Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OY0uyiFz3wMIWG8JuvzmXHZHQNw.roa
File: OY0uyiFz3wMIWG8JuvzmXHZHQNw.roa (raw, json)
Hash identifier: oXEuYBpBYj/oPSbkWWW7x30oOmttHdmu0nCqfjt9Kxc=
Subject key identifier: 39:8D:2E:CA:21:73:DF:03:08:58:6F:09:BA:FC:E6:5C:76:47:40:DC
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 1987
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OY0uyiFz3wMIWG8JuvzmXHZHQNw.roa
Signing time: Sat 22 Oct 2022 06:06:38 +0000
ROA not before: Sat 22 Oct 2022 06:06:38 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24165
IP address blocks: 49.158.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6535 (0x1987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Oct 22 06:06:38 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=398D2ECA2173DF0308586F09BAFCE65C764740DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:ef:2f:c7:1c:29:65:a1:f4:7b:85:18:68:
fd:55:29:4c:2c:18:5c:90:89:e6:92:0b:e6:30:8e:
ef:7c:23:bf:b4:8b:a2:8f:78:f1:a8:d7:5f:4c:13:
b6:cb:e7:fa:a2:31:2d:fe:7c:7a:67:a0:89:eb:3f:
b9:c9:b3:7c:ad:1a:37:1a:a6:d7:40:63:59:6f:f3:
c3:6f:d7:ea:ef:a1:78:bc:aa:e3:85:3c:e1:37:65:
5f:17:af:79:a3:64:0f:43:09:1d:31:35:0e:91:d6:
7a:44:37:4a:e0:26:93:f7:9a:3f:7e:2f:c2:64:3c:
7c:a0:96:cf:27:f6:82:00:13:28:1a:5e:06:fd:4d:
6d:f9:b7:36:bb:2e:a8:ca:5e:aa:5e:79:b0:bd:e4:
79:3e:e8:67:4b:57:6a:d2:aa:19:94:e1:d9:ae:2e:
78:e9:24:26:2c:a5:fb:a2:2d:a7:74:ea:07:8e:0b:
58:7e:7c:8a:de:9a:ff:fa:36:b4:0b:00:60:c1:7f:
2b:26:df:86:eb:d5:48:7b:52:71:8b:37:fc:fd:5e:
77:4e:0a:b9:02:a4:94:bd:34:d2:65:4c:08:2e:7e:
c6:18:31:64:66:a7:83:32:79:54:60:b4:69:b1:54:
97:0a:0d:60:1c:9d:b1:4c:be:e5:b8:09:37:a2:99:
1b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8D:2E:CA:21:73:DF:03:08:58:6F:09:BA:FC:E6:5C:76:47:40:DC
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OY0uyiFz3wMIWG8JuvzmXHZHQNw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.224.0/21
Signature Algorithm: sha256WithRSAEncryption
74:bb:b1:78:8a:14:92:b7:e5:c2:5e:51:85:af:28:c0:18:88:
dc:06:42:3a:9d:2d:f3:77:14:b9:dc:8e:f1:8d:0e:6a:d9:d2:
e1:56:01:3a:5c:a3:6e:36:e9:a0:17:8d:95:6a:0d:f4:6f:cc:
c6:34:4d:ef:98:41:b5:50:e5:36:3d:0c:87:43:99:71:c3:5c:
10:f6:ad:e2:02:71:df:29:49:29:1a:53:1c:ba:d5:d0:65:1b:
6e:c0:be:49:16:e4:9d:3a:e5:10:76:51:b8:c3:1a:43:38:9f:
a7:01:d3:98:9f:95:a8:10:78:75:88:98:02:03:ba:84:47:89:
f4:74:ba:02:48:9e:6f:38:27:22:94:66:17:8f:e7:0a:8e:1f:
20:03:b0:37:28:f2:ba:91:be:60:30:31:09:c7:ad:48:fc:eb:
6e:c3:3c:98:59:f8:7f:1e:b3:65:6d:c3:9e:bf:fd:f6:74:d7:
a0:21:3e:3f:79:7d:d3:f5:a8:2e:ce:6c:d6:d8:c3:64:59:6f:
b8:49:3c:cf:0f:cc:be:6d:ad:a6:c7:7a:d4:1f:a2:7a:17:08:
3b:ba:e5:8e:9b:ab:28:dc:d7:c9:87:9d:3f:ee:6d:16:4b:8e:
81:df:d5:0a:90:16:e8:1e:18:3a:77:7d:8a:c3:9c:b3:7f:ad:
1a:26:bf:77
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGYcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA2MzhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM5OEQyRUNBMjE3M0RG
MDMwODU4NkYwOUJBRkNFNjVDNzY0NzQwREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Fu8vxxwpZaH0e4UYaP1VKUwsGFyQieaSC+Ywju98I7+0i6KP
ePGo119ME7bL5/qiMS3+fHpnoInrP7nJs3ytGjcaptdAY1lv88Nv1+rvoXi8quOF
POE3ZV8Xr3mjZA9DCR0xNQ6R1npEN0rgJpP3mj9+L8JkPHygls8n9oIAEygaXgb9
TW35tza7LqjKXqpeebC95Hk+6GdLV2rSqhmU4dmuLnjpJCYspfuiLad06geOC1h+
fIremv/6NrQLAGDBfysm34br1Uh7UnGLN/z9XndOCrkCpJS9NNJlTAgufsYYMWRm
p4MyeVRgtGmxVJcKDWAcnbFMvuW4CTeimRvlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOY0uyiFz3wMIWG8JuvzmXHZHQNwwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL09ZMHV5aUZ6M3dNSVdHOEp1
dnptWEhaSFFOdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nuAwDQYJKoZIhvcNAQELBQADggEBAHS7sXiKFJK35cJeUYWvKMAYiNwGQjqdLfN3
FLncjvGNDmrZ0uFWATpco2426aAXjZVqDfRvzMY0Te+YQbVQ5TY9DIdDmXHDXBD2
reICcd8pSSkaUxy61dBlG27AvkkW5J065RB2UbjDGkM4n6cB05iflagQeHWImAID
uoRHifR0ugJInm84JyKUZheP5wqOHyADsDco8rqRvmAwMQnHrUj8627DPJhZ+H8e
s2Vtw56//fZ016AhPj95fdP1qC7ObNbYw2RZb7hJPM8PzL5trabHetQfonoXCDu6
5Y6bqyjc18mHnT/ubRZLjoHf1QqQFugeGDp3fYrDnLN/rRomv3c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:47 2024 by rpki-client on console-ams.rpki-client.org