Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OhSe-uoF4IbrahntjJVwQcqEJfw.roa
File: OhSe-uoF4IbrahntjJVwQcqEJfw.roa (raw, json)
Hash identifier: nangV/dFjmk6jMX5zEkWcfTnoI44cWMRSFy1Ap9Ks0w=
Subject key identifier: 3A:14:9E:FA:EA:05:E0:86:EB:6A:19:ED:8C:95:70:41:CA:84:25:FC
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 0D1D
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OhSe-uoF4IbrahntjJVwQcqEJfw.roa
Signing time: Thu 14 Jan 2021 07:11:15 +0000
ROA not before: Thu 14 Jan 2021 07:11:15 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24164
IP address blocks: 49.158.168.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3357 (0xd1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Jan 14 07:11:15 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3A149EFAEA05E086EB6A19ED8C957041CA8425FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c1:54:99:3a:f6:cf:f3:32:ff:71:a8:8c:e5:
7f:76:77:0b:d8:b0:2d:2a:66:1d:33:ae:db:49:af:
b3:ce:de:73:ce:e6:13:f3:65:a0:bc:9d:25:b8:0d:
ea:04:91:50:4e:c0:aa:3e:29:d7:e9:e8:fb:dd:85:
2e:c9:79:41:40:d8:c9:95:1d:ef:cd:b2:52:ef:30:
46:91:0c:34:53:61:42:62:9d:46:94:91:7d:67:35:
51:f4:fd:41:c0:5a:dc:ca:72:ed:46:66:d0:e8:86:
62:d1:8b:e2:35:93:c0:4d:f1:f3:2e:ab:ff:8f:d7:
53:a3:38:1f:53:2d:80:53:4c:31:2f:5c:eb:1b:62:
70:cf:9c:0d:da:7b:0d:e3:9a:75:91:18:cb:56:ac:
a1:5d:22:7d:40:2f:f5:07:f6:83:77:fa:c1:f3:a8:
0c:e5:6b:d0:0f:e6:75:8f:57:97:a3:0c:a2:44:79:
ac:99:7a:0d:7d:74:c6:c0:d7:e2:4b:a7:9e:be:b2:
42:f6:50:af:f9:25:23:80:4e:02:f1:39:bd:b5:b4:
3e:fe:66:de:26:22:a8:b8:ff:f0:71:6e:6a:29:7e:
0d:2e:a4:12:b6:8e:8f:ec:f8:c4:4c:6f:e7:87:c8:
76:4b:8c:a7:9b:03:02:35:c1:41:fe:3e:78:a4:f7:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:14:9E:FA:EA:05:E0:86:EB:6A:19:ED:8C:95:70:41:CA:84:25:FC
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OhSe-uoF4IbrahntjJVwQcqEJfw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.168.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:d9:ca:22:4c:43:23:17:c3:4b:0d:a8:84:df:2f:80:4c:16:
3d:ca:7f:53:43:89:b7:70:cc:79:79:a5:7c:cd:5d:99:ee:01:
2a:4a:fe:7c:e3:08:99:f8:f2:2d:19:7c:33:2a:ff:0e:d4:69:
00:ba:82:94:1e:26:2a:2a:93:75:e1:3f:81:e5:5c:ff:50:61:
5c:10:e5:a5:eb:81:47:db:98:29:e2:5d:71:be:b2:61:65:ee:
39:bb:97:ba:bc:b9:f3:b0:d4:36:f9:49:05:de:93:ed:a0:52:
93:49:9d:7a:d4:f6:4a:d2:ed:14:63:cf:44:cf:a0:d2:04:07:
ea:d9:23:3a:f7:47:90:6c:b8:fb:d7:f4:bf:95:85:68:b9:72:
96:91:95:9d:58:c2:9b:7e:4c:f1:ad:57:01:46:12:31:1d:ca:
24:18:1f:a1:3e:ae:b8:19:52:b6:c9:7b:1a:3c:1e:11:52:05:
b4:f9:37:b3:fc:ca:47:99:fe:d0:11:19:5c:62:f0:26:cc:1c:
b6:62:e2:13:06:96:93:b4:2d:19:2c:6c:6b:36:bf:26:8b:73:
0e:ca:ba:44:15:f1:d2:7f:c5:45:01:ae:8f:ba:e0:fc:56:ed:
66:d6:17:08:b0:3d:1f:35:33:53:67:83:9e:51:33:5e:d9:4b:
f7:3b:c2:e9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAxMTQw
NzExMTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNBMTQ5RUZBRUEwNUUw
ODZFQjZBMTlFRDhDOTU3MDQxQ0E4NDI1RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKwVSZOvbP8zL/caiM5X92dwvYsC0qZh0zrttJr7PO3nPO5hPz
ZaC8nSW4DeoEkVBOwKo+Kdfp6PvdhS7JeUFA2MmVHe/NslLvMEaRDDRTYUJinUaU
kX1nNVH0/UHAWtzKcu1GZtDohmLRi+I1k8BN8fMuq/+P11OjOB9TLYBTTDEvXOsb
YnDPnA3aew3jmnWRGMtWrKFdIn1AL/UH9oN3+sHzqAzla9AP5nWPV5ejDKJEeayZ
eg19dMbA1+JLp56+skL2UK/5JSOATgLxOb21tD7+Zt4mIqi4//Bxbmopfg0upBK2
jo/s+MRMb+eHyHZLjKebAwI1wUH+Pnik94QnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOhSe+uoF4IbrahntjJVwQcqEJfwwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL09oU2UtdW9GNElicmFobnRq
SlZ3UWNxRUpmdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nqgwDQYJKoZIhvcNAQELBQADggEBAB7ZyiJMQyMXw0sNqITfL4BMFj3Kf1NDibdw
zHl5pXzNXZnuASpK/nzjCJn48i0ZfDMq/w7UaQC6gpQeJioqk3XhP4HlXP9QYVwQ
5aXrgUfbmCniXXG+smFl7jm7l7q8ufOw1Db5SQXek+2gUpNJnXrU9krS7RRjz0TP
oNIEB+rZIzr3R5BsuPvX9L+VhWi5cpaRlZ1Ywpt+TPGtVwFGEjEdyiQYH6E+rrgZ
UrbJexo8HhFSBbT5N7P8ykeZ/tARGVxi8CbMHLZi4hMGlpO0LRksbGs2vyaLcw7K
ukQV8dJ/xUUBro+64PxW7WbWFwiwPR81M1Nng55RM17ZS/c7wuk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:47 2024 by rpki-client on console-ams.rpki-client.org