Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/wchnsDb86I6fQrYKwY1kqAqlB54.roa
File: wchnsDb86I6fQrYKwY1kqAqlB54.roa (raw, json)
Hash identifier: p0WMGitOqck8FHwRzM2hafpjpk+tBzBsLZeW1kYdSSk=
Subject key identifier: C1:C8:67:B0:36:FC:E8:8E:9F:42:B6:0A:C1:8D:64:A8:0A:A5:07:9E
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0A86
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/wchnsDb86I6fQrYKwY1kqAqlB54.roa
Signing time: Wed 29 Sep 2021 02:41:19 +0000
ROA not before: Wed 29 Sep 2021 02:41:19 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9916
IP address blocks: 140.129.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2694 (0xa86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 29 02:41:19 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=C1C867B036FCE88E9F42B60AC18D64A80AA5079E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a1:ea:d3:8a:30:d2:4c:bc:87:13:16:d7:2d:
57:ef:76:4f:b0:0b:76:1c:53:81:eb:8b:6d:5a:4c:
1b:10:ae:b2:cc:64:f1:f3:c2:86:f8:cd:49:f3:f7:
c0:e9:83:b4:e7:b4:c6:f1:ac:38:af:cb:56:b7:ff:
39:7c:b8:c3:9e:7b:99:91:82:6b:35:62:69:7e:60:
b9:e2:10:4d:44:8f:a2:da:60:ca:57:78:68:4a:52:
fe:44:c9:6a:ad:96:bf:c4:8e:33:fa:25:c0:0b:61:
19:3a:98:1f:28:79:39:8f:3a:10:ec:6c:41:3a:d5:
6b:4a:01:16:65:a1:c2:bc:af:48:51:e6:e6:ec:75:
76:26:6b:57:9b:6c:3c:f8:a9:5a:9a:53:6f:a5:1e:
76:d6:b6:42:85:ef:f5:f4:6a:17:d4:06:50:e5:82:
33:e3:91:56:06:15:fb:d6:52:df:84:f5:90:82:27:
d5:0b:96:b9:ae:3b:a4:74:5c:ae:30:38:76:17:eb:
ec:8a:0a:9b:ad:20:be:72:30:1f:2a:99:ef:86:b8:
b8:3b:3b:d4:db:1c:e3:ff:79:03:07:e1:07:0c:74:
91:4d:ae:f2:e4:8a:c1:65:a9:da:e9:cf:78:ae:ff:
0d:48:c5:89:f8:10:ee:e5:e6:c9:90:4a:47:d8:dd:
d4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C8:67:B0:36:FC:E8:8E:9F:42:B6:0A:C1:8D:64:A8:0A:A5:07:9E
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/wchnsDb86I6fQrYKwY1kqAqlB54.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.56.0/21
Signature Algorithm: sha256WithRSAEncryption
46:1f:48:c8:2d:b2:95:39:f7:15:7d:dd:99:42:9c:c2:c3:6e:
3d:d4:e5:48:9b:65:cc:d9:9c:24:e7:48:89:f4:fe:ef:35:08:
d3:b6:85:f0:05:7e:b5:46:df:f9:f1:fd:4f:f9:0a:4a:f5:2b:
a3:38:74:77:db:24:06:08:53:51:a7:7d:e5:f3:3a:fe:47:22:
b5:bc:d0:8e:f6:63:5f:0e:f0:ed:b3:5d:58:09:fc:e1:45:7a:
44:e7:86:c9:0b:7c:c4:04:11:87:d7:37:c4:68:f5:3c:cb:6f:
f5:be:ea:e2:8e:8f:53:b2:7c:07:47:48:c0:24:3f:da:f0:52:
b0:4f:cc:78:88:50:cf:61:e8:08:b8:84:6e:3a:f7:ad:47:6d:
16:57:32:b2:3d:2e:82:97:42:0d:4b:ae:bb:b3:e8:3b:94:2b:
86:b7:3d:1a:7c:29:38:80:bf:f2:d1:71:1e:8d:8c:68:c9:07:
41:79:07:83:51:8a:6f:d8:84:f9:73:68:72:62:92:28:39:ca:
15:5b:8c:e9:bb:81:ab:3f:af:9a:33:27:14:d5:1b:7f:3b:bd:
4e:a6:f7:cd:51:44:4e:1e:5c:1f:b8:46:6c:86:7c:0b:6e:ca:
1a:0f:89:be:26:77:99:d4:ac:f1:55:2a:af:12:39:f7:68:8c:
b0:cf:1c:5b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEMxQzg2N0IwMzZGQ0U4
OEU5RjQyQjYwQUMxOEQ2NEE4MEFBNTA3OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5oerTijDSTLyHExbXLVfvdk+wC3YcU4Hri21aTBsQrrLMZPHz
wob4zUnz98Dpg7TntMbxrDivy1a3/zl8uMOee5mRgms1Yml+YLniEE1Ej6LaYMpX
eGhKUv5EyWqtlr/EjjP6JcALYRk6mB8oeTmPOhDsbEE61WtKARZlocK8r0hR5ubs
dXYma1ebbDz4qVqaU2+lHnbWtkKF7/X0ahfUBlDlgjPjkVYGFfvWUt+E9ZCCJ9UL
lrmuO6R0XK4wOHYX6+yKCputIL5yMB8qme+GuLg7O9TbHOP/eQMH4QcMdJFNrvLk
isFlqdrpz3iu/w1IxYn4EO7l5smQSkfY3dRbAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUwchnsDb86I6fQrYKwY1kqAqlB54wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC93Y2huc0RiODZJNmZRcllLd1kx
a3FBcWxCNTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDjIE4
MA0GCSqGSIb3DQEBCwUAA4IBAQBGH0jILbKVOfcVfd2ZQpzCw2491OVIm2XM2Zwk
50iJ9P7vNQjTtoXwBX61Rt/58f1P+QpK9SujOHR32yQGCFNRp33l8zr+RyK1vNCO
9mNfDvDts11YCfzhRXpE54bJC3zEBBGH1zfEaPU8y2/1vurijo9TsnwHR0jAJD/a
8FKwT8x4iFDPYegIuIRuOvetR20WVzKyPS6Cl0INS667s+g7lCuGtz0afCk4gL/y
0XEejYxoyQdBeQeDUYpv2IT5c2hyYpIoOcoVW4zpu4GrP6+aMycU1Rt/O71OpvfN
UUROHlwfuEZshnwLbsoaD4m+JneZ1KzxVSqvEjn3aIywzxxb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org