Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/zBwkkEVPKJfM5Yn0Eoy9y-zsaus.roa
File: zBwkkEVPKJfM5Yn0Eoy9y-zsaus.roa (raw, json)
Hash identifier: G/bAZRLF5KNYRiWPoYHV0Jd5i27bA1MWmHsY1TcF8Rg=
Subject key identifier: CC:1C:24:90:45:4F:28:97:CC:E5:89:F4:12:8C:BD:CB:EC:EC:6A:EB
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 09CD
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/zBwkkEVPKJfM5Yn0Eoy9y-zsaus.roa
Signing time: Sun 07 Feb 2021 13:12:57 +0000
ROA not before: Sun 07 Feb 2021 13:12:57 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9916
IP address blocks: 140.129.52.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2509 (0x9cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 7 13:12:57 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=CC1C2490454F2897CCE589F4128CBDCBECEC6AEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:b1:65:87:52:86:38:a5:dd:a8:75:83:0d:
19:6f:dd:24:fb:6a:ac:ee:e3:1f:0d:17:3d:0e:2f:
db:40:17:3f:18:ab:bb:90:6a:93:88:09:22:9d:7c:
3f:80:aa:b2:4d:12:28:5a:f4:df:84:ed:6f:b8:6c:
8f:11:5d:de:0d:bd:29:4c:c5:53:9e:7c:cb:0d:7c:
0f:5c:4d:a6:ad:f4:b8:da:77:24:bf:33:75:3d:01:
fb:74:55:56:ad:9b:79:9b:54:c5:11:bc:cc:0a:d7:
d2:7a:92:b0:9e:be:06:ca:e3:e3:a1:19:e5:96:ab:
a4:5c:d4:fc:cf:99:f5:e6:03:1f:88:d3:5b:01:9a:
b1:b7:fe:11:08:f6:09:06:ed:fc:7b:8e:9f:56:7e:
8c:fb:d3:bf:c8:c0:63:32:81:6c:53:49:fc:e1:06:
b0:fc:d5:97:66:1a:d0:0b:95:01:f1:ca:a4:63:0e:
70:96:78:2c:a6:6c:06:1e:0e:c5:d9:94:0d:4d:02:
95:25:b0:ba:4e:08:00:f5:30:5b:44:c8:d9:92:ef:
d6:70:5d:5f:76:28:68:3c:58:15:9a:36:85:a3:d9:
36:cc:bf:03:17:01:ea:49:35:45:7c:06:79:a2:99:
b5:98:94:c2:9d:1a:69:0b:56:cc:7d:7e:0c:47:54:
f1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1C:24:90:45:4F:28:97:CC:E5:89:F4:12:8C:BD:CB:EC:EC:6A:EB
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/zBwkkEVPKJfM5Yn0Eoy9y-zsaus.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.52.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:f2:1b:66:75:d7:b0:3b:6a:61:90:0a:eb:b1:fc:51:d8:e1:
ef:4a:04:78:77:76:d8:0d:30:33:8c:c6:46:aa:68:0b:b3:60:
f3:7c:e3:29:0c:0b:31:20:ae:91:dd:93:18:7f:36:0a:98:98:
9b:f6:5c:62:2c:5e:85:cb:59:bd:33:29:ac:d5:cf:03:4d:21:
27:c3:23:57:50:55:c0:6c:df:98:c2:08:92:be:77:45:f1:21:
d2:1f:77:c2:0f:c2:93:b9:bf:03:91:3d:76:d5:fc:cb:a3:af:
a3:23:cf:2e:f3:0a:9a:94:61:eb:9d:eb:ec:0a:0a:71:37:78:
ac:ed:fa:53:87:a3:de:61:d7:ae:13:66:3e:d1:e2:0f:7f:d0:
fc:25:1a:1f:4f:2b:6f:74:e5:1f:eb:f8:07:66:72:10:c2:f7:
37:c8:e4:41:97:1f:a8:97:34:73:ea:63:22:29:79:a1:01:b4:
66:f8:22:2a:05:42:79:8b:9f:ac:b0:f5:42:d4:1e:38:01:e5:
43:7e:5a:55:1a:15:8e:64:1b:a2:a0:ad:c1:aa:76:29:c4:9a:
0c:36:ef:49:bb:00:53:1b:d4:ba:d9:9f:db:b8:fc:f2:13:4d:
62:e8:33:f5:97:e3:6c:98:69:ae:78:b5:10:57:9d:3c:6c:eb:
69:55:f1:8c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCc0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTAyMDcx
MzEyNTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENDMUMyNDkwNDU0RjI4
OTdDQ0U1ODlGNDEyOENCRENCRUNFQzZBRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBL7Flh1KGOKXdqHWDDRlv3ST7aqzu4x8NFz0OL9tAFz8Yq7uQ
apOICSKdfD+AqrJNEiha9N+E7W+4bI8RXd4NvSlMxVOefMsNfA9cTaat9LjadyS/
M3U9Aft0VVatm3mbVMURvMwK19J6krCevgbK4+OhGeWWq6Rc1PzPmfXmAx+I01sB
mrG3/hEI9gkG7fx7jp9Wfoz707/IwGMygWxTSfzhBrD81ZdmGtALlQHxyqRjDnCW
eCymbAYeDsXZlA1NApUlsLpOCAD1MFtEyNmS79ZwXV92KGg8WBWaNoWj2TbMvwMX
AepJNUV8BnmimbWYlMKdGmkLVsx9fgxHVPH5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUzBwkkEVPKJfM5Yn0Eoy9y+zsauswHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC96Qndra0VWUEtKZk01WW4wRW95
OXktenNhdXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjIE0
MA0GCSqGSIb3DQEBCwUAA4IBAQCd8htmddewO2phkArrsfxR2OHvSgR4d3bYDTAz
jMZGqmgLs2DzfOMpDAsxIK6R3ZMYfzYKmJib9lxiLF6Fy1m9Myms1c8DTSEnwyNX
UFXAbN+YwgiSvndF8SHSH3fCD8KTub8DkT121fzLo6+jI88u8wqalGHrnevsCgpx
N3is7fpTh6PeYdeuE2Y+0eIPf9D8JRofTytvdOUf6/gHZnIQwvc3yORBlx+olzRz
6mMiKXmhAbRm+CIqBUJ5i5+ssPVC1B44AeVDflpVGhWOZBuioK3BqnYpxJoMNu9J
uwBTG9S62Z/buPzyE01i6DP1l+NsmGmueLUQV508bOtpVfGM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org