Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/UmqUuCVj2bLYeh1iF_c73eqDvpA.roa
File: UmqUuCVj2bLYeh1iF_c73eqDvpA.roa (raw, json)
Hash identifier: n2Jo5roZ0Kkwl1ytrOtIvzCfMKvN2K0lwgOIwMx4YWw=
Subject key identifier: 52:6A:94:B8:25:63:D9:B2:D8:7A:1D:62:17:F7:3B:DD:EA:83:BE:90
Certificate issuer: /CN=1D92BE0ACF9887B1A8192875CFE732238DE322A9
Certificate serial: 092D
Authority key identifier: 1D:92:BE:0A:CF:98:87:B1:A8:19:28:75:CF:E7:32:23:8D:E3:22:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/UmqUuCVj2bLYeh1iF_c73eqDvpA.roa
Signing time: Wed 29 Sep 2021 02:38:04 +0000
ROA not before: Wed 29 Sep 2021 02:38:04 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18185
IP address blocks: 211.76.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2349 (0x92d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1D92BE0ACF9887B1A8192875CFE732238DE322A9
Validity
Not Before: Sep 29 02:38:04 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=526A94B82563D9B2D87A1D6217F73BDDEA83BE90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e2:32:0e:ab:67:c2:38:94:30:87:cd:16:04:
1a:76:73:84:98:b9:6d:e2:6b:4b:ef:cb:2c:a9:9d:
57:51:51:d9:69:fe:62:a3:3e:4b:64:fa:aa:ee:4e:
6b:24:37:e8:65:97:6b:27:2f:4f:1e:fb:eb:43:b6:
fc:84:90:2f:28:38:7b:51:a2:b0:07:42:3c:f2:0b:
62:d0:5d:fb:73:6c:1b:d1:51:c0:d0:8d:84:02:a3:
3d:66:cd:f0:78:49:e1:cf:ea:d2:52:73:3b:3c:9e:
07:61:eb:a3:7b:a6:09:8d:4a:78:e8:c0:97:b5:6f:
40:b5:5d:54:14:e4:cd:2b:13:89:91:ff:18:fa:a6:
99:ba:c8:9c:ab:5a:a0:31:f4:5b:e7:4b:d6:72:5b:
7c:63:af:60:a6:25:9f:af:92:49:e9:84:69:73:9f:
d8:5c:e9:d0:be:c4:1d:fa:b4:bc:18:9c:e7:07:8f:
e9:3f:6f:1f:5c:f1:09:9c:c8:95:3b:6d:c0:f9:fc:
9e:e5:c4:ce:d0:3c:b9:b2:e2:ce:d0:a5:04:53:65:
52:80:1e:70:51:4f:7f:55:fb:f4:ee:89:4e:af:a4:
57:54:f8:0d:fe:89:08:60:7d:9f:de:78:f5:d4:43:
08:9a:14:8a:f6:da:4e:0d:8f:68:70:9d:46:b6:5d:
47:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6A:94:B8:25:63:D9:B2:D8:7A:1D:62:17:F7:3B:DD:EA:83:BE:90
X509v3 Authority Key Identifier:
keyid:1D:92:BE:0A:CF:98:87:B1:A8:19:28:75:CF:E7:32:23:8D:E3:22:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/UmqUuCVj2bLYeh1iF_c73eqDvpA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.240.0/20
Signature Algorithm: sha256WithRSAEncryption
60:47:a2:4d:cd:82:d9:59:e3:4a:a8:6b:2d:89:3c:a1:3e:70:
bb:ab:45:df:a8:91:f0:a6:db:74:4b:03:c0:c4:1d:53:e4:d6:
