Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TINP/rkkD3rX_TmAzkFijRy6GC3zzm4g.roa
File: rkkD3rX_TmAzkFijRy6GC3zzm4g.roa (raw, json)
Hash identifier: 4hiksxlPersvYG1Aftle88bU3iAkW+EoAcLW5xKA/1g=
Subject key identifier: AE:49:03:DE:B5:FF:4E:60:33:90:58:A3:47:2E:86:0B:7C:F3:9B:88
Certificate issuer: /CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
Certificate serial: 08D7
Authority key identifier: E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/rkkD3rX_TmAzkFijRy6GC3zzm4g.roa
Signing time: Sun 07 Feb 2021 05:46:44 +0000
ROA not before: Sun 07 Feb 2021 05:46:44 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18049
IP address blocks: 58.99.0.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2263 (0x8d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
Validity
Not Before: Feb 7 05:46:44 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=AE4903DEB5FF4E60339058A3472E860B7CF39B88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b8:e6:39:4a:b9:43:7c:57:ff:97:dc:52:b8:
33:4a:cc:fc:ed:92:3f:dd:9e:38:44:01:f3:4d:76:
3b:e9:21:26:b5:a7:31:68:83:e3:3d:c0:19:12:9a:
02:35:0c:be:ab:50:09:22:f1:90:99:26:e1:a2:6e:
92:d0:16:30:d3:fa:e0:f9:c0:70:f3:7c:7c:91:f0:
28:2d:64:78:85:ea:21:3a:0a:e9:ab:32:e9:5a:97:
18:a5:0d:81:87:61:ed:a6:a6:42:1d:ea:3a:33:f9:
e7:55:40:91:98:eb:aa:1d:ab:eb:54:28:d8:b7:36:
4d:9b:77:0f:c4:35:3e:33:99:ae:a2:10:7e:1a:d0:
2e:83:3d:61:80:ca:9b:d3:d1:91:d4:6b:f8:82:72:
95:8a:22:f2:74:bc:67:df:68:be:75:6c:04:fd:3b:
9b:8f:c5:dd:16:68:05:c4:a9:6e:33:06:29:6b:a5:
70:ee:ef:1b:53:b0:0d:17:f3:90:2b:e0:9e:b1:26:
68:db:20:9f:33:6a:2d:27:3f:88:85:80:4f:6f:5f:
17:2f:e8:35:3c:77:6b:6d:78:d7:67:31:56:ee:80:
89:15:8a:34:5c:15:cf:c4:9b:89:8f:05:70:56:d1:
ac:59:7b:02:ec:ec:6d:35:53:49:d5:27:92:a5:83:
bd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:49:03:DE:B5:FF:4E:60:33:90:58:A3:47:2E:86:0B:7C:F3:9B:88
X509v3 Authority Key Identifier:
keyid:E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/4CWCsCflcDjqAKPoSE1V3uouGio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/rkkD3rX_TmAzkFijRy6GC3zzm4g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.99.0.0/18
Signature Algorithm: sha256WithRSAEncryption
2c:5b:ca:bf:d0:c9:3d:18:e4:db:20:c7:d1:da:71:16:c4:b1:
f6:fb:4e:0f:cd:fa:2c:49:08:70:26:1a:02:bb:65:bb:31:7b:
0d:6d:10:79:18:c6:60:f2:c8:fa:ba:71:27:eb:95:e0:b1:ae:
97:84:1d:57:5e:2c:f2:47:92:17:3c:ef:6b:c0:6e:85:af:ad:
e9:9b:a2:0e:e5:cd:be:fb:17:a8:84:39:11:50:b1:f2:99:97:
79:7a:f7:97:7d:a1:f3:4f:ba:0c:0a:a6:ca:33:3a:47:99:55:
12:b9:35:8a:29:8f:dd:6d:e9:1f:c3:66:d7:58:d1:fa:cd:92:
67:69:73:e1:ce:99:58:4b:6f:d4:ac:60:02:ca:dc:2c:69:2f:
d4:06:a9:60:e8:0c:c2:a1:72:8c:14:75:19:c2:c4:f9:76:54:
d1:dc:32:2e:4b:a9:15:ed:41:f3:ec:9a:2a:23:b7:ca:b3:9f:
96:38:9a:1d:1f:b5:00:13:fa:7b:97:78:97:b9:b5:2f:e0:ed:
1d:ba:13:b2:fb:e5:74:ea:2d:28:ed:78:52:bb:b9:d9:05:9e:
92:44:6d:17:32:1f:59:8b:64:3b:8f:24:e5:7a:77:84:98:e0:
3b:be:f6:ef:cf:71:6e:b7:0c:5a:4f:b9:6e:1a:04:b7:8d:54:
ca:c3:17:75
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCNcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTAy
NTgyQjAyN0U1NzAzOEVBMDBBM0U4NDg0RDU1REVFQTJFMUEyQTAeFw0yMTAyMDcw
NTQ2NDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFFNDkwM0RFQjVGRjRF
NjAzMzkwNThBMzQ3MkU4NjBCN0NGMzlCODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPuOY5SrlDfFf/l9xSuDNKzPztkj/dnjhEAfNNdjvpISa1pzFo
g+M9wBkSmgI1DL6rUAki8ZCZJuGibpLQFjDT+uD5wHDzfHyR8CgtZHiF6iE6Cumr
MulalxilDYGHYe2mpkId6joz+edVQJGY66odq+tUKNi3Nk2bdw/ENT4zma6iEH4a
0C6DPWGAypvT0ZHUa/iCcpWKIvJ0vGffaL51bAT9O5uPxd0WaAXEqW4zBilrpXDu
7xtTsA0X85Ar4J6xJmjbIJ8zai0nP4iFgE9vXxcv6DU8d2tteNdnMVbugIkVijRc
Fc/Em4mPBXBW0axZewLs7G01U0nVJ5Klg71jAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUrkkD3rX/TmAzkFijRy6GC3zzm4gwHwYDVR0jBBgwFoAU4CWCsCflcDjqAKPo
SE1V3uouGiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElOUC80
Q1dDc0NmbGNEanFBS1BvU0UxVjN1b3VHaW8uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzRDV0NzQ2ZsY0RqcUFLUG9TRTFWM3VvdUdpby5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJTlAvcmtrRDNyWF9UbUF6a0ZpalJ5NkdD
M3p6bTRnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjpjADAN
BgkqhkiG9w0BAQsFAAOCAQEALFvKv9DJPRjk2yDH0dpxFsSx9vtOD836LEkIcCYa
ArtluzF7DW0QeRjGYPLI+rpxJ+uV4LGul4QdV14s8keSFzzva8Buha+t6ZuiDuXN
vvsXqIQ5EVCx8pmXeXr3l32h80+6DAqmyjM6R5lVErk1iimP3W3pH8Nm11jR+s2S
Z2lz4c6ZWEtv1KxgAsrcLGkv1AapYOgMwqFyjBR1GcLE+XZU0dwyLkupFe1B8+ya
KiO3yrOfljiaHR+1ABP6e5d4l7m1L+DtHboTsvvldOotKO14Uru52QWekkRtFzIf
WYtkO48k5Xp3hJjgO772789xbrcMWk+5bhoEt41UysMXdQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:19 2023 by rpki-client on console-fra.rpki-client.org