Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/rGMHzO7RciLQxSmpAtDo4SUaa68.roa
File: rGMHzO7RciLQxSmpAtDo4SUaa68.roa (raw, json)
Hash identifier: 3Q3Wt4jQYgp2ApTzFzc1hMv0EAh5CbGh+sni3PLZy/w=
Subject key identifier: AC:63:07:CC:EE:D1:72:22:D0:C5:29:A9:02:D0:E8:E1:25:1A:6B:AF
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 12A2
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/rGMHzO7RciLQxSmpAtDo4SUaa68.roa
Signing time: Wed 29 Sep 2021 02:54:48 +0000
ROA not before: Wed 29 Sep 2021 02:54:48 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24164
IP address blocks: 49.158.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4770 (0x12a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Sep 29 02:54:48 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=AC6307CCEED17222D0C529A902D0E8E1251A6BAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:60:63:22:da:3f:c0:74:b5:ef:eb:8c:f4:bd:
a2:56:e1:03:fa:69:df:0d:d8:b7:16:11:6f:7b:91:
78:0f:32:ae:8e:84:bc:22:e7:3b:b6:2b:66:7c:61:
72:ca:be:04:dd:12:13:45:42:ae:57:87:64:0b:d0:
23:c8:28:bb:11:e7:ad:49:a0:1b:ee:e7:ec:80:f2:
d4:fb:68:e6:34:b0:86:fd:fb:7d:86:eb:11:0a:61:
2b:67:a5:0f:e1:ff:1e:b9:94:d9:79:2f:33:42:9c:
46:6e:50:3d:30:3f:bd:3a:21:92:43:f3:bc:8f:8e:
29:74:c4:79:6a:66:c0:a7:ab:3c:95:b7:20:51:79:
ff:25:9d:d2:c4:01:da:ef:f6:bf:2d:80:de:01:a8:
49:31:3e:d9:21:39:89:08:84:ba:94:eb:04:09:72:
fa:8b:fc:6e:89:42:2c:71:fa:40:5b:60:00:11:dc:
ee:a0:35:f2:6e:86:4c:98:6d:32:b2:40:a4:81:8b:
ea:19:ba:0c:3f:ef:b5:67:b4:73:b5:82:05:08:bf:
aa:da:f0:83:66:45:b3:ea:a6:85:87:d4:c3:2d:43:
13:17:c9:64:55:e5:79:df:15:19:e7:fa:ae:12:1e:
eb:56:0e:96:4a:99:c2:82:78:ea:e8:8d:32:2e:8e:
db:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:63:07:CC:EE:D1:72:22:D0:C5:29:A9:02:D0:E8:E1:25:1A:6B:AF
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/rGMHzO7RciLQxSmpAtDo4SUaa68.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.238.0/24
Signature Algorithm: sha256WithRSAEncryption
57:3b:09:d0:63:49:23:23:34:ff:d5:6b:f4:62:58:da:d7:33:
7c:99:66:e5:0a:66:0c:32:4a:d2:eb:97:15:76:c0:0a:0a:f5:
92:30:38:7e:3b:f2:63:f2:9a:f3:af:70:88:1f:6e:9d:e2:55:
c7:01:a8:ef:d6:fd:d5:61:0f:a5:f5:38:dd:10:ac:6e:91:b6:
c4:a4:af:8b:19:61:da:44:72:b5:f7:71:b8:1a:7f:62:4a:8c:
c0:0c:ff:85:eb:a4:ea:d0:df:75:ca:91:40:26:d6:c3:13:18:
47:39:04:d4:a6:66:3c:e2:c6:76:3f:fb:ed:d0:96:4c:5e:0b:
4d:a0:64:9a:4f:7f:a4:2d:7f:4a:5a:91:1c:f7:ae:0a:26:11:
3a:d1:0e:bf:8e:75:76:dc:2e:af:d4:b0:66:e4:ec:93:40:ad:
28:1c:c9:cb:05:d5:63:28:8f:5f:a5:0c:9e:6c:8b:01:6c:40:
ec:76:4b:32:fa:43:1f:fc:4e:55:58:12:b5:5f:f8:a1:57:f7:
4e:dc:18:3b:d8:17:b2:d4:c3:5b:2e:9a:11:16:8a:13:16:d2:
97:73:68:81:a4:08:81:89:40:b5:99:ed:de:84:14:3e:84:b5:
cc:4f:13:40:79:e3:04:cc:fd:70:17:13:46:7a:fe:be:1c:07:
10:5a:1e:74
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEqIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0NDhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEFDNjMwN0NDRUVEMTcy
MjJEMEM1MjlBOTAyRDBFOEUxMjUxQTZCQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuYGMi2j/AdLXv64z0vaJW4QP6ad8N2LcWEW97kXgPMq6OhLwi
5zu2K2Z8YXLKvgTdEhNFQq5Xh2QL0CPIKLsR561JoBvu5+yA8tT7aOY0sIb9+32G
6xEKYStnpQ/h/x65lNl5LzNCnEZuUD0wP706IZJD87yPjil0xHlqZsCnqzyVtyBR
ef8lndLEAdrv9r8tgN4BqEkxPtkhOYkIhLqU6wQJcvqL/G6JQixx+kBbYAAR3O6g
NfJuhkyYbTKyQKSBi+oZugw/77VntHO1ggUIv6ra8INmRbPqpoWH1MMtQxMXyWRV
5XnfFRnn+q4SHutWDpZKmcKCeOrojTIujtuFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrGMHzO7RciLQxSmpAtDo4SUaa68wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3JHTUh6TzdSY2lMUXhTbXBB
dERvNFNVYWE2OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAx
nu4wDQYJKoZIhvcNAQELBQADggEBAFc7CdBjSSMjNP/Va/RiWNrXM3yZZuUKZgwy
StLrlxV2wAoK9ZIwOH478mPymvOvcIgfbp3iVccBqO/W/dVhD6X1ON0QrG6RtsSk
r4sZYdpEcrX3cbgaf2JKjMAM/4XrpOrQ33XKkUAm1sMTGEc5BNSmZjzixnY/++3Q
lkxeC02gZJpPf6Qtf0pakRz3rgomETrRDr+OdXbcLq/UsGbk7JNArSgcycsF1WMo
j1+lDJ5siwFsQOx2SzL6Qx/8TlVYErVf+KFX907cGDvYF7LUw1sumhEWihMW0pdz
aIGkCIGJQLWZ7d6EFD6EtcxPE0B54wTM/XAXE0Z6/r4cBxBaHnQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-fra.rpki-client.org