Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CDn2Ncel80OwW9K3ZhvqC5v2yF4.roa
File: CDn2Ncel80OwW9K3ZhvqC5v2yF4.roa (raw, json)
Hash identifier: BMUfRnwtJnUaOF8qEg+kaV1Phmc2Wos4Ixf20vDuXF8=
Subject key identifier: 08:39:F6:35:C7:A5:F3:43:B0:5B:D2:B7:66:1B:EA:0B:9B:F6:C8:5E
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 1758
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CDn2Ncel80OwW9K3ZhvqC5v2yF4.roa
Signing time: Sat 22 Oct 2022 05:36:09 +0000
ROA not before: Sat 22 Oct 2022 05:36:09 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 123.0.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5976 (0x1758)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Oct 22 05:36:09 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0839F635C7A5F343B05BD2B7661BEA0B9BF6C85E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e8:9b:26:ba:ab:bd:87:72:75:73:b9:3b:82:
73:72:9f:11:b3:a1:93:9e:4d:e4:84:94:70:31:da:
3b:99:7f:b7:99:51:46:d0:3d:09:6c:8e:6b:1c:09:
ca:fb:52:3e:68:2c:fa:ab:1a:9a:ba:c0:52:eb:94:
67:12:37:38:5e:00:7a:13:a5:8f:5f:98:4b:40:7f:
cb:cb:44:96:18:50:2c:a3:fa:14:8e:b3:e7:c5:9b:
a7:61:4e:f8:42:9a:34:c8:a4:38:8a:23:bb:18:1c:
a4:e1:85:d4:7d:d1:41:6f:f9:ee:9d:97:91:eb:57:
4a:d6:9e:89:81:96:b9:a7:8a:1a:50:72:3b:e8:79:
49:8b:0b:be:f2:d8:7d:aa:1b:39:ce:b5:80:71:a7:
ab:67:ab:b9:db:b6:26:e1:cc:ae:9f:70:da:d3:4a:
54:8c:a2:8a:21:e7:9f:d3:3c:70:cb:ec:98:c7:34:
71:2d:22:15:3b:71:5f:c8:a2:a2:d4:06:dc:d6:bc:
62:fd:83:82:0d:27:00:af:45:1e:2f:1c:88:85:4d:
c8:08:78:6d:df:d9:5f:ae:98:7c:da:d5:47:ca:15:
74:95:5e:fb:7f:71:71:93:0e:8e:cf:27:e8:60:37:
67:6d:2d:50:48:ee:13:f7:d9:1e:91:62:89:2f:6c:
1c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:39:F6:35:C7:A5:F3:43:B0:5B:D2:B7:66:1B:EA:0B:9B:F6:C8:5E
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CDn2Ncel80OwW9K3ZhvqC5v2yF4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.0.45.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:9b:fb:07:13:6d:c3:ab:9a:d2:e2:df:22:8c:80:43:e0:da:
94:e0:0a:0a:74:56:53:a3:1e:d3:10:de:28:f5:e4:e1:0a:d0:
10:ab:8b:4a:b0:92:17:b0:dd:9b:5a:81:4a:fc:71:00:bf:a5:
fe:fd:ed:aa:73:c7:dd:98:a8:0f:d8:5e:ba:54:d6:35:4d:5d:
72:99:99:90:1f:7c:bf:9f:34:3a:7f:bf:9c:73:4d:70:81:4a:
ca:90:1a:8c:10:e2:9b:48:4b:ea:d5:1c:de:3a:0c:af:bd:24:
ae:3e:20:73:5e:3d:44:cd:9c:41:d1:d7:dc:3a:34:17:39:89:
ee:99:d0:3a:95:ac:34:96:63:bf:f7:bb:ea:9c:a4:16:bf:38:
24:61:ec:93:a3:41:bb:0b:51:78:00:1a:c4:58:07:37:8a:aa:
4d:d8:51:d3:4f:35:69:1a:93:52:f3:a7:92:ed:c1:f8:a7:ef:
c1:80:1e:03:b2:5a:a8:e9:e3:11:91:38:f0:b7:21:55:0a:f2:
0c:54:13:08:79:f6:8e:f8:a0:81:cb:53:f3:b8:d6:98:3a:fc:
34:69:7b:36:94:b9:59:82:ef:05:d1:68:a1:2d:7f:ee:20:81:
c3:7b:50:86:54:04:87:47:5d:52:a7:22:92:d7:ee:59:46:4e:
e8:f8:bb:b6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF1gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NTM2MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA4MzlGNjM1QzdBNUYz
NDNCMDVCRDJCNzY2MUJFQTBCOUJGNkM4NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD6Jsmuqu9h3J1c7k7gnNynxGzoZOeTeSElHAx2juZf7eZUUbQ
PQlsjmscCcr7Uj5oLPqrGpq6wFLrlGcSNzheAHoTpY9fmEtAf8vLRJYYUCyj+hSO
s+fFm6dhTvhCmjTIpDiKI7sYHKThhdR90UFv+e6dl5HrV0rWnomBlrmnihpQcjvo
eUmLC77y2H2qGznOtYBxp6tnq7nbtibhzK6fcNrTSlSMoooh55/TPHDL7JjHNHEt
IhU7cV/IoqLUBtzWvGL9g4INJwCvRR4vHIiFTcgIeG3f2V+umHza1UfKFXSVXvt/
cXGTDo7PJ+hgN2dtLVBI7hP32R6RYokvbBwTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCDn2Ncel80OwW9K3ZhvqC5v2yF4wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0NEbjJOY2VsODBPd1c5SzNa
aHZxQzV2MnlGNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB7
AC0wDQYJKoZIhvcNAQELBQADggEBAC6b+wcTbcOrmtLi3yKMgEPg2pTgCgp0VlOj
HtMQ3ij15OEK0BCri0qwkhew3ZtagUr8cQC/pf797apzx92YqA/YXrpU1jVNXXKZ
mZAffL+fNDp/v5xzTXCBSsqQGowQ4ptIS+rVHN46DK+9JK4+IHNePUTNnEHR19w6
NBc5ie6Z0DqVrDSWY7/3u+qcpBa/OCRh7JOjQbsLUXgAGsRYBzeKqk3YUdNPNWka
k1Lzp5Ltwfin78GAHgOyWqjp4xGROPC3IVUK8gxUEwh59o74oIHLU/O41pg6/DRp
ezaUuVmC7wXRaKEtf+4ggcN7UIZUBIdHXVKnIpLX7llGTuj4u7Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:45 2024 by rpki-client on console-ams.rpki-client.org