Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/B2w6lOdR1ORfT-w7lVt9MZAy98k.roa
File: B2w6lOdR1ORfT-w7lVt9MZAy98k.roa (raw, json)
Hash identifier: Hh0USZBA1h+G3hxE8m4GhTXX58YdlWWs/7NmFTBh6vk=
Subject key identifier: 07:6C:3A:94:E7:51:D4:E4:5F:4F:EC:3B:95:5B:7D:31:90:32:F7:C9
Certificate issuer: /CN=1D92BE0ACF9887B1A8192875CFE732238DE322A9
Certificate serial: 074C
Authority key identifier: 1D:92:BE:0A:CF:98:87:B1:A8:19:28:75:CF:E7:32:23:8D:E3:22:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/B2w6lOdR1ORfT-w7lVt9MZAy98k.roa
Signing time: Tue 29 Sep 2020 10:07:13 +0000
ROA not before: Tue 29 Sep 2020 10:07:13 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18185
IP address blocks: 211.76.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1868 (0x74c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1D92BE0ACF9887B1A8192875CFE732238DE322A9
Validity
Not Before: Sep 29 10:07:13 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=076C3A94E751D4E45F4FEC3B955B7D319032F7C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1e:64:d4:5d:ee:96:23:37:2f:6e:5f:a6:03:
d7:8f:83:b6:aa:7e:48:17:26:d9:e4:3b:4f:2c:f4:
2e:ab:a8:17:4d:37:74:26:87:c3:1f:0a:d0:ae:76:
cf:e8:b2:d2:83:5d:2b:a7:e3:f4:12:e8:3f:3a:fb:
d2:ab:32:c9:22:7c:d2:5c:a9:7d:3b:bf:d7:27:07:
a3:a2:62:46:a7:2f:ca:2d:92:92:b4:94:f3:1c:e7:
4a:c2:25:38:08:61:65:5c:2c:47:1a:c3:66:74:ae:
a7:be:e7:58:48:d7:c9:ad:0e:f3:f9:fc:6e:ce:d9:
e1:e0:62:21:aa:9d:61:e8:3b:79:03:14:6a:20:3b:
fc:78:c9:24:65:73:43:82:bf:70:29:55:70:ee:7f:
28:7a:10:54:fd:12:54:0d:b8:aa:5c:09:f3:18:1e:
bf:c5:47:0e:67:f9:66:11:a6:c0:c3:48:48:93:ec:
c4:2c:3a:a6:bf:d4:83:b9:41:55:30:ac:87:91:61:
b4:e7:85:45:55:5f:4b:bf:77:61:76:8f:ce:a2:ba:
29:2f:05:1d:cf:63:bb:ab:90:cb:8e:3b:4c:9b:6f:
79:d1:cf:8b:dc:1f:be:2f:f3:b6:1c:7b:e9:99:e4:
84:c1:ea:9b:1f:d4:12:db:88:2a:2d:cc:cb:aa:b3:
f8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:6C:3A:94:E7:51:D4:E4:5F:4F:EC:3B:95:5B:7D:31:90:32:F7:C9
X509v3 Authority Key Identifier:
keyid:1D:92:BE:0A:CF:98:87:B1:A8:19:28:75:CF:E7:32:23:8D:E3:22:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/B2w6lOdR1ORfT-w7lVt9MZAy98k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.240.0/20
Signature Algorithm: sha256WithRSAEncryption
73:d0:52:30:38:dd:5e:50:d0:a3:56:33:17:0a:f7:f5:93:84:
00:9c:13:d8:60:88:c5:4c:f8:71:d9:7e:11:46:64:51:95:01:
9a:40:50:28:e0:68:a0:9a:75:a7:fa:fa:ac:96:ba:69:79:b3:
41:a3:3c:49:3a:1f:a4:eb:85:48:c1:3c:35:e5:fc:2e:78:3a:
70:41:2b:aa:3d:7f:0a:c0:ae:e9:6c:a9:2b:f2:0f:6d:f5:f0:
57:e1:45:2e:7d:2b:34:18:4d:35:f0:ee:2d:d7:22:9c:27:8d:
2d:92:77:89:bf:6c:e1:42:e9:18:a7:a8:ff:69:7a:e2:55:39:
74:23:c3:b1:f2:62:3d:af:ff:0f:a8:54:73:e2:01:ae:53:7b:
aa:de:93:ec:41:af:1c:1a:da:d5:6d:aa:2b:43:06:f3:46:01:
e1:62:e0:3e:5f:6e:d7:c7:4a:d2:07:6a:28:2c:14:68:a8:7d:
e4:68:02:73:a6:e7:2d:6f:dc:82:86:e1:d7:d7:87:d5:70:ef:
90:b6:0a:ac:60:6b:60:11:37:b9:2b:cb:04:cf:59:38:94:68:
eb:78:d4:67:9a:5c:28:7b:30:51:8c:08:42:a9:52:88:10:a1:
ad:fe:b2:ec:54:04:1f:54:b8:a9:d9:b2:f7:f2:66:2b:81:b6:
dd:53:23:bd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB0wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUQ5
MkJFMEFDRjk4ODdCMUE4MTkyODc1Q0ZFNzMyMjM4REUzMjJBOTAeFw0yMDA5Mjkx
MDA3MTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA3NkMzQTk0RTc1MUQ0
RTQ1RjRGRUMzQjk1NUI3RDMxOTAzMkY3QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2HmTUXe6WIzcvbl+mA9ePg7aqfkgXJtnkO08s9C6rqBdNN3Qm
h8MfCtCuds/ostKDXSun4/QS6D86+9KrMskifNJcqX07v9cnB6OiYkanL8otkpK0
lPMc50rCJTgIYWVcLEcaw2Z0rqe+51hI18mtDvP5/G7O2eHgYiGqnWHoO3kDFGog
O/x4ySRlc0OCv3ApVXDufyh6EFT9ElQNuKpcCfMYHr/FRw5n+WYRpsDDSEiT7MQs
Oqa/1IO5QVUwrIeRYbTnhUVVX0u/d2F2j86iuikvBR3PY7urkMuOO0ybb3nRz4vc
H74v87Yce+mZ5ITB6psf1BLbiCotzMuqs/h/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUB2w6lOdR1ORfT+w7lVt9MZAy98kwHwYDVR0jBBgwFoAUHZK+Cs+Yh7GoGSh1
z+cyI43jIqkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOQ1RV
L0haSy1Dcy1ZaDdHb0dTaDF6LWN5STQzaklxay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSFpLLUNzLVloN0dvR1NoMXotY3lJNDNqSXFrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOQ1RVL0IydzZsT2RSMU9SZlQtdzds
VnQ5TVpBeTk4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATT
TPAwDQYJKoZIhvcNAQELBQADggEBAHPQUjA43V5Q0KNWMxcK9/WThACcE9hgiMVM
+HHZfhFGZFGVAZpAUCjgaKCadaf6+qyWuml5s0GjPEk6H6TrhUjBPDXl/C54OnBB
K6o9fwrArulsqSvyD2318FfhRS59KzQYTTXw7i3XIpwnjS2Sd4m/bOFC6RinqP9p
euJVOXQjw7HyYj2v/w+oVHPiAa5Te6rek+xBrxwa2tVtqitDBvNGAeFi4D5fbtfH
StIHaigsFGiofeRoAnOm5y1v3IKG4dfXh9Vw75C2Cqxga2ARN7krywTPWTiUaOt4
1GeaXCh7MFGMCEKpUogQoa3+suxUBB9UuKnZsvfyZiuBtt1TI70=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org