Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/z-kSdTSdk5ofgg9jrUiaE5yIBPE.roa
File: z-kSdTSdk5ofgg9jrUiaE5yIBPE.roa (raw, json)
Hash identifier: mV5DM5sm3Ex1/1VqaDYZrMA6XQ1kYBawFkRBaKv5LMo=
Subject key identifier: CF:E9:12:75:34:9D:93:9A:1F:82:0F:63:AD:48:9A:13:9C:88:04:F1
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 0AE2
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/z-kSdTSdk5ofgg9jrUiaE5yIBPE.roa
Signing time: Wed 29 Sep 2021 02:41:12 +0000
ROA not before: Wed 29 Sep 2021 02:41:12 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38844
IP address blocks: 210.60.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2786 (0xae2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Sep 29 02:41:12 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=CFE91275349D939A1F820F63AD489A139C8804F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2e:47:6a:fb:ad:e1:46:89:12:50:c3:3d:cc:
23:84:86:ba:05:c4:07:6a:db:0e:cd:23:a2:f5:0f:
f1:b4:a9:c3:ee:c5:b0:3b:16:e1:9a:a0:cc:a1:35:
54:23:f3:3b:73:ed:2e:5f:31:0b:c3:b1:f3:7b:78:
5d:e0:30:12:ca:59:79:87:f7:0e:25:4f:0b:8a:60:
1a:a6:82:34:68:39:5a:97:a7:85:cc:90:6e:46:9d:
0f:f1:52:93:62:35:9a:1b:c7:de:ad:4a:34:6f:c9:
79:de:99:de:fa:15:81:b3:14:52:5e:41:49:06:ca:
25:15:f7:3e:e5:02:9f:09:3d:d1:bd:fa:0c:1f:c8:
2b:88:bc:00:7d:b0:10:e4:81:99:33:d0:9a:20:8c:
95:54:bd:e6:df:c5:79:f8:a2:d5:01:bd:ac:89:af:
6a:0a:15:f9:0e:c5:a3:e1:16:46:35:64:19:65:38:
24:8c:69:e8:aa:f3:95:83:22:7e:f0:ac:66:a3:aa:
95:4a:c2:5d:ac:49:12:5b:45:54:81:d6:1c:ec:06:
00:1d:61:32:f0:2b:6a:b8:f4:58:19:d2:a6:28:b6:
7e:c1:ba:f4:a2:44:9f:d4:87:42:d7:c8:c8:20:79:
38:45:87:f1:c6:1a:37:67:04:8a:b3:7c:99:74:18:
5b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E9:12:75:34:9D:93:9A:1F:82:0F:63:AD:48:9A:13:9C:88:04:F1
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/z-kSdTSdk5ofgg9jrUiaE5yIBPE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.60.149.0/24
Signature Algorithm: sha256WithRSAEncryption
71:9b:e7:97:36:d4:03:87:6e:d0:93:c4:29:f2:57:59:98:ba:
1e:cf:6d:7b:b1:16:a2:bc:c0:bc:85:68:16:c3:59:f2:ab:28:
63:69:a5:0a:e8:2f:57:04:1f:c6:cd:70:e9:5b:81:87:e6:2c:
78:d0:8c:dd:d1:c8:f9:65:28:a3:de:e1:a7:22:72:3b:ee:7a:
b8:11:8f:b1:f4:fc:d3:9d:08:c4:7d:80:51:a8:3b:95:46:58:
db:76:cc:52:95:38:f2:87:7c:72:a3:bb:89:b3:76:4d:b0:71:
54:44:8e:77:d5:be:1b:68:4e:26:97:aa:fd:93:2a:d5:17:68:
7f:b1:69:ac:b7:7a:6e:79:06:9c:eb:04:ab:67:47:3a:9b:74:
c5:6c:6e:d6:2c:bd:17:6d:30:29:a2:db:60:8b:3f:8d:ec:4e:
84:30:e4:72:cd:9b:2b:b2:55:13:e5:cd:3d:f0:7b:74:54:8b:
17:8d:06:0e:19:a6:38:69:c5:e5:7c:60:3e:f2:fe:69:6e:62:
48:c2:1b:ff:69:77:25:ee:0a:3a:27:54:80:83:b3:de:69:57:
b3:f7:51:05:f9:a9:43:39:0b:cd:77:f2:90:56:c1:ee:5a:99:
e0:ec:75:82:6e:5a:01:05:81:50:af:02:f8:5c:78:04:dd:5d:
91:fa:70:70
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTA5Mjkw
MjQxMTJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENGRTkxMjc1MzQ5RDkz
OUExRjgyMEY2M0FENDg5QTEzOUM4ODA0RjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzLkdq+63hRokSUMM9zCOEhroFxAdq2w7NI6L1D/G0qcPuxbA7
FuGaoMyhNVQj8ztz7S5fMQvDsfN7eF3gMBLKWXmH9w4lTwuKYBqmgjRoOVqXp4XM
kG5GnQ/xUpNiNZobx96tSjRvyXnemd76FYGzFFJeQUkGyiUV9z7lAp8JPdG9+gwf
yCuIvAB9sBDkgZkz0JogjJVUvebfxXn4otUBvayJr2oKFfkOxaPhFkY1ZBllOCSM
aeiq85WDIn7wrGajqpVKwl2sSRJbRVSB1hzsBgAdYTLwK2q49FgZ0qYotn7BuvSi
RJ/Uh0LXyMggeThFh/HGGjdnBIqzfJl0GFvjAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUz+kSdTSdk5ofgg9jrUiaE5yIBPEwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC96LWtTZFRTZGs1b2ZnZzlqclVp
YUU1eUlCUEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0jyV
MA0GCSqGSIb3DQEBCwUAA4IBAQBxm+eXNtQDh27Qk8Qp8ldZmLoez217sRaivMC8
hWgWw1nyqyhjaaUK6C9XBB/GzXDpW4GH5ix40Izd0cj5ZSij3uGnInI77nq4EY+x
9PzTnQjEfYBRqDuVRljbdsxSlTjyh3xyo7uJs3ZNsHFURI531b4baE4ml6r9kyrV
F2h/sWmst3pueQac6wSrZ0c6m3TFbG7WLL0XbTApottgiz+N7E6EMORyzZsrslUT
5c098Ht0VIsXjQYOGaY4acXlfGA+8v5pbmJIwhv/aXcl7go6J1SAg7PeaVez91EF
+alDOQvNd/KQVsHuWpng7HWCbloBBYFQrwL4XHgE3V2R+nBw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org