Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/YK5S50FM066JeNbOrlxSZag5LKU.roa
File: YK5S50FM066JeNbOrlxSZag5LKU.roa (raw, json)
Hash identifier: vMKSptNtZK6CX3955w4AzpoR5IRwEDBcrebc3OGL8RI=
Subject key identifier: 60:AE:52:E7:41:4C:D3:AE:89:78:D6:CE:AE:5C:52:65:A8:39:2C:A5
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 0D35
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/YK5S50FM066JeNbOrlxSZag5LKU.roa
Signing time: Thu 14 Jan 2021 07:24:54 +0000
ROA not before: Thu 14 Jan 2021 07:24:54 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24165
IP address blocks: 122.254.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3381 (0xd35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Jan 14 07:24:54 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=60AE52E7414CD3AE8978D6CEAE5C5265A8392CA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:bd:37:7a:43:31:3f:c2:67:06:c7:85:d4:
04:d4:30:18:b8:97:6c:e1:1c:f2:84:14:27:ae:85:
d0:ff:3e:3a:f4:e8:7a:c3:41:9c:ee:0b:c9:1f:a0:
e6:c0:f9:d5:a2:6b:27:6c:61:2d:61:f2:01:68:61:
e1:f4:6e:aa:4a:7b:c0:58:9d:e4:83:3a:90:0d:89:
35:f8:01:8a:17:bb:d7:f5:af:f3:df:bc:95:a9:d5:
c2:0a:df:62:dd:75:a8:32:2a:29:dd:d3:57:f4:63:
a4:f9:c3:34:01:e4:02:82:2b:84:b9:54:3e:c6:2c:
4d:e1:52:b2:9d:28:ec:d8:d8:bc:4a:87:17:56:93:
cf:e2:e6:ca:f0:34:7f:83:be:7d:2c:a5:ef:a7:0b:
43:7f:82:a7:04:ac:4c:57:97:09:c1:6f:69:67:49:
c1:f9:fa:3d:03:0d:50:59:9b:52:da:00:be:d0:3a:
3a:59:36:ad:56:97:f1:05:ef:94:9c:84:fb:00:8a:
6b:5d:ff:01:dd:68:36:5d:b7:d3:fc:28:48:89:42:
1a:fe:45:35:15:e7:aa:f5:a8:bc:2a:29:3d:d8:21:
77:56:c6:93:c9:26:33:19:37:1e:44:dd:a6:52:99:
b0:0a:30:26:c3:15:ca:a1:59:7f:1b:86:90:70:0d:
c2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AE:52:E7:41:4C:D3:AE:89:78:D6:CE:AE:5C:52:65:A8:39:2C:A5
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/YK5S50FM066JeNbOrlxSZag5LKU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.254.32.0/22
Signature Algorithm: sha256WithRSAEncryption
28:dc:0c:ee:30:40:21:2a:c3:21:c1:76:06:a1:51:3d:72:4c:
46:8e:08:d1:19:ca:5a:f0:75:e9:3f:ec:39:95:b9:0d:51:77:
85:7d:e3:dc:b4:dc:3b:c2:4c:3c:b4:e3:3b:86:0e:dd:68:ee:
81:fb:ff:73:9c:aa:c9:ff:69:50:d4:ad:1a:cd:95:e3:bf:36:
38:58:3c:50:ef:51:e7:dc:c0:54:17:91:91:74:d6:e1:27:27:
b7:2b:80:ac:b9:cf:cc:c9:ed:8c:35:2c:9c:ab:06:cd:5f:95:
ad:ba:ee:e3:75:9b:cb:a8:9d:13:10:a6:da:b7:48:f0:3d:55:
31:fc:a8:42:a7:0c:fc:91:4d:50:e9:03:be:53:17:99:00:a4:
19:06:a2:bb:be:f7:79:6d:57:5e:6b:64:ad:3a:50:62:51:cb:
3e:f4:a0:f7:40:b3:c6:c8:53:47:58:13:af:0b:c6:54:31:6e:
c6:e5:9c:90:9d:52:e6:ac:c9:7a:6c:1f:4e:c8:c1:04:d3:d2:
9e:3a:a6:a2:cf:17:7e:f7:4d:bc:ce:97:3d:ef:06:dd:a1:26:
eb:78:e2:74:b1:94:74:75:85:05:11:6d:c0:c3:14:3b:38:ed:
e4:f3:d2:ab:6c:d0:a3:18:f0:b4:45:00:99:e3:aa:ce:b1:0a:
68:e2:dd:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDTUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAxMTQw
NzI0NTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDYwQUU1MkU3NDE0Q0Qz
QUU4OTc4RDZDRUFFNUM1MjY1QTgzOTJDQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCimL03ekMxP8JnBseF1ATUMBi4l2zhHPKEFCeuhdD/Pjr06HrD
QZzuC8kfoObA+dWiaydsYS1h8gFoYeH0bqpKe8BYneSDOpANiTX4AYoXu9f1r/Pf
vJWp1cIK32LddagyKind01f0Y6T5wzQB5AKCK4S5VD7GLE3hUrKdKOzY2LxKhxdW
k8/i5srwNH+Dvn0spe+nC0N/gqcErExXlwnBb2lnScH5+j0DDVBZm1LaAL7QOjpZ
Nq1Wl/EF75SchPsAimtd/wHdaDZdt9P8KEiJQhr+RTUV56r1qLwqKT3YIXdWxpPJ
JjMZNx5E3aZSmbAKMCbDFcqhWX8bhpBwDcINAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYK5S50FM066JeNbOrlxSZag5LKUwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL1lLNVM1MEZNMDY2SmVOYk9y
bHhTWmFnNUxLVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ6
/iAwDQYJKoZIhvcNAQELBQADggEBACjcDO4wQCEqwyHBdgahUT1yTEaOCNEZylrw
dek/7DmVuQ1Rd4V949y03DvCTDy04zuGDt1o7oH7/3Ocqsn/aVDUrRrNleO/NjhY
PFDvUefcwFQXkZF01uEnJ7crgKy5z8zJ7Yw1LJyrBs1fla267uN1m8uonRMQptq3
SPA9VTH8qEKnDPyRTVDpA75TF5kApBkGoru+93ltV15rZK06UGJRyz70oPdAs8bI
U0dYE68LxlQxbsblnJCdUuasyXpsH07IwQTT0p46pqLPF373TbzOlz3vBt2hJut4
4nSxlHR1hQURbcDDFDs47eTz0qts0KMY8LRFAJnjqs6xCmji3Uc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:37 2023 by rpki-client on console-ams.rpki-client.org