Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KKhJaeBBaXaqanP4XrTOfRufO3s.roa
File: KKhJaeBBaXaqanP4XrTOfRufO3s.roa (raw, json)
Hash identifier: NMHsxpIb83Qjh/lWC7sv49hVJffTVQ6WjGE3JSyuYYA=
Subject key identifier: 28:A8:49:69:E0:41:69:76:AA:6A:73:F8:5E:B4:CE:7D:1B:9F:3B:7B
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 12AD
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KKhJaeBBaXaqanP4XrTOfRufO3s.roa
Signing time: Wed 29 Sep 2021 02:54:51 +0000
ROA not before: Wed 29 Sep 2021 02:54:51 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24164
IP address blocks: 49.159.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4781 (0x12ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 29 02:54:51 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=28A84969E0416976AA6A73F85EB4CE7D1B9F3B7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:89:2e:bd:05:fd:53:dd:49:aa:b9:09:2f:37:
61:4a:a9:f1:eb:9b:1c:58:48:aa:62:30:ef:b0:fc:
5c:b6:8e:b4:1c:1d:15:a7:e2:66:bb:30:79:a1:da:
d5:46:ce:ab:bd:55:62:e5:46:68:cd:52:52:d5:47:
40:b2:de:50:fd:e9:77:6c:b9:3c:74:ca:13:67:08:
43:7a:22:06:af:11:da:f8:0f:e1:bf:58:14:1c:93:
47:2c:1d:7b:fb:de:52:39:cc:ac:c8:9d:0d:c7:42:
3d:fa:f1:bb:79:7c:d7:a3:3a:4a:6b:02:0e:e6:ef:
ef:1c:ec:5e:fd:4a:61:19:b4:8a:fe:d6:4f:98:8d:
19:d3:c9:2c:22:0a:7d:d1:43:5f:9c:93:e5:2c:e8:
c3:0c:f6:48:5e:df:7f:b0:13:ab:0d:07:86:ca:3a:
99:22:40:7b:ec:cd:d6:3a:36:52:4d:c3:fb:95:e8:
22:34:35:ea:ec:bb:0b:00:be:f2:66:a3:f0:92:3a:
42:71:aa:79:9a:31:ac:5a:21:aa:67:a0:60:41:e1:
35:e4:3e:5d:dc:30:a4:1a:fc:91:de:9e:0e:89:6e:
51:a2:75:01:4a:04:24:eb:18:1f:a9:c6:da:d4:a6:
87:38:bd:aa:63:ca:5c:a9:3d:19:4b:5d:74:cf:a3:
b0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A8:49:69:E0:41:69:76:AA:6A:73:F8:5E:B4:CE:7D:1B:9F:3B:7B
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KKhJaeBBaXaqanP4XrTOfRufO3s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.159.0.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:00:75:5b:a3:20:2f:03:19:74:7f:bb:d9:db:63:95:b8:97:
59:94:8e:ea:0b:ce:b8:dd:1d:98:65:5d:f1:1a:97:fa:75:8c:
aa:54:28:75:8f:6a:43:9f:0f:99:a2:c2:30:c8:ac:ac:45:24:
04:44:33:97:39:de:5c:2a:fd:60:b8:0a:cc:27:5a:54:10:3f:
be:e7:83:9a:b8:55:bc:89:65:42:e4:1c:7a:cc:1a:9d:d7:f4:
5e:92:4a:13:74:4c:73:51:38:fe:be:3b:1e:c4:de:25:c0:97:
6f:d9:f7:5d:c3:5b:4d:b4:8a:a9:b1:a2:b6:07:8b:53:a1:49:
1e:a8:76:cc:21:0d:fd:39:b6:dd:7b:19:b5:2e:ce:a8:50:bc:
84:e4:02:f6:f8:9d:b1:f9:5f:1c:61:8b:5e:1a:ef:14:b1:f9:
f0:b2:54:60:d6:81:f8:da:bd:f9:ce:47:1f:06:64:1d:36:c4:
a7:4e:32:17:07:35:3d:2a:34:9f:49:31:64:10:44:dd:cf:cb:
5a:44:e3:06:cb:73:20:d0:28:ea:ec:e7:5a:44:f8:d8:c1:61:
26:69:4b:30:ea:8a:8a:16:47:31:77:a7:c5:e8:ee:2d:0f:84:
a5:97:d2:1b:17:a9:ad:74:ac:e0:b5:83:a3:2a:b2:d0:3f:c5:
24:2c:56:ce
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEq0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0NTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI4QTg0OTY5RTA0MTY5
NzZBQTZBNzNGODVFQjRDRTdEMUI5RjNCN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqiS69Bf1T3UmquQkvN2FKqfHrmxxYSKpiMO+w/Fy2jrQcHRWn
4ma7MHmh2tVGzqu9VWLlRmjNUlLVR0Cy3lD96XdsuTx0yhNnCEN6IgavEdr4D+G/
WBQck0csHXv73lI5zKzInQ3HQj368bt5fNejOkprAg7m7+8c7F79SmEZtIr+1k+Y
jRnTySwiCn3RQ1+ck+Us6MMM9khe33+wE6sNB4bKOpkiQHvszdY6NlJNw/uV6CI0
NersuwsAvvJmo/CSOkJxqnmaMaxaIapnoGBB4TXkPl3cMKQa/JHeng6JblGidQFK
BCTrGB+pxtrUpoc4vapjylypPRlLXXTPo7BHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKKhJaeBBaXaqanP4XrTOfRufO3swHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0tLaEphZUJCYVhhcWFuUDRY
clRPZlJ1Zk8zcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
nwAwDQYJKoZIhvcNAQELBQADggEBABoAdVujIC8DGXR/u9nbY5W4l1mUjuoLzrjd
HZhlXfEal/p1jKpUKHWPakOfD5miwjDIrKxFJAREM5c53lwq/WC4CswnWlQQP77n
g5q4VbyJZULkHHrMGp3X9F6SShN0THNROP6+Ox7E3iXAl2/Z913DW020iqmxorYH
i1OhSR6odswhDf05tt17GbUuzqhQvITkAvb4nbH5Xxxhi14a7xSx+fCyVGDWgfja
vfnORx8GZB02xKdOMhcHNT0qNJ9JMWQQRN3Py1pE4wbLcyDQKOrs51pE+NjBYSZp
SzDqiooWRzF3p8Xo7i0PhKWX0hsXqa10rOC1g6MqstA/xSQsVs4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:03 2024 by rpki-client on console-fra.rpki-client.org