tOLXEA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
163.32.140.0/22
Signature Algorithm: sha256WithRSAEncryption
46:18:dc:98:26:3c:0b:0e:c7:31:d2:e7:e6:fd:a8:2a:53:31:
7c:54:95:ab:fc:71:da:3d:cd:c3:fd:ee:0b:77:84:d8:ba:08:
e2:bf:ec:82:01:35:93:dc:c8:9c:35:a7:5e:8b:8a:5f:59:41:
54:71:db:a8:94:1b:db:b7:03:cf:c2:8e:11:ff:17:5b:43:f6:
25:02:15:35:7b:58:8f:af:ce:dc:43:30:0d:fe:5c:3b:c0:b4:
83:86:a8:28:16:03:4f:c7:70:d2:27:7f:4b:80:9e:ef:98:8d:
1e:e3:de:fe:c1:ba:0c:43:77:60:f1:40:63:77:25:76:ba:5e:
20:72:fa:ee:a3:04:1f:ca:c8:da:ab:1e:dd:b4:9f:1b:02:b5:
6a:36:28:b9:92:a2:86:d1:69:07:d7:d9:8e:4a:c0:fa:d4:74:
a0:50:ee:3b:36:20:94:9b:58:81:ad:68:e8:c1:ac:85:ba:f4:
85:e0:b5:8d:67:cf:b4:62:11:37:f0:db:ea:ab:9b:81:e5:19:
ba:8c:07:06:2c:7f:c9:fb:a4:ec:f8:bb:fa:8d:06:42:59:e9:
68:ea:31:0d:d4:47:b7:8e:54:b5:d7:6e:fd:99:3d:58:65:e8:
89:ce:4f:38:23:40:b7:ca:cd:0a:9c:ca:f3:bb:38:cd:32:3f:
b1:4c:c5:15
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMDA5Mjkx
MDA2NDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQyMTlBQTY4MjJGNUJB
N0ZGQzA3NTlDNTZGMUNBQ0ZBRDM4QjVDNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbtpr8SutQlP1vPT+84IqkzNxpK1gPnLcMiw/p6JkSPIW8ETWx
6Z0B2mgu/YO/9CHuFiIohjgaOO/1LLNunKUVTkqp14Ucx2Fb7z1N44QJ2KDkgaLc
Krjz4p/dFJwyBPeBo420ZgqSOFuyla3a4S2r0op7H61VkUxLTZoIJn9cSsAoGv1k
ZhDpCVZAem9MKksQ/B/bclc/ArVtYgB1XXN0Pbkh+fPM94e3ZCPjcMu/M3gQqT2Z
jMVskAhmBgcTRGJYZqHg2QA7AKMArZnLUm+acL8C9NXa5/gLYztPmHfh/NvW+9+r
FHF6XOvGKyIpQKVRNCGo6VjbUIY14DxljK/FAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUQhmqaCL1un/8B1nFbxys+tOLXEAwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9RaG1xYUNMMXVuXzhCMW5GYnh5
cy10T0xYRUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoyCM
MA0GCSqGSIb3DQEBCwUAA4IBAQBGGNyYJjwLDscx0ufm/agqUzF8VJWr/HHaPc3D
/e4Ld4TYugjiv+yCATWT3MicNadei4pfWUFUcduolBvbtwPPwo4R/xdbQ/YlAhU1
e1iPr87cQzAN/lw7wLSDhqgoFgNPx3DSJ39LgJ7vmI0e497+wboMQ3dg8UBjdyV2
ul4gcvruowQfysjaqx7dtJ8bArVqNii5kqKG0WkH19mOSsD61HSgUO47NiCUm1iB
rWjowayFuvSF4LWNZ8+0YhE38Nvqq5uB5Rm6jAcGLH/J+6Ts+Lv6jQZCWelo6jEN
1Ee3jlS11279mT1YZeiJzk84I0C3ys0KnMrzuzjNMj+xTMUV
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org