Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/O5-kBdSJEnoOGZTRNQ3Nf4xKVts.roa
File: O5-kBdSJEnoOGZTRNQ3Nf4xKVts.roa (raw, json)
Hash identifier: sC8tEamWhzCi8/Nea0MXz2SG3cWwj6LXyCBs8L5bU/s=
Subject key identifier: 3B:9F:A4:05:D4:89:12:7A:0E:19:94:D1:35:0D:CD:7F:8C:4A:56:DB
Certificate issuer: /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial: 087E
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/O5-kBdSJEnoOGZTRNQ3Nf4xKVts.roa
Signing time: Wed 02 Dec 2020 02:00:47 +0000
ROA not before: Wed 02 Dec 2020 02:00:47 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 2914
IP address blocks: 61.58.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2174 (0x87e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Validity
Not Before: Dec 2 02:00:47 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3B9FA405D489127A0E1994D1350DCD7F8C4A56DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:10:74:f5:57:f7:21:ae:c3:7e:06:0f:83:cf:
1a:63:6d:eb:9c:9f:78:69:6d:58:2a:f8:26:14:ce:
78:ae:21:e2:d8:30:37:eb:64:53:bd:d9:86:8d:36:
7a:a2:a5:6d:dc:b4:9a:4c:f3:17:d7:de:b8:82:b7:
6d:d7:f3:10:93:2d:d2:fa:e6:78:68:d1:84:2a:08:
14:f6:51:be:3c:d9:8c:db:0e:43:99:85:a6:0e:df:
d5:28:9f:3f:6d:1c:3f:fb:39:5e:3c:77:cc:7e:dd:
76:62:d8:30:10:d1:90:49:fe:54:f7:04:5d:89:80:
e1:e8:b7:e5:aa:e3:83:88:db:63:6d:6e:34:23:d0:
d5:2c:25:7b:d2:3c:60:8a:19:50:3b:dc:fe:81:f4:
7c:98:11:28:e3:12:48:d0:e7:11:38:54:bc:90:e3:
c8:80:75:6f:ae:81:bd:36:73:7b:27:ab:a9:1b:45:
cd:72:3c:d5:ad:db:7e:d9:86:d4:19:0e:43:e6:a6:
56:2b:71:89:e2:68:94:0e:61:1f:96:8b:dd:01:ef:
aa:78:d8:71:57:5e:38:6f:ef:5f:22:9c:d0:ee:40:
c9:72:89:97:3d:9a:65:f7:70:16:31:73:56:1d:c6:
1c:2f:84:d1:d7:33:3d:97:fe:35:ef:10:75:17:09:
b4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9F:A4:05:D4:89:12:7A:0E:19:94:D1:35:0D:CD:7F:8C:4A:56:DB
X509v3 Authority Key Identifier:
keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/O5-kBdSJEnoOGZTRNQ3Nf4xKVts.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.58.32.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:71:df:93:9b:42:59:e5:79:5b:50:5f:39:24:76:f1:c8:af:
76:10:43:0d:f8:68:0f:8b:ca:9b:42:5e:2e:0f:05:5e:8f:96:
fa:0f:c7:c2:e8:ec:1e:38:fa:5f:56:17:96:c3:f3:ae:e1:af:
97:a8:43:99:38:88:56:cb:51:aa:45:8a:09:38:e0:64:2c:8c:
92:0e:ed:a9:ad:16:58:a8:7d:3a:f5:3d:cd:b9:4a:6a:fd:87:
51:4d:63:35:02:77:89:00:90:43:29:c8:1a:18:2e:4c:0b:1c:
9f:67:c2:8a:7d:15:c6:be:1f:5c:49:f1:d8:70:ca:e9:50:ea:
5e:3c:4f:5b:c1:c1:c1:57:1f:a4:21:97:da:69:21:6a:52:6c:
be:da:a2:56:97:c1:30:aa:c6:bd:f9:97:ce:c2:12:9a:4f:db:
51:ba:79:0f:08:9c:a6:85:f7:c6:19:b1:24:5d:17:e6:f7:f6:
8b:a7:de:fb:4e:11:67:84:0f:9b:b0:31:23:3b:7f:b9:8c:ae:
ba:5c:73:6c:7c:df:aa:dd:e8:77:3a:88:75:75:38:c4:7c:e4:
69:81:d8:f4:b9:2e:0d:e9:67:93:b5:a7:02:e4:4b:70:9f:f0:
05:65:c6:0d:d3:0f:5a:aa:ad:1b:eb:02:cc:ca:c6:21:29:85:
23:ef:f7:32
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCH4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMDEyMDIw
MjAwNDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNCOUZBNDA1RDQ4OTEy
N0EwRTE5OTREMTM1MERDRDdGOEM0QTU2REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCEHT1V/chrsN+Bg+Dzxpjbeucn3hpbVgq+CYUzniuIeLYMDfr
ZFO92YaNNnqipW3ctJpM8xfX3riCt23X8xCTLdL65nho0YQqCBT2Ub482YzbDkOZ
haYO39Uonz9tHD/7OV48d8x+3XZi2DAQ0ZBJ/lT3BF2JgOHot+Wq44OI22NtbjQj
0NUsJXvSPGCKGVA73P6B9HyYESjjEkjQ5xE4VLyQ48iAdW+ugb02c3snq6kbRc1y
PNWt237ZhtQZDkPmplYrcYniaJQOYR+Wi90B76p42HFXXjhv718inNDuQMlyiZc9
mmX3cBYxc1YdxhwvhNHXMz2X/jXvEHUXCbTLAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUO5+kBdSJEnoOGZTRNQ3Nf4xKVtswHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9PNS1rQmRTSkVub09HWlRSTlEz
TmY0eEtWdHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTog
MA0GCSqGSIb3DQEBCwUAA4IBAQCtcd+Tm0JZ5XlbUF85JHbxyK92EEMN+GgPi8qb
Ql4uDwVej5b6D8fC6OweOPpfVheWw/Ou4a+XqEOZOIhWy1GqRYoJOOBkLIySDu2p
rRZYqH069T3NuUpq/YdRTWM1AneJAJBDKcgaGC5MCxyfZ8KKfRXGvh9cSfHYcMrp
UOpePE9bwcHBVx+kIZfaaSFqUmy+2qJWl8Ewqsa9+ZfOwhKaT9tRunkPCJymhffG
GbEkXRfm9/aLp977ThFnhA+bsDEjO3+5jK66XHNsfN+q3eh3Ooh1dTjEfORpgdj0
uS4N6WeTtacC5Etwn/AFZcYN0w9aqq0b6wLMysYhKYUj7/cy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:44 2023 by rpki-client on console-fra.rpki-client.org