Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/ZGhmBaccRr7JI3xiKzz_dbGr588.roa
File: ZGhmBaccRr7JI3xiKzz_dbGr588.roa (raw, json)
Hash identifier: 6NZhRV4kUIBbH+j7qF/sUM49cQDQMaMrUnrUQju+YXw=
Subject key identifier: 64:68:66:05:A7:1C:46:BE:C9:23:7C:62:2B:3C:FF:75:B1:AB:E7:CF
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0A95
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/ZGhmBaccRr7JI3xiKzz_dbGr588.roa
Signing time: Wed 29 Sep 2021 02:41:23 +0000
ROA not before: Wed 29 Sep 2021 02:41:23 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 1659
IP address blocks: 140.136.0.0/15 maxlen: 15
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2709 (0xa95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 29 02:41:23 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=64686605A71C46BEC9237C622B3CFF75B1ABE7CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:70:6d:6d:e7:c5:84:cb:b3:84:69:bc:20:39:
77:56:1f:a4:91:d4:41:92:72:46:81:85:85:58:07:
d2:22:09:54:13:3e:1b:d5:68:a3:ed:4f:16:9e:bd:
d8:e7:f9:c0:0b:bf:ad:18:74:06:6a:e0:5d:9f:23:
5d:f4:a9:f1:fc:d6:e5:77:5e:c2:99:91:39:d9:77:
4d:ec:f2:01:02:39:c4:51:39:2f:85:52:55:6d:55:
56:a3:a8:6e:13:4e:0f:1b:aa:8f:1c:f9:a9:78:6a:
b5:34:aa:b1:05:c8:c2:40:8a:fc:f7:32:ed:1f:17:
c4:aa:f0:52:2f:cc:27:33:b7:92:95:16:a2:a4:26:
3f:f3:27:a6:7a:3a:52:62:a3:60:31:15:95:26:c6:
fa:c1:5d:45:58:e1:6e:b1:79:92:02:82:c2:b1:9e:
e2:fa:66:07:72:99:c7:52:9a:24:7c:f0:34:71:0f:
44:50:aa:18:ad:6d:ff:90:65:56:6b:86:59:9c:41:
50:4c:da:61:3d:07:0f:c2:b5:31:b9:66:98:5a:92:
7e:ae:25:df:ed:5a:fb:eb:9e:1a:e8:a1:d5:7e:e9:
2b:48:11:40:0c:5e:c2:8d:e1:bf:29:e4:04:1a:1d:
48:97:b0:00:16:f5:81:2c:3e:28:ae:8c:11:6e:67:
af:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:68:66:05:A7:1C:46:BE:C9:23:7C:62:2B:3C:FF:75:B1:AB:E7:CF
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/ZGhmBaccRr7JI3xiKzz_dbGr588.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.136.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1d:80:48:29:fb:b4:73:a5:18:93:97:73:d5:ea:92:cd:96:8f:
58:3a:c5:4d:c8:84:11:6a:8e:17:a2:60:16:26:2c:b1:d0:ce:
b7:41:cd:9b:62:2d:05:06:67:0d:86:44:2c:d3:6a:da:59:de:
c7:bd:8b:a5:b8:d0:9a:ed:6a:f7:8e:7e:73:f7:93:22:91:8b:
13:15:8f:79:16:4a:2e:59:33:eb:6e:71:78:62:68:a2:46:1f:
49:4a:9c:89:a3:c9:91:cb:79:5a:b5:79:2b:80:4c:82:37:79:
7c:f4:44:24:b6:d8:57:3d:73:e0:3a:46:8f:97:88:5c:f5:4e:
b8:fd:e2:4d:6b:ad:bb:a8:a0:05:80:38:bc:6c:1d:6c:c6:96:
7e:ea:e1:eb:ae:a2:c5:b2:35:11:3c:0f:f0:d5:b2:3c:ad:07:
48:de:65:d2:5f:a7:40:93:c7:de:1a:b5:ed:18:ec:67:15:55:
eb:25:1d:f7:72:e1:73:42:37:5c:3a:ae:77:e3:23:6a:59:80:
6f:9c:40:b0:0e:2e:74:84:d4:e0:fa:af:ff:cb:a8:0f:27:26:
79:cf:25:6a:3d:09:9c:2f:50:f5:ec:af:a0:f8:08:28:af:91:
83:e0:f8:b8:5d:3e:81:20:eb:03:54:fd:f4:8c:a9:bf:d1:1c:
ec:1d:b5:a6
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY0Njg2NjA1QTcxQzQ2
QkVDOTIzN0M2MjJCM0NGRjc1QjFBQkU3Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCncG1t58WEy7OEabwgOXdWH6SR1EGSckaBhYVYB9IiCVQTPhvV
aKPtTxaevdjn+cALv60YdAZq4F2fI130qfH81uV3XsKZkTnZd03s8gECOcRROS+F
UlVtVVajqG4TTg8bqo8c+al4arU0qrEFyMJAivz3Mu0fF8Sq8FIvzCczt5KVFqKk
Jj/zJ6Z6OlJio2AxFZUmxvrBXUVY4W6xeZICgsKxnuL6ZgdymcdSmiR88DRxD0RQ
qhitbf+QZVZrhlmcQVBM2mE9Bw/CtTG5Zphakn6uJd/tWvvrnhroodV+6StIEUAM
XsKN4b8p5AQaHUiXsAAW9YEsPiiujBFuZ693AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUZGhmBaccRr7JI3xiKzz/dbGr588wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9aR2htQmFjY1JyN0pJM3hpS3p6
X2RiR3I1ODgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBjIgw
DQYJKoZIhvcNAQELBQADggEBAB2ASCn7tHOlGJOXc9Xqks2Wj1g6xU3IhBFqjhei
YBYmLLHQzrdBzZtiLQUGZw2GRCzTatpZ3se9i6W40JrtaveOfnP3kyKRixMVj3kW
Si5ZM+tucXhiaKJGH0lKnImjyZHLeVq1eSuATII3eXz0RCS22Fc9c+A6Ro+XiFz1
Trj94k1rrbuooAWAOLxsHWzGln7q4euuosWyNRE8D/DVsjytB0jeZdJfp0CTx94a
te0Y7GcVVeslHfdy4XNCN1w6rnfjI2pZgG+cQLAOLnSE1OD6r//LqA8nJnnPJWo9
CZwvUPXsr6D4CCivkYPg+LhdPoEg6wNU/fSMqb/RHOwdtaY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org