Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Fn0dmnfuUAUCNG0P0gml9Nusgr4.roa
File: Fn0dmnfuUAUCNG0P0gml9Nusgr4.roa (raw, json)
Hash identifier: UD0VrkdD3aLvaQJJr8jbcPbXyByhtauw4Oc4WoR3lc8=
Subject key identifier: 16:7D:1D:9A:77:EE:50:05:02:34:6D:0F:D2:09:A5:F4:DB:AC:82:BE
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 18BC
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Fn0dmnfuUAUCNG0P0gml9Nusgr4.roa
Signing time: Sat 22 Oct 2022 06:03:06 +0000
ROA not before: Sat 22 Oct 2022 06:03:06 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 49.159.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6332 (0x18bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Oct 22 06:03:06 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=167D1D9A77EE500502346D0FD209A5F4DBAC82BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:77:20:c9:97:3d:e6:69:e1:ea:d6:c7:c5:96:
ad:3f:65:f5:42:b5:44:2d:5e:7f:a3:75:f1:fd:dd:
ae:c4:de:ee:e0:0b:c6:9c:e6:7c:24:22:5d:e8:14:
9c:41:92:37:60:5b:79:25:25:4a:54:8f:4a:06:5b:
2f:32:81:5c:bc:4d:52:bb:da:ad:27:d2:fd:39:c8:
8d:4a:b1:63:67:2d:97:8a:4a:d0:da:1f:fa:a5:65:
c2:16:5b:38:df:5e:76:90:01:cf:8f:c6:e7:c7:61:
11:c8:1a:b8:54:70:bf:ee:89:ca:84:df:69:05:11:
ce:d0:24:57:df:76:25:b0:fe:67:bb:05:f1:15:c2:
54:ff:f5:0b:86:c3:92:bb:55:fc:cd:76:57:7f:e3:
25:a3:ca:50:ae:ab:a2:d3:79:0c:e2:9d:99:87:71:
99:97:24:62:90:94:b5:aa:e1:cf:2a:f5:14:4b:b2:
2a:78:9a:98:4c:95:2d:bc:6c:c9:02:26:41:2f:c5:
26:fe:b3:9b:c3:e0:79:2c:c9:f3:cb:98:13:66:f2:
36:59:e4:8d:7e:25:bb:22:88:8a:8e:bd:8d:13:64:
14:57:f0:53:5b:4a:fd:0a:d8:b1:6f:45:68:bc:2a:
39:ef:47:e1:bb:84:ca:97:ab:d8:0b:06:f1:72:e3:
a5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7D:1D:9A:77:EE:50:05:02:34:6D:0F:D2:09:A5:F4:DB:AC:82:BE
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Fn0dmnfuUAUCNG0P0gml9Nusgr4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.159.0.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:10:59:ab:c3:1f:ef:fd:32:2e:bd:28:75:b4:16:81:cc:ae:
72:ae:13:70:e2:1c:ad:16:b6:ee:70:05:50:12:af:4a:ae:b3:
19:d2:9a:75:26:f7:91:58:a7:bb:7d:e0:bf:2d:3f:8b:f7:8c:
b7:b3:42:1f:02:f2:1c:b3:9e:33:e6:d9:f4:22:3d:07:45:5b:
14:06:6f:3d:75:08:fe:92:2f:25:6f:d1:0a:d9:2e:44:09:31:
1a:f6:f2:81:76:9e:36:76:e9:5f:d0:d4:0a:36:08:7d:48:30:
b5:84:1f:e5:aa:55:58:df:fe:bc:34:4a:4c:05:b5:de:50:53:
5f:b5:92:2b:76:50:71:c1:1e:cc:7c:b2:1e:76:68:7b:2c:b3:
04:b1:f9:62:21:38:41:ca:6f:0f:e6:25:d7:1d:4d:42:d5:3c:
a7:aa:65:9f:8a:83:c7:aa:a1:d2:af:7a:93:72:8a:d0:87:e3:
c2:a8:97:e5:02:a0:f0:2d:a3:51:b0:1a:c3:37:51:de:8b:de:
5c:33:2d:df:25:af:b3:81:ee:34:c5:5d:f5:f9:c3:1f:2f:f7:
18:c7:fb:7f:7b:70:34:2b:b6:d7:e1:26:04:af:51:e0:98:91:
b5:05:11:9e:b3:b1:40:1b:d7:d4:4f:ff:cf:9b:28:6f:1e:cf:
1f:06:a4:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGLwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjAzMDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDE2N0QxRDlBNzdFRTUw
MDUwMjM0NkQwRkQyMDlBNUY0REJBQzgyQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9dyDJlz3maeHq1sfFlq0/ZfVCtUQtXn+jdfH93a7E3u7gC8ac
5nwkIl3oFJxBkjdgW3klJUpUj0oGWy8ygVy8TVK72q0n0v05yI1KsWNnLZeKStDa
H/qlZcIWWzjfXnaQAc+PxufHYRHIGrhUcL/uicqE32kFEc7QJFffdiWw/me7BfEV
wlT/9QuGw5K7VfzNdld/4yWjylCuq6LTeQzinZmHcZmXJGKQlLWq4c8q9RRLsip4
mphMlS28bMkCJkEvxSb+s5vD4HksyfPLmBNm8jZZ5I1+JbsiiIqOvY0TZBRX8FNb
Sv0K2LFvRWi8KjnvR+G7hMqXq9gLBvFy46XxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUFn0dmnfuUAUCNG0P0gml9Nusgr4wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0ZuMGRtbmZ1VUFVQ05HMFAw
Z21sOU51c2dyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
nwAwDQYJKoZIhvcNAQELBQADggEBAJ8QWavDH+/9Mi69KHW0FoHMrnKuE3DiHK0W
tu5wBVASr0qusxnSmnUm95FYp7t94L8tP4v3jLezQh8C8hyznjPm2fQiPQdFWxQG
bz11CP6SLyVv0QrZLkQJMRr28oF2njZ26V/Q1Ao2CH1IMLWEH+WqVVjf/rw0SkwF
td5QU1+1kit2UHHBHsx8sh52aHssswSx+WIhOEHKbw/mJdcdTULVPKeqZZ+Kg8eq
odKvepNyitCH48Kol+UCoPAto1GwGsM3Ud6L3lwzLd8lr7OB7jTFXfX5wx8v9xjH
+397cDQrttfhJgSvUeCYkbUFEZ6zsUAb19RP/8+bKG8ezx8GpAY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:02 2024 by rpki-client on console-fra.rpki-client.org