Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nkLSbG2-XheQH-RfdALJ-EWRzm0.roa
File: nkLSbG2-XheQH-RfdALJ-EWRzm0.roa (raw, json)
Hash identifier: VG9BxmiTwbjl+3pPz2pXgbjbMctmaJy1n+EXKVFVwtU=
Subject key identifier: 9E:42:D2:6C:6D:BE:5E:17:90:1F:E4:5F:74:02:C9:F8:45:91:CE:6D
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 1950
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nkLSbG2-XheQH-RfdALJ-EWRzm0.roa
Signing time: Sat 22 Oct 2022 06:06:22 +0000
ROA not before: Sat 22 Oct 2022 06:06:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24164
IP address blocks: 124.6.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6480 (0x1950)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Oct 22 06:06:22 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9E42D26C6DBE5E17901FE45F7402C9F84591CE6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fa:94:11:d9:78:02:2c:49:e4:d6:3d:6e:8c:
77:6d:32:fa:5f:f9:39:91:93:69:f2:54:84:81:63:
bd:05:b1:8c:ea:58:7c:b2:c9:e0:b3:36:c8:f6:df:
13:9f:fa:99:8a:59:8c:b9:f6:2f:10:0c:24:43:0f:
80:5f:b9:3a:bd:29:7a:79:de:08:5f:14:e7:99:ed:
5b:e7:92:f9:97:af:e1:5a:6a:74:5d:22:3a:7b:8b:
ce:12:3e:61:d0:c4:71:6a:d7:bb:d6:14:08:7c:bb:
f1:80:41:f4:28:6a:78:11:79:b3:16:7e:fa:b1:92:
e6:24:dd:1a:68:87:92:57:ee:27:40:a6:99:48:9b:
e3:79:7d:7a:a7:78:c5:aa:c4:ad:1c:9b:5e:df:37:
73:e2:c2:2a:ba:aa:5b:00:c2:08:46:5c:da:7b:4d:
66:bf:a4:65:86:79:83:05:9d:15:2d:af:83:66:a7:
15:08:f8:33:84:ed:df:20:9e:e5:c1:9c:df:69:46:
1c:53:cf:88:a0:7c:7e:88:32:28:46:9c:c9:64:de:
39:ef:58:14:0c:e4:9f:74:62:1d:a1:b6:2d:39:17:
33:e4:6b:40:90:eb:08:30:6b:4c:a8:2b:a8:1c:40:
31:0a:9e:5d:6e:e6:99:4b:3d:fc:b9:dc:2f:6d:d8:
ec:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:42:D2:6C:6D:BE:5E:17:90:1F:E4:5F:74:02:C9:F8:45:91:CE:6D
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nkLSbG2-XheQH-RfdALJ-EWRzm0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.6.28.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:3a:3b:31:64:4c:64:6c:47:50:d4:79:6b:9b:6e:07:ff:91:
cc:f4:01:26:63:fd:96:06:99:ba:02:8e:fa:7b:01:2d:09:81:
8d:30:a1:dc:70:16:21:12:09:bf:a2:25:60:7f:f4:5f:74:1d:
8c:d0:0b:d2:83:5c:97:17:7a:db:80:34:15:df:94:ea:06:6a:
aa:63:3f:05:d7:97:9e:b7:e2:14:0c:3b:f6:76:6c:df:ed:97:
ab:87:15:87:a1:c2:bd:01:01:76:0c:b6:52:73:cf:a0:47:bb:
df:04:cc:6a:ab:c3:b3:9f:d7:51:cc:d5:4e:f8:06:95:fe:24:
a9:1f:e6:9d:79:bf:e5:94:c0:f2:f6:67:7a:49:14:19:4f:a7:
ea:43:9e:e6:f9:9f:dc:c1:24:2c:f9:20:71:ea:f4:f4:8a:32:
f2:4a:da:04:a6:ee:b0:8c:03:d6:1a:4a:81:be:3c:6e:c9:c6:
9c:20:10:36:e3:c8:1b:6f:43:9c:88:02:4f:31:80:2f:d3:5e:
1c:4f:8f:11:ec:e6:24:cf:63:54:ea:a7:1d:c7:31:6d:ba:d3:
b8:b4:90:57:7b:60:4e:71:6b:71:64:09:05:64:85:dd:56:39:
ed:9e:a7:50:4d:db:63:6e:6e:f2:97:b2:f1:32:fc:56:be:60:
9f:52:82:71
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGVAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA2MjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDlFNDJEMjZDNkRCRTVF
MTc5MDFGRTQ1Rjc0MDJDOUY4NDU5MUNFNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx+pQR2XgCLEnk1j1ujHdtMvpf+TmRk2nyVISBY70FsYzqWHyy
yeCzNsj23xOf+pmKWYy59i8QDCRDD4BfuTq9KXp53ghfFOeZ7VvnkvmXr+FaanRd
Ijp7i84SPmHQxHFq17vWFAh8u/GAQfQoangRebMWfvqxkuYk3Rpoh5JX7idApplI
m+N5fXqneMWqxK0cm17fN3Piwiq6qlsAwghGXNp7TWa/pGWGeYMFnRUtr4NmpxUI
+DOE7d8gnuXBnN9pRhxTz4igfH6IMihGnMlk3jnvWBQM5J90Yh2hti05FzPka0CQ
6wgwa0yoK6gcQDEKnl1u5plLPfy53C9t2OxbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnkLSbG2+XheQH+RfdALJ+EWRzm0wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL25rTFNiRzItWGhlUUgtUmZk
QUxKLUVXUnptMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ8
BhwwDQYJKoZIhvcNAQELBQADggEBAA86OzFkTGRsR1DUeWubbgf/kcz0ASZj/ZYG
mboCjvp7AS0JgY0wodxwFiESCb+iJWB/9F90HYzQC9KDXJcXetuANBXflOoGaqpj
PwXXl5634hQMO/Z2bN/tl6uHFYehwr0BAXYMtlJzz6BHu98EzGqrw7Of11HM1U74
BpX+JKkf5p15v+WUwPL2Z3pJFBlPp+pDnub5n9zBJCz5IHHq9PSKMvJK2gSm7rCM
A9YaSoG+PG7JxpwgEDbjyBtvQ5yIAk8xgC/TXhxPjxHs5iTPY1Tqpx3HMW2607i0
kFd7YE5xa3FkCQVkhd1WOe2ep1BN22NubvKXsvEy/Fa+YJ9SgnE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-fra.rpki-client.org