Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/2PPOtmDDi1OOGzVEWtFqgjGx_5w.roa
File: 2PPOtmDDi1OOGzVEWtFqgjGx_5w.roa (raw, json)
Hash identifier: FXgoec/3cVWhoCRGK4S332NAWzaljXA6x+3zgcXtYak=
Subject key identifier: D8:F3:CE:B6:60:C3:8B:53:8E:1B:35:44:5A:D1:6A:82:31:B1:FF:9C
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 14FE
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/2PPOtmDDi1OOGzVEWtFqgjGx_5w.roa
Signing time: Thu 15 Sep 2022 02:36:13 +0000
ROA not before: Thu 15 Sep 2022 02:36:13 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 123.0.40.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5374 (0x14fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 15 02:36:13 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D8F3CEB660C38B538E1B35445AD16A8231B1FF9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:27:f6:c9:bf:f9:17:d1:20:ed:a1:0b:86:1e:
d2:be:55:ba:8e:95:2a:c4:39:22:12:e3:f1:e3:47:
2c:a8:0a:92:23:5c:e3:0b:57:af:ec:73:d7:99:e1:
fd:d4:e4:0f:fe:9d:84:d2:b1:92:9e:19:09:c5:09:
44:e1:32:f4:00:93:53:b9:22:82:e8:c6:c8:99:b5:
91:40:ec:a9:fa:ca:f1:dd:26:0c:ad:47:4c:38:af:
ba:2b:07:ec:ba:9a:cd:1a:a6:7f:b9:06:80:8f:6d:
50:fc:66:4e:95:2b:f1:98:81:aa:fd:09:31:75:3d:
08:53:42:3a:65:7a:57:33:2d:d5:f0:77:a4:99:e7:
91:01:7e:01:cf:14:0b:f8:22:1f:5d:79:39:7d:8d:
9d:07:f6:b4:8c:3f:e5:9a:95:00:fb:07:e9:4e:e0:
2e:63:23:74:bc:02:f2:32:9e:45:34:9b:80:e8:8f:
29:ea:33:9b:e1:06:10:c0:51:94:c6:5e:ef:a8:59:
8b:73:af:21:ea:5e:a3:a2:fe:92:65:15:22:2b:bf:
5d:5f:5a:60:4a:f1:3f:ad:e3:a3:d7:e5:90:7c:1c:
59:61:43:3c:4d:f2:7a:b0:ff:35:c1:ef:75:14:6e:
4e:fd:cf:1f:1c:9a:ec:1d:aa:bd:67:6c:c6:d0:77:
8b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F3:CE:B6:60:C3:8B:53:8E:1B:35:44:5A:D1:6A:82:31:B1:FF:9C
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/2PPOtmDDi1OOGzVEWtFqgjGx_5w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.0.40.0/23
Signature Algorithm: sha256WithRSAEncryption
89:1a:d0:2e:b2:68:89:aa:2a:20:5b:cc:8d:76:06:96:95:70:
0c:ed:12:bc:84:04:ce:49:dd:34:87:59:91:62:44:45:7b:00:
a2:aa:7d:51:b6:d9:a1:b5:72:29:50:6e:39:29:0e:8c:6d:ea:
de:47:de:ac:ea:86:64:7c:45:a0:f2:ea:f5:e5:26:53:8e:90:
ba:61:b3:ee:c4:42:c5:dd:80:8a:77:ca:a0:54:9f:7d:d0:2a:
b9:00:5c:a3:d8:87:5c:08:e7:c2:32:78:29:71:17:ef:20:4d:
9a:fe:06:87:c2:79:0c:44:36:f1:56:bb:34:37:7b:c1:df:a0:
6a:6c:f6:90:3d:b4:cc:29:11:d0:23:02:c8:10:d8:7d:52:a4:
11:93:90:72:19:45:67:c4:2a:be:df:88:a2:a9:92:05:8e:d2:
05:fb:b6:7b:ee:ad:9b:d6:c6:f6:89:4c:9d:00:eb:13:5c:20:
6a:d5:f7:8f:0d:d6:05:68:3a:5f:45:67:10:2b:3c:63:01:4c:
68:7b:b6:8b:57:37:d7:24:ce:82:b8:8f:72:f0:f1:7c:6c:cb:
3b:f1:35:71:50:a2:0c:5a:d1:cc:ed:6a:80:24:6a:0f:58:8b:
81:37:e9:52:c5:ef:1c:cf:99:20:6f:f8:6d:4a:6d:b3:da:5f:
ed:d0:20:15
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA5MTUw
MjM2MTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ4RjNDRUI2NjBDMzhC
NTM4RTFCMzU0NDVBRDE2QTgyMzFCMUZGOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/J/bJv/kX0SDtoQuGHtK+VbqOlSrEOSIS4/HjRyyoCpIjXOML
V6/sc9eZ4f3U5A/+nYTSsZKeGQnFCUThMvQAk1O5IoLoxsiZtZFA7Kn6yvHdJgyt
R0w4r7orB+y6ms0apn+5BoCPbVD8Zk6VK/GYgar9CTF1PQhTQjplelczLdXwd6SZ
55EBfgHPFAv4Ih9deTl9jZ0H9rSMP+WalQD7B+lO4C5jI3S8AvIynkU0m4Dojynq
M5vhBhDAUZTGXu+oWYtzryHqXqOi/pJlFSIrv11fWmBK8T+t46PX5ZB8HFlhQzxN
8nqw/zXB73UUbk79zx8cmuwdqr1nbMbQd4vFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2PPOtmDDi1OOGzVEWtFqgjGx/5wwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULzJQUE90bUREaTFPT0d6VkVX
dEZxZ2pHeF81dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAF7
ACgwDQYJKoZIhvcNAQELBQADggEBAIka0C6yaImqKiBbzI12BpaVcAztEryEBM5J
3TSHWZFiREV7AKKqfVG22aG1cilQbjkpDoxt6t5H3qzqhmR8RaDy6vXlJlOOkLph
s+7EQsXdgIp3yqBUn33QKrkAXKPYh1wI58IyeClxF+8gTZr+BofCeQxENvFWuzQ3
e8HfoGps9pA9tMwpEdAjAsgQ2H1SpBGTkHIZRWfEKr7fiKKpkgWO0gX7tnvurZvW
xvaJTJ0A6xNcIGrV948N1gVoOl9FZxArPGMBTGh7totXN9ckzoK4j3Lw8Xxsyzvx
NXFQogxa0cztaoAkag9Yi4E36VLF7xzPmSBv+G1KbbPaX+3QIBU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org