Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/cgAwx3-HbQ5dN8TQ28SaWPr0b6E.roa
File: cgAwx3-HbQ5dN8TQ28SaWPr0b6E.roa (raw, json)
Hash identifier: C6aQ/sEPITVl3Z4+4yiI6WfLuB8sPvrHoRu1hKGoYqo=
Subject key identifier: 72:00:30:C7:7F:87:6D:0E:5D:37:C4:D0:DB:C4:9A:58:FA:F4:6F:A1
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 1224
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/cgAwx3-HbQ5dN8TQ28SaWPr0b6E.roa
Signing time: Wed 29 Sep 2021 02:54:14 +0000
ROA not before: Wed 29 Sep 2021 02:54:14 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24164
IP address blocks: 123.0.40.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4644 (0x1224)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 29 02:54:14 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=720030C77F876D0E5D37C4D0DBC49A58FAF46FA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e2:72:7b:94:ba:ef:16:25:a5:00:a1:37:0b:
f9:1b:9e:c6:d1:13:44:10:bb:dc:d6:c3:39:dc:5d:
4a:48:44:10:51:f4:c9:94:88:2a:5e:55:02:4b:c8:
b3:5b:82:58:18:a1:22:86:bc:92:d6:4a:d8:44:32:
cb:12:b7:bb:91:3a:6d:63:5e:43:d4:84:ef:0d:23:
0f:9d:0b:11:25:11:fa:75:bc:9b:6e:9f:4b:06:85:
88:4e:b9:80:de:37:54:a6:a3:d0:c6:11:73:d6:55:
2a:1e:2b:78:78:04:39:b9:5e:9f:a0:75:cc:a8:dc:
11:3e:ef:46:04:91:03:6d:b6:25:e7:28:dd:f5:75:
c9:7a:ac:c0:fb:5d:0d:7d:22:b0:cc:39:61:39:81:
4f:3a:96:f6:a7:a8:6b:ad:e4:75:40:c4:88:31:a8:
28:ce:59:fb:4c:19:95:68:b2:0b:bf:cb:b2:74:b9:
11:5f:18:50:62:3f:52:6e:39:9e:1c:9d:eb:56:7b:
4f:66:96:2c:26:d8:47:6f:2f:8f:07:58:df:ec:97:
94:1d:ef:2e:b6:7f:0f:79:f8:b2:ef:95:c0:95:c5:
60:34:74:96:7d:c9:1e:ad:99:55:7f:93:2c:fd:f1:
df:cf:66:bf:73:c4:a9:c7:44:c0:d5:e9:ab:78:66:
56:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:00:30:C7:7F:87:6D:0E:5D:37:C4:D0:DB:C4:9A:58:FA:F4:6F:A1
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/cgAwx3-HbQ5dN8TQ28SaWPr0b6E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.0.40.0/23
Signature Algorithm: sha256WithRSAEncryption
65:62:36:06:e3:81:d3:93:81:58:d8:cc:2d:21:82:5a:17:92:
a4:87:19:d2:9d:f0:f3:96:39:be:95:0e:fc:e6:89:52:10:bc:
b2:cc:80:33:10:54:ce:87:29:c6:6c:e1:cc:6c:7a:2a:2f:f2:
17:7f:27:51:1b:2a:f4:f3:d0:d9:9d:f6:7a:e4:ae:e5:d3:90:
43:67:80:c8:04:af:4d:90:d7:d6:f7:c0:31:ff:44:2c:17:3a:
8e:9c:8c:7d:dc:ef:c7:64:f9:36:68:9b:ac:08:e0:ff:7f:f2:
86:56:e5:6f:74:af:4a:d5:6c:13:c1:b0:f4:c0:f0:76:2c:26:
01:ea:26:36:ad:2a:0c:0c:06:36:30:76:df:67:f9:75:b3:64:
54:10:c3:fd:cd:97:e6:6b:bd:a9:ae:bb:95:67:9b:24:03:70:
bf:3a:1f:71:c1:ad:f5:67:60:4c:28:60:30:1f:5f:31:72:a7:
2b:7f:7e:90:23:d0:bf:db:b9:2b:0e:6a:af:ef:35:82:cc:b2:
41:9a:7a:ed:c7:52:7d:fb:e1:4a:cc:3f:d2:f7:e7:b1:54:97:
d6:7e:3a:aa:71:4b:b5:02:e0:d9:8a:3d:45:93:5f:eb:9d:69:
97:8c:bc:9a:ad:c4:a8:92:84:10:60:0a:e6:f1:99:e3:d3:73:
e9:36:c8:9e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEiQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0MTRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDcyMDAzMEM3N0Y4NzZE
MEU1RDM3QzREMERCQzQ5QTU4RkFGNDZGQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU4nJ7lLrvFiWlAKE3C/kbnsbRE0QQu9zWwzncXUpIRBBR9MmU
iCpeVQJLyLNbglgYoSKGvJLWSthEMssSt7uROm1jXkPUhO8NIw+dCxElEfp1vJtu
n0sGhYhOuYDeN1Smo9DGEXPWVSoeK3h4BDm5Xp+gdcyo3BE+70YEkQNttiXnKN31
dcl6rMD7XQ19IrDMOWE5gU86lvanqGut5HVAxIgxqCjOWftMGZVosgu/y7J0uRFf
GFBiP1JuOZ4cnetWe09mliwm2EdvL48HWN/sl5Qd7y62fw95+LLvlcCVxWA0dJZ9
yR6tmVV/kyz98d/PZr9zxKnHRMDV6at4ZlZVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcgAwx3+HbQ5dN8TQ28SaWPr0b6EwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2NnQXd4My1IYlE1ZE44VFEy
OFNhV1ByMGI2RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAF7
ACgwDQYJKoZIhvcNAQELBQADggEBAGViNgbjgdOTgVjYzC0hgloXkqSHGdKd8POW
Ob6VDvzmiVIQvLLMgDMQVM6HKcZs4cxseiov8hd/J1EbKvTz0Nmd9nrkruXTkENn
gMgEr02Q19b3wDH/RCwXOo6cjH3c78dk+TZom6wI4P9/8oZW5W90r0rVbBPBsPTA
8HYsJgHqJjatKgwMBjYwdt9n+XWzZFQQw/3Nl+Zrvamuu5VnmyQDcL86H3HBrfVn
YEwoYDAfXzFypyt/fpAj0L/buSsOaq/vNYLMskGaeu3HUn374UrMP9L357FUl9Z+
OqpxS7UC4NmKPUWTX+udaZeMvJqtxKiShBBgCubxmePTc+k2yJ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:48 2024 by rpki-client on console-ams.rpki-client.org