Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/Z_dTB-gBE-pceFoxOQGyUQV3DQc.roa
File: Z_dTB-gBE-pceFoxOQGyUQV3DQc.roa (raw, json)
Hash identifier: Mr2dsznLGdwEQ1nnglNeTlaZZ8xfhUnLrQ26HVf5GTs=
Subject key identifier: 67:F7:53:07:E8:01:13:EA:5C:78:5A:31:39:01:B2:51:05:77:0D:07
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0A85
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/Z_dTB-gBE-pceFoxOQGyUQV3DQc.roa
Signing time: Wed 29 Sep 2021 02:41:19 +0000
ROA not before: Wed 29 Sep 2021 02:41:19 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9916
IP address blocks: 140.129.64.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2693 (0xa85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 29 02:41:19 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=67F75307E80113EA5C785A313901B25105770D07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f5:2e:65:f9:f4:b5:7e:b5:04:4e:27:01:5f:
30:2f:ed:13:04:0d:0d:dc:cf:5d:25:3b:6e:b0:1e:
ef:12:5f:85:ee:6a:38:79:a2:d8:e4:54:41:2e:b4:
50:1e:51:90:9b:73:1e:02:8c:a6:ae:c0:38:6f:09:
ce:d4:a0:38:61:48:0f:5f:aa:db:e9:8b:32:62:63:
53:9c:e2:f0:63:1d:52:e6:c5:06:b7:72:e3:95:38:
30:ad:b1:22:81:da:00:a9:a0:31:c5:89:57:3c:f9:
60:77:0b:b4:01:df:85:10:d7:97:7d:e0:07:1a:88:
ed:a2:4d:34:71:2d:50:05:4a:33:8b:44:60:3b:3b:
cd:99:fa:c9:53:68:6a:45:9c:99:29:9c:ea:93:85:
95:2d:38:e5:a8:08:c6:2b:92:ef:65:b6:19:60:e2:
6c:f2:a0:07:43:34:d8:97:85:29:fe:40:be:bf:11:
4c:c2:35:bc:b8:96:eb:31:98:97:3b:ac:f8:00:65:
48:64:d5:68:f5:3b:10:ef:5a:38:e8:20:39:ad:47:
76:b6:3b:29:71:8e:a6:97:d8:74:64:03:b5:7f:9c:
38:5d:e1:0b:a4:de:b5:1d:e3:47:a0:9b:20:ec:47:
46:09:df:65:77:da:71:d4:09:76:08:a0:df:be:d8:
09:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F7:53:07:E8:01:13:EA:5C:78:5A:31:39:01:B2:51:05:77:0D:07
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/Z_dTB-gBE-pceFoxOQGyUQV3DQc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.64.0/20
Signature Algorithm: sha256WithRSAEncryption
72:09:ab:e2:00:e1:74:e6:e7:0c:db:e9:11:ad:ce:fb:17:e6:
65:02:52:e0:02:6d:88:23:5c:ff:fa:5d:15:a3:eb:2a:cb:a0:
97:4f:48:95:05:0e:aa:9e:93:45:bd:47:18:d3:5f:3a:7d:46:
a4:93:0a:b7:7e:b2:70:35:5e:88:83:67:3f:3b:df:c2:1d:95:
8f:c5:9e:e5:6e:7c:d8:b2:de:1d:2f:bf:0b:2e:a5:d2:be:86:
57:a4:7b:1e:b8:f1:ae:a0:8f:d5:50:61:cb:6f:1f:29:43:e0:
e2:d3:89:4a:36:21:12:ac:d0:4c:78:d3:fe:ce:7a:c4:ce:d0:
6f:19:3a:27:61:0a:ea:f6:0f:42:c8:3d:79:47:21:1e:d5:fe:
6c:72:1a:a2:3a:7d:42:aa:b2:bc:21:a3:12:26:3d:f8:08:8c:
80:c1:d7:4c:e0:50:cc:ee:0d:fe:9a:73:66:08:ba:64:4e:be:
d1:06:e1:43:f5:9f:65:70:77:b2:61:6b:f9:0f:32:64:70:b3:
49:96:8e:d9:f1:0e:3a:97:92:dd:37:47:96:5e:d7:66:41:06:
e4:34:ed:23:0b:fd:1f:d7:7e:40:47:39:40:1a:d9:2c:71:2a:
8b:be:51:b6:ed:15:76:ca:6f:29:28:67:ab:ad:90:7d:6d:36:
1a:a2:b5:ed
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY3Rjc1MzA3RTgwMTEz
RUE1Qzc4NUEzMTM5MDFCMjUxMDU3NzBEMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw9S5l+fS1frUETicBXzAv7RMEDQ3cz10lO26wHu8SX4Xuajh5
otjkVEEutFAeUZCbcx4CjKauwDhvCc7UoDhhSA9fqtvpizJiY1Oc4vBjHVLmxQa3
cuOVODCtsSKB2gCpoDHFiVc8+WB3C7QB34UQ15d94AcaiO2iTTRxLVAFSjOLRGA7
O82Z+slTaGpFnJkpnOqThZUtOOWoCMYrku9lthlg4mzyoAdDNNiXhSn+QL6/EUzC
Nby4lusxmJc7rPgAZUhk1Wj1OxDvWjjoIDmtR3a2OylxjqaX2HRkA7V/nDhd4Quk
3rUd40egmyDsR0YJ32V32nHUCXYIoN++2AlzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUZ/dTB+gBE+pceFoxOQGyUQV3DQcwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9aX2RUQi1nQkUtcGNlRm94T1FH
eVVRVjNEUWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEjIFA
MA0GCSqGSIb3DQEBCwUAA4IBAQByCaviAOF05ucM2+kRrc77F+ZlAlLgAm2II1z/
+l0Vo+sqy6CXT0iVBQ6qnpNFvUcY0186fUakkwq3frJwNV6Ig2c/O9/CHZWPxZ7l
bnzYst4dL78LLqXSvoZXpHseuPGuoI/VUGHLbx8pQ+Di04lKNiESrNBMeNP+znrE
ztBvGTonYQrq9g9CyD15RyEe1f5schqiOn1CqrK8IaMSJj34CIyAwddM4FDM7g3+
mnNmCLpkTr7RBuFD9Z9lcHeyYWv5DzJkcLNJlo7Z8Q46l5LdN0eWXtdmQQbkNO0j
C/0f135ARzlAGtkscSqLvlG27RV2ym8pKGerrZB9bTYaorXt
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org