06:35:32:c7:56:09:8a:3f:79:86:4d:e8:ff:b8:a2:55:b1:2d:
ef:fe:6b:7a:99:80:50:93:01:44:97:29:c4:fd:bd:82:99:7a:
eb:7a:d1:f2:6b:30:32:70:23:a2:47:3d:be:e1:eb:57:a8:4b:
b4:59:f1:c2:a4:3d:7d:69:03:16:b0:9e:21:94:e3:bc:14:97:
f3:2b:39:43:67:6e:45:92:b9:fd:d1:78:66:fb:e5:2b:7c:85:
92:55:43:0c:aa:14:3e:37:6e:70:71:1a:9d:57:fd:38:eb:90:
e1:5c:3a:e4:50:c4:1b:94:8e:97:ca:63:39:44:67:d8:cf:26:
fe:5f:e3:af:88:56:b7:a9:e4:50:a2:75:44:0a:84:38:e5:e0:
64:aa:cf:7d:5c:6f:c8:14:43:c7:64:d3:88:9d:7f:d3:96:7f:
78:29:c3:10:44:c1:2a:0c:3f:35:f2:7c:51:49:01:9a:ea:48:
99:90:12:a1:cf:c7:75:ff:43:e0:6c:ec:af:04:78:f3:9b:db:
85:d5:a2:41:e8:0f:58:5d:95:33:ae:b8:e8:e3:0c:5f:c1:20:
e1:d0:1f:7c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCS0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUQ5
MkJFMEFDRjk4ODdCMUE4MTkyODc1Q0ZFNzMyMjM4REUzMjJBOTAeFw0yMTA5Mjkw
MjM4MDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDUyNkE5NEI4MjU2M0Q5
QjJEODdBMUQ2MjE3RjczQkRERUE4M0JFOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP4jIOq2fCOJQwh80WBBp2c4SYuW3ia0vvyyypnVdRUdlp/mKj
Pktk+qruTmskN+hll2snL08e++tDtvyEkC8oOHtRorAHQjzyC2LQXftzbBvRUcDQ
jYQCoz1mzfB4SeHP6tJSczs8ngdh66N7pgmNSnjowJe1b0C1XVQU5M0rE4mR/xj6
ppm6yJyrWqAx9FvnS9ZyW3xjr2CmJZ+vkknphGlzn9hc6dC+xB36tLwYnOcHj+k/
bx9c8QmcyJU7bcD5/J7lxM7QPLmy4s7QpQRTZVKAHnBRT39V+/TuiU6vpFdU+A3+
iQhgfZ/eePXUQwiaFIr22k4Nj2hwnUa2XUdnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUUmqUuCVj2bLYeh1iF/c73eqDvpAwHwYDVR0jBBgwFoAUHZK+Cs+Yh7GoGSh1
z+cyI43jIqkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOQ1RV
L0haSy1Dcy1ZaDdHb0dTaDF6LWN5STQzaklxay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSFpLLUNzLVloN0dvR1NoMXotY3lJNDNqSXFrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOQ1RVL1VtcVV1Q1ZqMmJMWWVoMWlG
X2M3M2VxRHZwQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATT
TPAwDQYJKoZIhvcNAQELBQADggEBAGBHok3NgtlZ40qoay2JPKE+cLurRd+okfCm
23RLA8DEHVPk1gY1MsdWCYo/eYZN6P+4olWxLe/+a3qZgFCTAUSXKcT9vYKZeut6
0fJrMDJwI6JHPb7h61eoS7RZ8cKkPX1pAxawniGU47wUl/MrOUNnbkWSuf3ReGb7
5St8hZJVQwyqFD43bnBxGp1X/TjrkOFcOuRQxBuUjpfKYzlEZ9jPJv5f46+IVrep
5FCidUQKhDjl4GSqz31cb8gUQ8dk04idf9OWf3gpwxBEwSoMPzXyfFFJAZrqSJmQ
EqHPx3X/Q+Bs7K8EePOb24XVokHoD1hdlTOuuOjjDF/BIOHQH3w=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:43 2023 by rpki-client on console-fra.rpki-client.org