Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/tD9Ii1po5VWFfsOEZsTOrYH1F58.roa
File: tD9Ii1po5VWFfsOEZsTOrYH1F58.roa (raw, json)
Hash identifier: u6xcN6xZZuZqB/rG3sG3VjFfAStfiBp0QfBbUtXPStw=
Subject key identifier: B4:3F:48:8B:5A:68:E5:55:85:7E:C3:84:66:C4:CE:AD:81:F5:17:9F
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 0FD1
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/tD9Ii1po5VWFfsOEZsTOrYH1F58.roa
Signing time: Sun 07 Feb 2021 12:36:11 +0000
ROA not before: Sun 07 Feb 2021 12:36:11 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24165
IP address blocks: 49.158.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4049 (0xfd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Feb 7 12:36:11 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=B43F488B5A68E555857EC38466C4CEAD81F5179F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5b:7d:90:0f:7c:bd:ad:b0:9a:fa:b8:b1:d2:
88:f5:30:24:25:38:a7:34:6d:86:b5:85:02:e3:be:
a1:41:ed:93:8b:af:67:e7:59:92:63:31:69:15:f3:
4d:5b:6d:7f:08:b2:5d:eb:02:0e:48:0e:1f:40:33:
70:a5:fd:d4:c1:e5:bc:a6:1c:9c:84:33:62:b3:b7:
26:8b:a8:52:e0:3c:c4:59:c0:fc:49:c9:76:60:cb:
05:de:c0:b8:22:49:91:a1:6c:30:a9:16:0e:1e:04:
ae:7a:3a:bf:70:e1:41:d0:1f:c0:7a:d7:bc:7a:24:
37:6e:64:96:3e:08:2b:50:ab:73:9a:c4:9c:ba:23:
c8:da:72:3f:fa:f6:97:28:0e:38:26:fc:d0:fb:c5:
62:6e:9e:30:20:4c:80:2d:5d:bc:17:31:60:08:dd:
5a:09:83:6e:08:03:a0:2e:63:3b:d7:23:7b:06:c4:
ca:28:c6:de:d1:83:44:bd:a2:d0:f4:73:b4:62:1f:
f5:86:cf:85:8e:eb:4c:42:da:4b:6c:d0:b2:5a:8a:
ec:72:9e:d0:a7:e1:89:59:cd:00:7d:3e:37:04:84:
b0:66:63:18:16:78:0a:67:0c:d8:fe:4d:d2:68:32:
6f:43:1c:c3:d0:de:8d:54:40:c2:54:ed:60:4b:6a:
dc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3F:48:8B:5A:68:E5:55:85:7E:C3:84:66:C4:CE:AD:81:F5:17:9F
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/tD9Ii1po5VWFfsOEZsTOrYH1F58.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.158.224.0/21
Signature Algorithm: sha256WithRSAEncryption
70:a3:b8:0e:ac:24:68:6c:13:dc:15:73:ad:a3:83:2d:d8:e3:
f1:85:8f:00:b1:a5:d4:d6:e6:45:00:73:32:11:f4:7d:6a:08:
20:91:7c:9b:c8:a8:a5:30:69:5c:13:1f:f6:32:b8:aa:c1:82:
79:bf:1f:fd:78:2c:bc:1f:ac:82:15:e4:bf:19:23:62:a7:71:
94:11:14:32:53:66:91:c7:ce:73:d5:38:64:a7:de:00:c7:e6:
41:f2:9f:54:9d:ee:6e:ee:cb:38:98:c5:ac:4c:5b:78:0b:e1:
d6:c1:a6:13:02:1a:19:3a:29:b6:73:21:b5:cd:6a:c2:a4:68:
89:fc:e6:de:35:f9:0e:21:4a:e9:62:9e:b5:cd:7f:73:2b:2b:
bd:20:c2:bb:2d:40:ae:ef:c0:ee:9b:d0:43:fe:8f:a0:40:18:
fe:d4:75:ee:54:1b:08:ed:bd:2f:6d:aa:8f:65:c1:94:97:57:
70:26:47:55:cd:22:5c:64:89:09:62:6e:b6:24:06:b5:14:2f:
c9:ee:50:5e:7b:fd:85:6d:79:ad:2c:7b:cc:22:1f:fc:2b:13:
a6:45:58:87:d6:2b:fa:da:e2:0d:74:c4:a8:a7:5e:e0:ce:7d:
ac:a3:d6:bd:2e:86:d4:98:8a:43:23:5f:a3:40:cd:8f:13:ea:
8a:07:88:c9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICD9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjM2MTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEI0M0Y0ODhCNUE2OEU1
NTU4NTdFQzM4NDY2QzRDRUFEODFGNTE3OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAW32QD3y9rbCa+rix0oj1MCQlOKc0bYa1hQLjvqFB7ZOLr2fn
WZJjMWkV801bbX8Isl3rAg5IDh9AM3Cl/dTB5bymHJyEM2KztyaLqFLgPMRZwPxJ
yXZgywXewLgiSZGhbDCpFg4eBK56Or9w4UHQH8B617x6JDduZJY+CCtQq3OaxJy6
I8jacj/69pcoDjgm/ND7xWJunjAgTIAtXbwXMWAI3VoJg24IA6AuYzvXI3sGxMoo
xt7Rg0S9otD0c7RiH/WGz4WO60xC2kts0LJaiuxyntCn4YlZzQB9PjcEhLBmYxgW
eApnDNj+TdJoMm9DHMPQ3o1UQMJU7WBLatx9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtD9Ii1po5VWFfsOEZsTOrYH1F58wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3REOUlpMXBvNVZXRmZzT0Va
c1RPcllIMUY1OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nuAwDQYJKoZIhvcNAQELBQADggEBAHCjuA6sJGhsE9wVc62jgy3Y4/GFjwCxpdTW
5kUAczIR9H1qCCCRfJvIqKUwaVwTH/YyuKrBgnm/H/14LLwfrIIV5L8ZI2KncZQR
FDJTZpHHznPVOGSn3gDH5kHyn1Sd7m7uyziYxaxMW3gL4dbBphMCGhk6KbZzIbXN
asKkaIn85t41+Q4hSulinrXNf3MrK70gwrstQK7vwO6b0EP+j6BAGP7Ude5UGwjt
vS9tqo9lwZSXV3AmR1XNIlxkiQlibrYkBrUUL8nuUF57/YVtea0se8wiH/wrE6ZF
WIfWK/ra4g10xKinXuDOfayj1r0uhtSYikMjX6NAzY8T6ooHiMk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:41 2023 by rpki-client on console-ams.rpki-client.org