Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/MST7tZoRAEJvKxAtxSLp2x47Ro0.roa
File: MST7tZoRAEJvKxAtxSLp2x47Ro0.roa (raw, json)
Hash identifier: nh6KFa2AzzgxTf6y+f8qBSvxzgOfuWQYkRuwWvhVE3M=
Subject key identifier: 31:24:FB:B5:9A:11:00:42:6F:2B:10:2D:C5:22:E9:DB:1E:3B:46:8D
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 0FE3
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/MST7tZoRAEJvKxAtxSLp2x47Ro0.roa
Signing time: Sun 07 Feb 2021 12:36:31 +0000
ROA not before: Sun 07 Feb 2021 12:36:31 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24164
IP address blocks: 49.159.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4067 (0xfe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Feb 7 12:36:31 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3124FBB59A1100426F2B102DC522E9DB1E3B468D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d7:d9:22:31:bd:85:22:ef:f5:0f:44:1a:e4:
21:20:f1:71:86:e2:ce:bf:77:9f:55:79:7c:fb:58:
2e:2a:1e:18:20:5e:90:54:71:99:66:fb:8c:26:fc:
47:a1:f5:8c:0f:a0:a2:26:1a:8f:84:54:5e:89:e2:
a2:7c:8e:64:cb:c6:5d:5d:b3:17:23:14:5b:2e:a1:
e1:b2:42:b5:17:31:70:9e:71:ec:66:24:f6:f9:a8:
20:30:43:da:2f:14:c0:6a:89:2b:c6:b6:4c:53:46:
8d:90:e5:f5:16:8d:c9:e0:d5:30:bb:e7:ea:bc:b6:
9f:24:43:c0:ce:16:54:07:60:c9:cd:4a:7e:da:e6:
76:f0:8c:2e:1c:90:34:52:a4:7e:31:77:d0:d8:4d:
20:21:11:d7:b3:9e:7e:2a:b5:de:9d:55:c0:b4:86:
0e:ff:e0:e6:c5:49:b9:e3:a0:35:fa:31:01:52:c4:
89:5a:65:df:1a:d0:f7:96:e8:3f:42:ff:0c:59:8d:
4f:58:03:4c:d8:62:e2:8f:36:3c:b1:79:df:f5:74:
15:ab:5c:3c:ab:bb:51:a5:e0:d9:cb:df:b3:df:68:
57:ee:62:2a:0c:6b:cc:48:e6:85:ac:50:a5:55:40:
56:64:03:90:28:de:31:11:9e:90:c9:7a:ab:7b:2b:
bb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:24:FB:B5:9A:11:00:42:6F:2B:10:2D:C5:22:E9:DB:1E:3B:46:8D
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/MST7tZoRAEJvKxAtxSLp2x47Ro0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.159.128.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:0b:32:d6:67:77:6c:e4:d8:a3:a3:bd:3f:04:78:f5:3d:bf:
e5:8b:7f:42:99:5b:aa:89:78:4b:65:32:3d:b2:5d:86:4d:2e:
7b:c3:78:e6:cc:f9:98:7d:db:d1:88:df:42:fd:75:5a:3a:12:
16:b7:e8:aa:4c:5a:f8:cc:ba:60:ae:c0:ab:f6:0b:09:0f:3d:
c2:42:ba:bb:d7:7c:79:87:49:8a:e8:f8:ec:af:0d:bf:c9:62:
06:79:61:e1:dc:dc:d2:e6:60:27:28:e3:38:f0:3f:7b:d8:da:
1c:7b:e4:d8:c5:f2:70:1f:0a:b4:75:01:9d:d6:5f:87:91:3d:
36:55:ad:af:be:24:ad:06:f8:7b:e8:6f:3e:b2:fc:ce:99:80:
c1:e0:64:da:4a:29:ff:88:19:15:41:a3:27:af:f9:c2:f0:bb:
72:17:5b:6b:62:47:a2:a1:8d:5a:e4:0d:cf:db:f4:2d:02:9e:
05:16:2e:75:18:6a:26:03:6c:31:76:85:53:67:a7:3c:98:6f:
ca:5d:00:7c:54:9e:21:52:c3:6a:bf:59:1d:35:a4:1a:1a:26:
b6:39:06:41:03:07:35:31:9d:71:2b:c6:cd:63:92:70:49:2d:
de:aa:fb:27:c8:59:18:91:ae:ec:49:e7:44:06:f5:3b:4e:ff:
46:07:84:03
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICD+MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjM2MzFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDMxMjRGQkI1OUExMTAw
NDI2RjJCMTAyREM1MjJFOURCMUUzQjQ2OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC19kiMb2FIu/1D0Qa5CEg8XGG4s6/d59VeXz7WC4qHhggXpBU
cZlm+4wm/Eeh9YwPoKImGo+EVF6J4qJ8jmTLxl1dsxcjFFsuoeGyQrUXMXCecexm
JPb5qCAwQ9ovFMBqiSvGtkxTRo2Q5fUWjcng1TC75+q8tp8kQ8DOFlQHYMnNSn7a
5nbwjC4ckDRSpH4xd9DYTSAhEdeznn4qtd6dVcC0hg7/4ObFSbnjoDX6MQFSxIla
Zd8a0PeW6D9C/wxZjU9YA0zYYuKPNjyxed/1dBWrXDyru1Gl4NnL37PfaFfuYioM
a8xI5oWsUKVVQFZkA5Ao3jERnpDJeqt7K7uZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUMST7tZoRAEJvKxAtxSLp2x47Ro0wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL01TVDd0Wm9SQUVKdkt4QXR4
U0xwMng0N1JvMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n4AwDQYJKoZIhvcNAQELBQADggEBAG0LMtZnd2zk2KOjvT8EePU9v+WLf0KZW6qJ
eEtlMj2yXYZNLnvDeObM+Zh929GI30L9dVo6Eha36KpMWvjMumCuwKv2CwkPPcJC
urvXfHmHSYro+OyvDb/JYgZ5YeHc3NLmYCco4zjwP3vY2hx75NjF8nAfCrR1AZ3W
X4eRPTZVra++JK0G+Hvobz6y/M6ZgMHgZNpKKf+IGRVBoyev+cLwu3IXW2tiR6Kh
jVrkDc/b9C0CngUWLnUYaiYDbDF2hVNnpzyYb8pdAHxUniFSw2q/WR01pBoaJrY5
BkEDBzUxnXErxs1jknBJLd6q+yfIWRiRruxJ50QG9TtO/0YHhAM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:46 2024 by rpki-client on console-ams.rpki-client.org