Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/0YQMMuhpLrh04oyfx5JXqI9s0Js.roa
File: 0YQMMuhpLrh04oyfx5JXqI9s0Js.roa (raw, json)
Hash identifier: 4IORsxJe+E23nx333A3S/a+u346khyDdvbl1YGG+5Fc=
Subject key identifier: D1:84:0C:32:E8:69:2E:B8:74:E2:8C:9F:C7:92:57:A8:8F:6C:D0:9B
Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Certificate serial: 0A7E
Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/0YQMMuhpLrh04oyfx5JXqI9s0Js.roa
Signing time: Thu 15 Sep 2022 02:50:02 +0000
ROA not before: Thu 15 Sep 2022 02:50:02 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131596
IP address blocks: 61.58.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2686 (0xa7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Validity
Not Before: Sep 15 02:50:02 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D1840C32E8692EB874E28C9FC79257A88F6CD09B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:58:0f:72:a6:1e:bf:68:e2:cc:6b:3f:16:de:
bf:d4:80:43:07:31:76:ad:22:37:37:7d:de:27:d0:
d6:9f:b0:02:ba:48:bf:08:bb:96:66:20:5a:d5:82:
e8:f3:c0:c6:a8:6c:40:5b:9e:a5:7d:33:e1:cf:aa:
5d:24:99:d7:b4:0e:45:88:5a:01:49:9e:21:70:98:
b5:35:b7:8a:53:d1:3e:28:2e:de:66:2f:dd:71:7c:
d5:d3:21:cb:07:6b:88:6f:66:2f:7f:71:4e:a7:6a:
84:78:91:59:0a:13:2f:19:7f:39:7f:42:27:47:b8:
62:74:4c:a6:99:64:2b:dd:7d:05:f3:bf:af:56:75:
52:98:f4:73:57:fd:2a:62:fa:2d:77:8d:23:c9:37:
16:42:6b:70:c9:69:2f:24:46:3b:4a:b2:34:e3:3a:
40:f4:ca:ea:1e:4e:36:f2:a6:6c:4c:4a:ff:1e:0e:
5e:ba:74:bf:b8:4a:e9:05:57:db:45:10:41:ad:c3:
25:55:a3:46:a5:98:6b:a0:2d:51:24:2b:08:a6:52:
c9:72:64:08:10:e9:75:cd:90:75:8e:08:75:53:1e:
76:29:d8:47:c5:61:71:3e:d5:bf:a7:04:df:df:20:
ec:7e:49:54:9d:00:c8:1b:42:3b:fb:cc:32:56:23:
e5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:84:0C:32:E8:69:2E:B8:74:E2:8C:9F:C7:92:57:A8:8F:6C:D0:9B
X509v3 Authority Key Identifier:
keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/0YQMMuhpLrh04oyfx5JXqI9s0Js.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.58.72.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:f1:b1:d6:c4:a9:6a:69:3d:ab:45:c6:f7:1a:20:a1:76:2e:
28:d5:26:fd:45:31:1e:e3:37:ac:5a:b3:70:76:0c:b3:69:4e:
35:58:07:35:0c:03:8a:00:6d:2d:51:ff:ad:f0:0d:b6:e3:91:
dc:12:e7:1f:c7:c3:59:0c:6c:88:e2:4f:49:5f:75:10:ac:22:
d6:cc:09:e0:bc:1e:12:de:73:2c:32:f8:0a:c6:73:00:2e:24:
f8:7d:b8:de:6e:7f:23:8f:cd:93:40:85:2e:38:64:b5:90:64:
95:c9:c6:46:89:3c:d7:3f:50:4a:fe:1f:11:1d:a2:9a:55:9a:
3c:b0:bb:1c:2c:ad:5b:84:9a:c0:09:d5:ab:44:6c:ed:1b:06:
c6:88:cd:77:fd:2b:c8:48:82:18:da:c6:ab:a8:14:c1:b0:e7:
44:b8:db:16:18:8e:8f:c5:58:19:15:b6:ee:71:48:e8:e5:8f:
e5:b9:db:f4:5c:68:22:94:ca:2e:99:69:b1:1b:f2:b3:34:d3:
82:a3:56:72:2d:c4:92:04:2f:80:e4:7a:07:2d:c8:51:f0:3b:
fc:fc:06:19:d4:57:2b:98:8f:6d:41:66:e0:c3:ee:c9:5d:4d:
d8:a6:c3:4c:2c:4d:30:a0:1e:51:81:6e:f5:15:b5:90:56:f1:
cc:6f:5e:86
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy
NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yMjA5MTUw
MjUwMDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQxODQwQzMyRTg2OTJF
Qjg3NEUyOEM5RkM3OTI1N0E4OEY2Q0QwOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfWA9yph6/aOLMaz8W3r/UgEMHMXatIjc3fd4n0NafsAK6SL8I
u5ZmIFrVgujzwMaobEBbnqV9M+HPql0kmde0DkWIWgFJniFwmLU1t4pT0T4oLt5m
L91xfNXTIcsHa4hvZi9/cU6naoR4kVkKEy8Zfzl/QidHuGJ0TKaZZCvdfQXzv69W
dVKY9HNX/Spi+i13jSPJNxZCa3DJaS8kRjtKsjTjOkD0yuoeTjbypmxMSv8eDl66
dL+4SukFV9tFEEGtwyVVo0almGugLVEkKwimUslyZAgQ6XXNkHWOCHVTHnYp2EfF
YXE+1b+nBN/fIOx+SVSdAMgbQjv7zDJWI+VFAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU0YQMMuhpLrh04oyfx5JXqI9s0JswHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO
McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v
Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS8wWVFNTXVocExyaDA0b3lmeDVK
WHFJOXMwSnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTpI
MA0GCSqGSIb3DQEBCwUAA4IBAQCb8bHWxKlqaT2rRcb3GiChdi4o1Sb9RTEe4zes
WrNwdgyzaU41WAc1DAOKAG0tUf+t8A2245HcEucfx8NZDGyI4k9JX3UQrCLWzAng
vB4S3nMsMvgKxnMALiT4fbjebn8jj82TQIUuOGS1kGSVycZGiTzXP1BK/h8RHaKa
VZo8sLscLK1bhJrACdWrRGztGwbGiM13/SvISIIY2sarqBTBsOdEuNsWGI6PxVgZ
FbbucUjo5Y/ludv0XGgilMoumWmxG/KzNNOCo1ZyLcSSBC+A5HoHLchR8Dv8/AYZ
1FcrmI9tQWbgw+7JXU3YpsNMLE0woB5RgW71FbWQVvHMb16G
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org