Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/K4jzVmTGGFwE3qRhUqN4ofqtevo.roa
File: K4jzVmTGGFwE3qRhUqN4ofqtevo.roa (raw, json)
Hash identifier: Qq2lR9dMncoQxetMJlhaQ3w/1eWusGIR9PxAvByhO00=
Subject key identifier: 2B:88:F3:56:64:C6:18:5C:04:DE:A4:61:52:A3:78:A1:FA:AD:7A:FA
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 14C9
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/K4jzVmTGGFwE3qRhUqN4ofqtevo.roa
Signing time: Wed 07 Sep 2022 03:39:24 +0000
ROA not before: Wed 07 Sep 2022 03:39:24 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 49.159.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5321 (0x14c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 7 03:39:24 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2B88F35664C6185C04DEA46152A378A1FAAD7AFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3f:c0:c6:00:32:5c:b4:b7:0f:37:6b:9f:e5:
e2:d0:41:79:2f:e3:b8:16:3d:c1:6c:e5:3a:3f:05:
e2:89:7b:ee:11:ae:7e:3d:06:c5:6b:b9:0c:a8:1c:
4f:fa:15:35:12:bf:9f:92:b2:d3:b9:94:c2:b5:5c:
29:67:10:12:52:be:87:e4:6f:65:88:6d:90:18:ea:
02:ae:55:b4:9a:13:d9:b0:bd:81:cd:97:74:d0:88:
b2:6b:6e:b2:18:8d:ce:50:a1:e8:79:c4:ec:db:a6:
8d:6c:43:4b:10:13:b0:3e:fb:0c:c8:b5:86:90:d9:
ec:4e:66:3f:18:54:85:26:06:24:f2:a3:c6:5f:7c:
5d:03:d5:52:91:81:1f:98:f2:96:a7:5f:0a:84:6a:
95:90:9f:34:e8:b5:22:2d:b8:52:58:65:0e:e2:1c:
fd:eb:11:f9:29:1d:8f:5e:23:a9:53:d2:b1:6c:b0:
c7:ce:39:ca:08:40:a0:11:2b:c1:c8:ba:eb:fa:f2:
bf:a6:9a:ad:70:ca:1f:af:f9:71:71:45:37:5f:e8:
e2:17:ae:3c:ac:60:e3:86:9c:a4:d4:86:fc:a2:f8:
be:b2:97:56:61:1e:c9:1e:f8:94:b3:74:2d:9e:1b:
78:8a:f8:62:f2:a1:5a:38:d4:19:62:72:14:b6:a7:
9c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:88:F3:56:64:C6:18:5C:04:DE:A4:61:52:A3:78:A1:FA:AD:7A:FA
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/K4jzVmTGGFwE3qRhUqN4ofqtevo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.159.232.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:f6:fb:be:bf:65:f2:83:c6:0b:5b:3b:38:35:e3:54:fc:e4:
a8:40:09:a9:a5:5a:f3:4e:f9:e0:61:0a:37:ed:bf:bc:59:80:
d2:45:ae:78:0f:0d:37:ba:f8:39:b3:ca:60:e9:38:57:94:fc:
b0:ce:5a:44:7b:ca:93:f5:f4:e1:fb:ed:9c:d4:c1:47:8b:d1:
00:99:53:de:03:72:72:10:9a:ab:4f:31:af:ee:3d:28:7a:45:
0e:ae:2d:a4:fb:e9:5c:4f:2f:ca:8d:bb:b6:7a:f7:ef:20:1e:
1d:9e:fd:3e:dc:24:31:ef:cc:32:81:2e:cc:b3:4a:d6:bd:59:
79:32:a0:06:55:85:71:4f:94:b8:05:8f:fd:81:ba:9c:fd:be:
3e:4c:94:eb:ca:75:79:c7:cd:5b:72:25:34:60:c2:a2:39:3b:
f4:4e:62:d3:8d:70:d5:d6:c7:f3:42:33:5e:b6:50:78:d0:1f:
92:7f:41:da:74:14:14:40:6f:f1:1d:1f:2a:2a:7f:0d:46:a3:
71:8f:ea:7e:68:57:8c:34:04:76:cf:88:f2:9b:2e:e9:d8:6f:
47:35:33:ab:ec:3e:b5:e5:37:49:12:c9:b7:5d:66:1a:75:f5:
1b:27:a0:2f:91:c6:a7:1a:8a:c8:7f:8a:cb:ba:1d:cd:81:02:
7c:89:5f:58
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA5MDcw
MzM5MjRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJCODhGMzU2NjRDNjE4
NUMwNERFQTQ2MTUyQTM3OEExRkFBRDdBRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9P8DGADJctLcPN2uf5eLQQXkv47gWPcFs5To/BeKJe+4Rrn49
BsVruQyoHE/6FTUSv5+SstO5lMK1XClnEBJSvofkb2WIbZAY6gKuVbSaE9mwvYHN
l3TQiLJrbrIYjc5Qoeh5xOzbpo1sQ0sQE7A++wzItYaQ2exOZj8YVIUmBiTyo8Zf
fF0D1VKRgR+Y8panXwqEapWQnzTotSItuFJYZQ7iHP3rEfkpHY9eI6lT0rFssMfO
OcoIQKARK8HIuuv68r+mmq1wyh+v+XFxRTdf6OIXrjysYOOGnKTUhvyi+L6yl1Zh
Hske+JSzdC2eG3iK+GLyoVo41BlichS2p5wtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUK4jzVmTGGFwE3qRhUqN4ofqtevowHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0s0anpWbVRHR0Z3RTNxUmhV
cU40b2ZxdGV2by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n+gwDQYJKoZIhvcNAQELBQADggEBADz2+76/ZfKDxgtbOzg141T85KhACamlWvNO
+eBhCjftv7xZgNJFrngPDTe6+DmzymDpOFeU/LDOWkR7ypP19OH77ZzUwUeL0QCZ
U94DcnIQmqtPMa/uPSh6RQ6uLaT76VxPL8qNu7Z69+8gHh2e/T7cJDHvzDKBLsyz
Sta9WXkyoAZVhXFPlLgFj/2Bupz9vj5MlOvKdXnHzVtyJTRgwqI5O/ROYtONcNXW
x/NCM162UHjQH5J/Qdp0FBRAb/EdHyoqfw1Go3GP6n5oV4w0BHbPiPKbLunYb0c1
M6vsPrXlN0kSybddZhp19RsnoC+Rxqcaish/isu6Hc2BAnyJX1g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:03 2024 by rpki-client on console-fra.rpki-client.org