Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/mhD9oky48VbVDiII9zQQ8TU9xsA.roa
File: mhD9oky48VbVDiII9zQQ8TU9xsA.roa (raw, json)
Hash identifier: CviGUP1Dsf/S4u8DxhkOzbbt8NHwDfCXahtREnzb3kU=
Subject key identifier: 9A:10:FD:A2:4C:B8:F1:56:D5:0E:22:08:F7:34:10:F1:35:3D:C6:C0
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 1274
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/mhD9oky48VbVDiII9zQQ8TU9xsA.roa
Signing time: Wed 29 Sep 2021 02:54:35 +0000
ROA not before: Wed 29 Sep 2021 02:54:35 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24164
IP address blocks: 211.76.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4724 (0x1274)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 29 02:54:35 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9A10FDA24CB8F156D50E2208F73410F1353DC6C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:97:7d:dc:02:d2:71:16:a6:8e:80:d5:36:02:
f6:1e:21:80:46:19:29:85:57:e4:25:14:1d:ed:42:
ca:1d:4c:16:58:a3:10:e9:e2:2e:1d:be:40:23:39:
ef:e2:f5:13:d5:97:b1:fb:08:58:74:3f:3b:5b:47:
0f:52:3f:8b:50:3f:b4:60:5f:7e:37:41:eb:2b:60:
3f:4b:04:2b:51:01:35:47:20:c7:5b:32:a5:52:f6:
ae:b7:87:c1:c1:3d:cd:0d:9b:41:e9:a8:bb:34:08:
5c:4b:66:36:2d:d0:f3:52:22:7f:e7:c8:9a:84:d1:
6a:66:40:7b:77:1d:d7:1e:73:6b:78:0d:86:e0:2d:
6b:b0:b2:ce:3c:a4:e0:d4:58:69:2f:46:b8:92:3b:
d2:1e:14:68:ff:00:c5:8e:8e:4c:dd:16:18:92:e6:
4e:fc:8d:28:58:eb:9a:de:9d:52:3c:a1:64:13:fe:
6d:35:17:2d:11:1d:82:8e:eb:8d:c6:ae:2d:36:85:
23:a1:65:17:1e:a8:06:7a:57:9e:ed:b5:d2:d0:6b:
5b:ca:ad:d8:49:a4:08:e1:13:9a:19:f4:69:4e:7e:
bd:fd:82:b4:58:c4:69:6e:cc:b6:61:cb:69:57:2b:
88:00:ce:de:e2:ab:0d:3a:7d:73:50:51:a7:72:59:
9d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:10:FD:A2:4C:B8:F1:56:D5:0E:22:08:F7:34:10:F1:35:3D:C6:C0
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/mhD9oky48VbVDiII9zQQ8TU9xsA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.40.0/22
Signature Algorithm: sha256WithRSAEncryption
01:c3:68:60:73:92:8c:bd:9b:22:63:23:1a:89:d0:ee:ea:da:
f5:68:14:15:98:45:8b:a2:33:56:d2:6c:b7:5e:8f:a9:0e:2d:
d4:54:5d:00:87:a3:69:7e:da:d0:da:5d:23:4b:e0:85:ab:d2:
bc:d1:51:f7:f6:95:c5:bc:1d:10:79:15:b7:74:87:05:4b:68:
d8:9f:d8:90:03:48:cc:5f:86:66:8a:d4:66:53:46:48:8a:70:
a3:da:94:a0:4a:47:bf:f7:24:ee:e3:e7:4c:cc:37:62:ae:cc:
d7:76:6f:35:22:09:c7:4c:e5:4e:c3:a7:77:f2:f3:c5:61:e1:
d1:89:e7:30:dd:29:67:a0:be:8a:dc:f6:42:8c:69:ca:66:f0:
0e:a4:8f:9f:af:56:75:de:4c:f3:fe:1b:7f:5f:dd:ea:c1:c4:
29:fc:b2:ad:9f:56:f2:1f:fe:b6:fd:88:6b:77:55:81:31:70:
55:30:68:03:57:4c:0f:66:f3:ef:82:d3:85:3b:28:d6:4c:74:
80:62:3f:14:f6:c1:71:0a:2f:dd:81:45:9c:60:f9:bb:37:d6:
f3:d2:b8:70:96:3b:31:38:b6:f3:4a:ea:0e:e3:80:0b:e2:a1:
bb:06:72:5c:3e:77:45:be:97:6c:25:90:b1:78:9d:16:3f:e8:
13:2f:a2:dd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEnQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0MzVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlBMTBGREEyNENCOEYx
NTZENTBFMjIwOEY3MzQxMEYxMzUzREM2QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKl33cAtJxFqaOgNU2AvYeIYBGGSmFV+QlFB3tQsodTBZYoxDp
4i4dvkAjOe/i9RPVl7H7CFh0PztbRw9SP4tQP7RgX343QesrYD9LBCtRATVHIMdb
MqVS9q63h8HBPc0Nm0HpqLs0CFxLZjYt0PNSIn/nyJqE0WpmQHt3Hdcec2t4DYbg
LWuwss48pODUWGkvRriSO9IeFGj/AMWOjkzdFhiS5k78jShY65renVI8oWQT/m01
Fy0RHYKO643Gri02hSOhZRceqAZ6V57ttdLQa1vKrdhJpAjhE5oZ9GlOfr39grRY
xGluzLZhy2lXK4gAzt7iqw06fXNQUadyWZ1zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmhD9oky48VbVDiII9zQQ8TU9xsAwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL21oRDlva3k0OFZiVkRpSUk5
elFROFRVOXhzQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALT
TCgwDQYJKoZIhvcNAQELBQADggEBAAHDaGBzkoy9myJjIxqJ0O7q2vVoFBWYRYui
M1bSbLdej6kOLdRUXQCHo2l+2tDaXSNL4IWr0rzRUff2lcW8HRB5Fbd0hwVLaNif
2JADSMxfhmaK1GZTRkiKcKPalKBKR7/3JO7j50zMN2KuzNd2bzUiCcdM5U7Dp3fy
88Vh4dGJ5zDdKWegvorc9kKMacpm8A6kj5+vVnXeTPP+G39f3erBxCn8sq2fVvIf
/rb9iGt3VYExcFUwaANXTA9m8++C04U7KNZMdIBiPxT2wXEKL92BRZxg+bs31vPS
uHCWOzE4tvNK6g7jgAviobsGclw+d0W+l2wlkLF4nRY/6BMvot0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:40 2023 by rpki-client on console-ams.rpki-client.org