Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QKngukSsIQOVzi1u8QKYOxR9Tmc.roa
File: QKngukSsIQOVzi1u8QKYOxR9Tmc.roa (raw, json)
Hash identifier: iVxrOaxws4wvBlIJTGg6C3MHJdY7YnKBfXe3lwo+/Go=
Subject key identifier: 40:A9:E0:BA:44:AC:21:03:95:CE:2D:6E:F1:02:98:3B:14:7D:4E:67
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 14FE
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QKngukSsIQOVzi1u8QKYOxR9Tmc.roa
Signing time: Thu 15 Sep 2022 02:35:39 +0000
ROA not before: Thu 15 Sep 2022 02:35:39 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24163
IP address blocks: 211.76.46.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5374 (0x14fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 15 02:35:39 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=40A9E0BA44AC210395CE2D6EF102983B147D4E67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ad:dd:a0:8c:65:d3:0c:fe:4d:4f:4a:b1:62:
34:68:65:08:ba:47:be:64:83:f6:65:df:d6:f6:af:
f2:17:49:d5:ae:5d:53:02:76:48:4f:59:6a:fe:21:
3b:83:e8:81:36:b5:87:98:50:67:ae:c8:ba:37:0c:
8e:67:c1:d8:00:3b:73:94:74:98:70:ae:b7:4c:de:
a1:b7:eb:13:e8:24:ea:9f:b5:d2:f0:cb:f6:9f:75:
22:fa:ae:02:1e:52:b1:5d:cf:97:45:d4:72:1b:b7:
3b:29:a6:28:b4:82:77:2a:ec:52:6e:c0:c1:3d:ee:
2b:06:f4:ce:7e:83:ba:c6:48:3b:06:14:76:77:63:
28:6e:ce:a8:36:ad:f8:78:b5:3b:64:32:a8:19:6d:
70:ce:89:ec:7e:9d:6c:51:43:04:1f:ff:3f:f1:2c:
d2:a2:ba:92:d7:bd:f6:e0:67:28:09:e5:3d:08:6a:
91:36:de:13:87:17:88:51:00:7f:b8:d7:80:64:b4:
c2:34:44:51:09:f3:1e:6d:20:e6:6c:b7:21:ef:0e:
36:47:19:ba:65:6e:c8:4d:2c:92:fc:29:aa:6e:a0:
ae:49:64:fa:af:8e:d4:31:27:06:66:2b:00:ed:52:
c2:41:53:34:5a:4a:5e:b9:63:ac:d7:96:5c:e9:3c:
db:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A9:E0:BA:44:AC:21:03:95:CE:2D:6E:F1:02:98:3B:14:7D:4E:67
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QKngukSsIQOVzi1u8QKYOxR9Tmc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.46.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:45:b7:07:cc:6c:5f:db:fd:b6:05:89:92:ba:7c:ac:04:f6:
4b:09:43:5b:b4:42:0f:c7:38:d2:b1:3d:a9:dc:46:37:ce:e3:
dc:0f:3a:0a:cb:f8:4d:4b:6c:7d:45:b1:fa:6a:86:3e:d3:42:
5a:3d:7a:08:7b:ca:1b:d6:d6:1d:dc:e7:d0:8f:c7:4c:1f:66:
e5:b9:1e:c0:a1:1f:3e:04:43:55:32:e8:af:31:99:31:e6:09:
e1:27:ec:f4:26:cc:8e:d5:a7:24:6f:06:85:9f:16:fc:4d:d3:
b3:25:5f:53:30:2b:c3:2d:87:37:2c:6c:e2:a1:5e:93:3e:12:
e8:26:a1:0e:d6:ed:25:ee:af:19:b2:22:18:48:a7:be:b4:ed:
d0:5f:d9:75:0b:9b:3f:4d:4e:11:2c:6e:f5:9f:7e:85:2b:ec:
ae:14:e4:dd:bf:d2:1e:35:1e:a3:cd:31:34:69:48:e6:5c:d4:
14:e3:40:10:4b:ee:e1:29:4d:4e:20:bd:11:f4:01:a2:4e:7c:
65:ef:89:9d:e5:cd:88:6c:5e:bf:0d:80:d8:9b:f8:3c:27:3a:
5f:12:74:39:29:b2:56:dd:55:07:3f:43:9e:ac:82:2a:e9:e0:
87:23:cd:3d:b3:41:fd:97:56:d5:79:12:a7:23:0c:06:07:8b:
08:58:db:af
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA5MTUw
MjM1MzlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQwQTlFMEJBNDRBQzIx
MDM5NUNFMkQ2RUYxMDI5ODNCMTQ3RDRFNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCprd2gjGXTDP5NT0qxYjRoZQi6R75kg/Zl39b2r/IXSdWuXVMC
dkhPWWr+ITuD6IE2tYeYUGeuyLo3DI5nwdgAO3OUdJhwrrdM3qG36xPoJOqftdLw
y/afdSL6rgIeUrFdz5dF1HIbtzsppii0gncq7FJuwME97isG9M5+g7rGSDsGFHZ3
Yyhuzqg2rfh4tTtkMqgZbXDOiex+nWxRQwQf/z/xLNKiupLXvfbgZygJ5T0IapE2
3hOHF4hRAH+414BktMI0RFEJ8x5tIOZstyHvDjZHGbplbshNLJL8KapuoK5JZPqv
jtQxJwZmKwDtUsJBUzRaSl65Y6zXllzpPNsXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQKngukSsIQOVzi1u8QKYOxR9TmcwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL1FLbmd1a1NzSVFPVnppMXU4
UUtZT3hSOVRtYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHT
TC4wDQYJKoZIhvcNAQELBQADggEBAExFtwfMbF/b/bYFiZK6fKwE9ksJQ1u0Qg/H
ONKxPancRjfO49wPOgrL+E1LbH1Fsfpqhj7TQlo9egh7yhvW1h3c59CPx0wfZuW5
HsChHz4EQ1Uy6K8xmTHmCeEn7PQmzI7VpyRvBoWfFvxN07MlX1MwK8MthzcsbOKh
XpM+EugmoQ7W7SXurxmyIhhIp7607dBf2XULmz9NThEsbvWffoUr7K4U5N2/0h41
HqPNMTRpSOZc1BTjQBBL7uEpTU4gvRH0AaJOfGXviZ3lzYhsXr8NgNib+DwnOl8S
dDkpslbdVQc/Q56sgirp4IcjzT2zQf2XVtV5EqcjDAYHiwhY268=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:47 2024 by rpki-client on console-ams.rpki-client.org