Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/2IehMBQvdRlAkXxRQxfOdP4XJz4.roa
File: 2IehMBQvdRlAkXxRQxfOdP4XJz4.roa (raw, json)
Hash identifier: XqIwWZ3zzfkJ3+DvSydAF7D287JMgFiWemvGGPSCSu0=
Subject key identifier: D8:87:A1:30:14:2F:75:19:40:91:7C:51:43:17:CE:74:FE:17:27:3E
Certificate issuer: /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial: 0982
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/2IehMBQvdRlAkXxRQxfOdP4XJz4.roa
Signing time: Wed 29 Sep 2021 02:53:09 +0000
ROA not before: Wed 29 Sep 2021 02:53:09 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 2914
IP address blocks: 61.58.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2434 (0x982)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Validity
Not Before: Sep 29 02:53:09 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=D887A130142F751940917C514317CE74FE17273E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:17:44:06:3f:ab:2d:10:1f:57:a2:c2:89:73:
0b:7b:43:98:f5:44:4a:0c:1b:2d:72:64:8d:dc:b5:
97:19:4c:c0:8c:7c:77:4d:8f:fb:5a:a3:28:01:a8:
b6:ce:5a:05:6b:1e:bc:4a:1e:a6:28:43:f9:d2:64:
94:d9:b5:62:d3:d9:17:10:07:75:cd:a2:e3:67:fe:
60:65:48:5b:fa:92:f3:12:a8:16:2f:71:84:77:85:
21:3c:cd:01:a1:a1:a5:10:65:17:f2:54:1c:d0:25:
73:20:66:32:c6:fe:ea:fd:cf:de:0d:7d:6e:cf:82:
f1:56:0f:52:9e:c3:a8:d1:0e:cf:11:12:c5:de:36:
fa:91:cd:72:e1:9c:8c:06:f4:71:54:77:28:48:d4:
39:88:3e:23:0e:3b:9d:bb:02:89:58:3c:33:95:51:
cf:e9:e2:50:da:c3:e1:88:4e:d5:0c:fd:ae:1a:ce:
73:d5:ae:8c:e3:29:1b:29:23:5f:ff:5e:2c:52:49:
5d:5f:c6:f1:ec:21:9a:14:57:6d:d7:a7:85:49:b9:
57:c5:40:9d:7c:4f:ed:07:a8:8e:6d:fa:90:4f:52:
13:09:ff:0b:ca:25:a2:8c:d3:0f:80:2f:40:4a:79:
96:d3:ec:04:3c:3e:26:6b:32:43:fa:ec:5e:8e:f1:
86:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:87:A1:30:14:2F:75:19:40:91:7C:51:43:17:CE:74:FE:17:27:3E
X509v3 Authority Key Identifier:
keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/2IehMBQvdRlAkXxRQxfOdP4XJz4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.58.32.0/20
Signature Algorithm: sha256WithRSAEncryption
11:7f:98:6f:4c:b4:cc:f6:7d:5f:12:7c:c5:6f:9d:99:0a:63:
d5:82:f2:e5:54:e7:29:d9:56:17:b3:32:46:0e:5e:e8:ff:c9:
3f:95:ce:43:a0:48:b5:fb:86:7e:02:eb:ed:e3:a0:97:14:3c:
c2:85:c7:82:0c:ec:00:17:db:af:90:99:58:5f:e1:7a:89:f0:
bb:05:ed:6d:4d:ab:a8:ea:31:42:9b:7b:c3:26:79:7a:92:66:
4b:8d:c3:2e:20:7d:a9:14:29:f6:c8:9e:2f:92:7f:6c:9f:ab:
b7:2f:5b:a7:ed:e1:0c:f7:0a:51:24:6a:eb:45:5e:d3:86:7d:
1c:82:f3:c9:fa:dc:82:5c:18:5a:5b:c4:fc:fd:59:ce:5e:1f:
60:87:72:b2:b0:fc:db:89:6c:dd:89:8b:1b:e4:0a:03:bf:f1:
15:af:5c:f9:97:68:88:08:ad:bd:a0:0f:a8:de:da:04:06:db:
69:45:1f:06:d0:88:a5:30:24:ca:b8:a2:6c:06:a4:e1:56:c1:
ac:85:37:2f:13:3c:ed:95:74:9b:c1:80:3e:94:a5:62:46:d0:
0b:33:0c:60:6c:b1:aa:f7:5d:28:14:e8:f8:c4:b8:37:24:ab:
96:f4:72:0f:b0:a3:a7:c9:8c:fa:e9:4c:64:32:41:79:6b:0f:
19:b0:df:98
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMTA5Mjkw
MjUzMDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQ4ODdBMTMwMTQyRjc1
MTk0MDkxN0M1MTQzMTdDRTc0RkUxNzI3M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzF0QGP6stEB9XosKJcwt7Q5j1REoMGy1yZI3ctZcZTMCMfHdN
j/taoygBqLbOWgVrHrxKHqYoQ/nSZJTZtWLT2RcQB3XNouNn/mBlSFv6kvMSqBYv
cYR3hSE8zQGhoaUQZRfyVBzQJXMgZjLG/ur9z94NfW7PgvFWD1Kew6jRDs8REsXe
NvqRzXLhnIwG9HFUdyhI1DmIPiMOO527AolYPDOVUc/p4lDaw+GITtUM/a4aznPV
rozjKRspI1//XixSSV1fxvHsIZoUV23Xp4VJuVfFQJ18T+0HqI5t+pBPUhMJ/wvK
JaKM0w+AL0BKeZbT7AQ8PiZrMkP67F6O8YapAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2IehMBQvdRlAkXxRQxfOdP4XJz4wHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC8ySWVoTUJRdmRSbEFrWHhSUXhm
T2RQNFhKejQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTog
MA0GCSqGSIb3DQEBCwUAA4IBAQARf5hvTLTM9n1fEnzFb52ZCmPVgvLlVOcp2VYX
szJGDl7o/8k/lc5DoEi1+4Z+Auvt46CXFDzChceCDOwAF9uvkJlYX+F6ifC7Be1t
Tauo6jFCm3vDJnl6kmZLjcMuIH2pFCn2yJ4vkn9sn6u3L1un7eEM9wpRJGrrRV7T
hn0cgvPJ+tyCXBhaW8T8/VnOXh9gh3KysPzbiWzdiYsb5AoDv/EVr1z5l2iICK29
oA+o3toEBttpRR8G0IilMCTKuKJsBqThVsGshTcvEzztlXSbwYA+lKViRtALMwxg
bLGq910oFOj4xLg3JKuW9HIPsKOnyYz66UxkMkF5aw8ZsN+Y
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:32 2023 by rpki-client on console-ams.rpki-client.org