Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/l77Xt1hXjqpq0WxgpOzRwKlm7IE.roa
File: l77Xt1hXjqpq0WxgpOzRwKlm7IE.roa (raw, json)
Hash identifier: KhYEJlYqjhLW/o0jBqrp9/ByQ8v50AAd/cxLKKdQWD4=
Subject key identifier: 97:BE:D7:B7:58:57:8E:AA:6A:D1:6C:60:A4:EC:D1:C0:A9:66:EC:81
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 18F9
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/l77Xt1hXjqpq0WxgpOzRwKlm7IE.roa
Signing time: Sat 22 Oct 2022 06:05:56 +0000
ROA not before: Sat 22 Oct 2022 06:05:56 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 49.159.136.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6393 (0x18f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Oct 22 06:05:56 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=97BED7B758578EAA6AD16C60A4ECD1C0A966EC81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:50:63:70:68:e7:44:db:36:f3:7b:b0:93:c6:
84:40:88:9e:9e:1e:8b:17:2e:79:30:43:46:8f:e0:
e6:93:49:1f:80:36:fa:3c:d3:76:9a:41:55:c5:4c:
3a:b1:fb:b7:45:ba:8d:83:44:d0:9c:f9:df:b1:df:
b3:15:78:9b:0c:f8:da:0d:7b:38:17:bd:9b:84:7f:
4c:ec:d1:98:51:34:60:0d:69:cd:13:da:db:ca:23:
e9:aa:a7:35:ae:99:cf:9a:83:fe:16:8b:f4:c3:19:
3f:d8:4d:0c:70:26:e0:10:b8:71:11:69:5b:bd:38:
0e:24:3e:e7:25:ad:ad:c0:86:8f:68:f2:cf:71:17:
6e:bb:76:b3:d9:1a:20:3b:c8:ec:20:9b:37:9f:84:
b1:34:2c:6d:fb:8d:42:55:ac:59:ed:3e:5c:a6:d6:
0a:07:c6:f9:b6:f3:a7:20:68:90:37:40:4f:a0:6f:
56:8d:a7:9f:9e:88:87:50:e0:19:ce:6a:c8:61:d7:
69:11:76:35:a1:83:9d:9b:46:d0:53:0c:38:3b:c2:
f8:3d:fe:39:1b:05:23:25:a5:08:bd:59:6b:8d:77:
a9:39:5c:c4:27:f0:29:73:08:ff:4f:b4:7e:6e:d2:
a6:93:91:a7:9f:5b:99:ca:15:b2:7d:ac:89:6f:56:
6a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BE:D7:B7:58:57:8E:AA:6A:D1:6C:60:A4:EC:D1:C0:A9:66:EC:81
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/l77Xt1hXjqpq0WxgpOzRwKlm7IE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:09:ba:6a:f1:b2:c6:71:44:06:7d:27:4e:de:b3:57:20:ed:
89:01:02:f2:a3:2e:82:c7:92:86:cc:a2:85:44:6d:1f:a2:95:
7d:c7:85:a3:2c:f2:70:59:39:bb:ad:c9:8c:ce:0c:5b:08:83:
f5:91:b8:1b:11:73:02:98:a0:2f:5c:78:96:fd:13:23:2d:64:
fd:54:19:b5:e3:10:6e:47:23:21:d9:49:65:f0:33:9e:c1:90:
5b:41:92:b8:19:8e:2b:94:e1:da:7c:96:b0:89:76:0f:44:fb:
0a:30:9a:d5:f4:4e:1c:c3:a4:93:15:34:1b:f2:2d:97:97:7b:
88:ab:a9:54:6f:c4:51:ff:a2:7e:3d:54:2f:1c:13:a0:12:f9:
44:94:b9:47:85:f3:a4:11:c4:b3:01:d6:de:4e:fc:74:64:fa:
26:ae:50:9d:6f:78:38:8c:dc:17:ba:6d:ce:18:f2:6f:1c:cf:
d2:f1:86:91:3e:40:e7:78:ec:60:5d:6e:64:06:c6:e6:2b:96:
79:52:c1:e1:32:cf:56:f4:f7:66:ee:07:2a:55:b9:52:28:b9:
78:e7:ca:71:b5:9d:0a:51:42:f4:b0:d7:9e:70:ca:8c:83:f2:
e0:63:27:89:69:0b:3b:ff:61:b3:40:3b:34:c2:96:30:f1:a1:
1e:52:22:84
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA1NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk3QkVEN0I3NTg1NzhF
QUE2QUQxNkM2MEE0RUNEMUMwQTk2NkVDODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOUGNwaOdE2zbze7CTxoRAiJ6eHosXLnkwQ0aP4OaTSR+ANvo8
03aaQVXFTDqx+7dFuo2DRNCc+d+x37MVeJsM+NoNezgXvZuEf0zs0ZhRNGANac0T
2tvKI+mqpzWumc+ag/4Wi/TDGT/YTQxwJuAQuHERaVu9OA4kPuclra3Aho9o8s9x
F267drPZGiA7yOwgmzefhLE0LG37jUJVrFntPlym1goHxvm286cgaJA3QE+gb1aN
p5+eiIdQ4BnOashh12kRdjWhg52bRtBTDDg7wvg9/jkbBSMlpQi9WWuNd6k5XMQn
8ClzCP9PtH5u0qaTkaefW5nKFbJ9rIlvVmrTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUl77Xt1hXjqpq0WxgpOzRwKlm7IEwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2w3N1h0MWhYanFwcTBXeGdw
T3pSd0tsbTdJRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n4gwDQYJKoZIhvcNAQELBQADggEBAJoJumrxssZxRAZ9J07es1cg7YkBAvKjLoLH
kobMooVEbR+ilX3HhaMs8nBZObutyYzODFsIg/WRuBsRcwKYoC9ceJb9EyMtZP1U
GbXjEG5HIyHZSWXwM57BkFtBkrgZjiuU4dp8lrCJdg9E+wowmtX0ThzDpJMVNBvy
LZeXe4irqVRvxFH/on49VC8cE6AS+USUuUeF86QRxLMB1t5O/HRk+iauUJ1veDiM
3Be6bc4Y8m8cz9LxhpE+QOd47GBdbmQGxuYrlnlSweEyz1b092buBypVuVIouXjn
ynG1nQpRQvSw155wyoyD8uBjJ4lpCzv/YbNAOzTCljDxoR5SIoQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-fra.rpki-client.org