Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/MVVuRmGJe7qbH8ykfxaiO1q_ank.roa
File: MVVuRmGJe7qbH8ykfxaiO1q_ank.roa (raw, json)
Hash identifier: Qa1FUhm7pRbE2I5JCIKSK0jG4CRqfCFoCVjb1FzsitA=
Subject key identifier: 31:55:6E:46:61:89:7B:BA:9B:1F:CC:A4:7F:16:A2:3B:5A:BF:6A:79
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 14FE
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/MVVuRmGJe7qbH8ykfxaiO1q_ank.roa
Signing time: Thu 15 Sep 2022 02:36:42 +0000
ROA not before: Thu 15 Sep 2022 02:36:42 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 49.158.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5374 (0x14fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 15 02:36:42 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=31556E4661897BBA9B1FCCA47F16A23B5ABF6A79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e3:2f:93:21:de:30:dd:64:1d:90:2c:14:86:
67:72:af:b0:8f:6d:39:c5:d8:34:4d:dd:b5:2c:f8:
a3:cb:62:bb:81:04:40:f6:26:fa:15:24:d0:27:1b:
c9:11:43:1d:54:cf:8a:f0:8b:79:25:bd:72:eb:48:
94:29:4d:a0:52:06:32:2f:2a:43:1e:e3:a5:2d:d9:
d7:8e:cf:a3:b4:60:12:41:56:a3:51:e4:95:b1:56:
46:19:2c:df:ed:59:c9:e1:a2:62:bf:d8:22:e4:e8:
6e:42:3f:c8:c5:57:ae:ca:dc:df:b0:90:e5:97:e2:
69:9e:29:f9:31:2e:63:f7:6a:23:5a:73:d9:cb:c4:
18:7b:8d:4f:ff:f7:f7:3c:fd:21:9b:07:4a:cd:e1:
5b:61:fa:12:2a:72:47:32:ae:53:a2:e2:29:5a:c3:
32:03:08:77:5a:ae:e2:24:db:30:d3:14:e2:8c:c6:
e0:3a:19:cf:4e:f9:19:78:04:ca:0b:16:60:a1:ef:
8e:45:f5:2f:cb:2a:9a:f2:95:87:c7:c4:3a:1c:f3:
d5:36:64:14:41:50:90:35:99:9a:19:9d:0b:cf:f3:
50:9e:3b:8e:2f:23:56:a4:5c:6b:32:d5:f3:6b:23:
a3:25:51:30:80:ad:13:a9:a8:9a:28:30:a4:8a:c2:
e4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:55:6E:46:61:89:7B:BA:9B:1F:CC:A4:7F:16:A2:3B:5A:BF:6A:79
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/MVVuRmGJe7qbH8ykfxaiO1q_ank.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.24.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:86:c6:b3:28:61:f0:5e:82:84:42:4f:f5:69:b2:ad:15:ea:
64:6c:8c:4c:cd:90:0e:62:75:71:e0:f1:07:b8:92:a7:2d:06:
ca:0f:1d:6e:90:54:f6:a3:99:29:5c:c0:a8:19:e1:d3:be:81:
d1:82:28:58:19:9f:a9:e4:f1:fa:38:da:bf:8d:e9:d5:e7:dd:
47:4a:6b:82:cd:da:92:85:64:ad:a1:a2:79:55:e1:8d:e3:ae:
9a:4c:56:09:6f:33:14:c9:28:b6:9b:af:ef:b9:e4:a5:6b:5e:
d5:7f:bf:f7:06:b7:57:df:38:85:30:f7:3e:39:13:68:d6:4d:
c0:75:da:ef:4d:b0:47:42:a5:5a:29:eb:71:d0:11:97:41:d0:
21:e3:07:ec:44:b9:5b:ad:97:37:dc:30:b3:9d:99:06:a0:cc:
dc:8f:e8:4d:8d:8c:63:1b:6e:51:1e:fb:c6:6b:ac:27:0a:7b:
cf:fd:ce:37:80:fc:ba:4a:12:a8:eb:40:58:0a:e3:4f:d7:8a:
4f:39:b7:08:47:b3:3b:c5:42:d5:f9:69:90:d4:1e:79:18:dd:
43:64:a9:a3:6e:96:58:4e:f6:c0:62:c6:95:ab:80:0e:61:cb:
65:bc:1c:f2:61:9f:f9:e9:67:42:2f:7b:22:c7:c8:87:7a:e9:
98:62:aa:12
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA5MTUw
MjM2NDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMxNTU2RTQ2NjE4OTdC
QkE5QjFGQ0NBNDdGMTZBMjNCNUFCRjZBNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD4y+TId4w3WQdkCwUhmdyr7CPbTnF2DRN3bUs+KPLYruBBED2
JvoVJNAnG8kRQx1Uz4rwi3klvXLrSJQpTaBSBjIvKkMe46Ut2deOz6O0YBJBVqNR
5JWxVkYZLN/tWcnhomK/2CLk6G5CP8jFV67K3N+wkOWX4mmeKfkxLmP3aiNac9nL
xBh7jU//9/c8/SGbB0rN4Vth+hIqckcyrlOi4ilawzIDCHdaruIk2zDTFOKMxuA6
Gc9O+Rl4BMoLFmCh745F9S/LKprylYfHxDoc89U2ZBRBUJA1mZoZnQvP81CeO44v
I1akXGsy1fNrI6MlUTCArROpqJooMKSKwuSpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUMVVuRmGJe7qbH8ykfxaiO1q/ankwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL01WVnVSbUdKZTdxYkg4eWtm
eGFpTzFxX2Fuay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nhgwDQYJKoZIhvcNAQELBQADggEBAKCGxrMoYfBegoRCT/Vpsq0V6mRsjEzNkA5i
dXHg8Qe4kqctBsoPHW6QVPajmSlcwKgZ4dO+gdGCKFgZn6nk8fo42r+N6dXn3UdK
a4LN2pKFZK2honlV4Y3jrppMVglvMxTJKLabr++55KVrXtV/v/cGt1ffOIUw9z45
E2jWTcB12u9NsEdCpVop63HQEZdB0CHjB+xEuVutlzfcMLOdmQagzNyP6E2NjGMb
blEe+8ZrrCcKe8/9zjeA/LpKEqjrQFgK40/Xik85twhHszvFQtX5aZDUHnkY3UNk
qaNullhO9sBixpWrgA5hy2W8HPJhn/npZ0IveyLHyId66ZhiqhI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:03 2024 by rpki-client on console-fra.rpki-client.org