Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/FxwKrpiJfW4EYu0iPJzHTetTRkk.roa
File: FxwKrpiJfW4EYu0iPJzHTetTRkk.roa (raw, json)
Hash identifier: /zyrPDlutrwyh6wvC82WH+oLOakYUQB4LifqfmhDbx8=
Subject key identifier: 17:1C:0A:AE:98:89:7D:6E:04:62:ED:22:3C:9C:C7:4D:EB:53:46:49
Certificate issuer: /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial: 012E
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/FxwKrpiJfW4EYu0iPJzHTetTRkk.roa
Signing time: Mon 21 Dec 2020 09:58:37 +0000
ROA not before: Mon 21 Dec 2020 09:58:37 +0000
ROA not after: Tue 05 Oct 2021 04:04:36 +0000
asID: 141173
IP address blocks: 2406:8dc0:2400::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302 (0x12e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
Validity
Not Before: Dec 21 09:58:37 2020 GMT
Not After : Oct 5 04:04:36 2021 GMT
Subject: CN=171C0AAE98897D6E0462ED223C9CC74DEB534649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f2:c2:4a:36:3f:4e:ca:62:11:f6:48:64:b7:
a1:81:42:4f:46:f8:bb:8b:82:00:2a:b3:c5:c1:be:
7d:34:b3:59:9c:30:85:fd:11:13:58:ad:9b:54:b9:
01:28:ba:6a:96:7d:da:ac:59:14:96:04:99:85:43:
ba:68:2c:02:b9:b5:fa:a6:ba:b6:46:b0:8e:06:43:
c2:e4:8b:ab:fb:eb:5d:6e:57:6b:2b:39:37:9d:98:
43:96:4b:9e:49:04:2f:58:3c:c0:cb:b6:50:5a:08:
ec:e9:ea:0b:aa:a2:e6:fa:48:29:fa:7a:c6:8f:4c:
b6:0a:3e:5f:8d:12:48:6b:10:0c:64:f7:f8:a8:c3:
3b:2d:5a:3e:f5:5c:31:cb:b1:ef:35:2d:fe:57:05:
e6:eb:ca:2a:6c:41:de:1f:d5:75:2d:bb:80:35:ab:
2e:45:0e:9a:d4:0a:70:7d:76:14:85:11:d0:5c:ca:
ec:40:90:88:70:81:b0:36:f9:88:ee:39:ec:35:61:
a3:04:9c:8e:14:de:2c:63:4f:a5:3e:37:7f:ad:07:
9a:01:46:71:0d:7a:6c:0b:7f:83:83:c1:74:63:44:
3d:bc:1e:4c:c0:76:b4:21:39:3b:26:ae:1d:94:98:
73:f1:70:e9:1e:bf:3d:a4:5d:96:19:de:42:06:e0:
8c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:1C:0A:AE:98:89:7D:6E:04:62:ED:22:3C:9C:C7:4D:EB:53:46:49
X509v3 Authority Key Identifier:
keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/FxwKrpiJfW4EYu0iPJzHTetTRkk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:8dc0:2400::/40
Signature Algorithm: sha256WithRSAEncryption
e2:b6:7a:c9:57:e3:01:05:0b:cd:b0:e1:c8:86:b2:3e:ab:e5:
78:db:4f:ec:e7:42:b1:4b:0d:7a:4a:31:e9:96:e3:a6:12:42:
b5:de:48:c6:1d:a6:36:73:52:b8:bb:68:d2:66:a6:05:e2:a3:
29:ff:db:42:2c:96:76:35:f8:fe:1e:24:c9:03:51:91:b8:eb:
a1:ac:d0:4b:20:c7:df:ee:e7:89:7d:ff:95:8c:53:c3:13:08:
60:8d:be:90:3f:37:0c:21:37:c3:5c:aa:71:5c:6c:66:c7:8f:
c7:35:de:af:fa:a8:3d:34:f8:76:c7:33:7a:52:2a:26:05:84:
37:0e:06:6d:2e:f9:31:2c:1d:00:2e:20:29:14:d4:81:0a:7b:
2c:5d:7c:0b:93:72:98:5b:03:ef:91:35:23:97:24:70:7f:a0:
6d:98:52:93:40:e3:d1:01:78:b3:70:e3:a4:b5:c7:3b:51:69:
39:7f:af:39:58:93:31:0e:ac:68:ed:73:dd:29:b5:a5:05:5f:
ed:e7:90:1b:36:75:43:c1:9f:e7:7e:2f:01:6d:9f:dc:fc:13:
92:fd:7f:e0:b5:c2:a6:0e:b2:54:83:2c:0c:b7:b7:19:33:e6:
21:b8:f6:d3:f0:74:ca:4c:a8:b2:c8:3b:19:7e:92:3d:b9:31:
aa:06:22:4d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yMDEyMjEw
OTU4MzdaFw0yMTEwMDUwNDA0MzZaMDMxMTAvBgNVBAMTKDE3MUMwQUFFOTg4OTdE
NkUwNDYyRUQyMjNDOUNDNzRERUI1MzQ2NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP8sJKNj9OymIR9khkt6GBQk9G+LuLggAqs8XBvn00s1mcMIX9
ERNYrZtUuQEoumqWfdqsWRSWBJmFQ7poLAK5tfqmurZGsI4GQ8Lki6v7611uV2sr
OTedmEOWS55JBC9YPMDLtlBaCOzp6guqoub6SCn6esaPTLYKPl+NEkhrEAxk9/io
wzstWj71XDHLse81Lf5XBebryipsQd4f1XUtu4A1qy5FDprUCnB9dhSFEdBcyuxA
kIhwgbA2+YjuOew1YaMEnI4U3ixjT6U+N3+tB5oBRnENemwLf4ODwXRjRD28HkzA
drQhOTsmrh2UmHPxcOkevz2kXZYZ3kIG4Iw1AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUFxwKrpiJfW4EYu0iPJzHTetTRkkwHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MvRnh3S3JwaUpmVzRFWXUw
aVBKekhUZXRUUmtrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMG
ACQGjcAkMA0GCSqGSIb3DQEBCwUAA4IBAQDitnrJV+MBBQvNsOHIhrI+q+V420/s
50KxSw16SjHpluOmEkK13kjGHaY2c1K4u2jSZqYF4qMp/9tCLJZ2Nfj+HiTJA1GR
uOuhrNBLIMff7ueJff+VjFPDEwhgjb6QPzcMITfDXKpxXGxmx4/HNd6v+qg9NPh2
xzN6UiomBYQ3DgZtLvkxLB0ALiApFNSBCnssXXwLk3KYWwPvkTUjlyRwf6BtmFKT
QOPRAXizcOOktcc7UWk5f685WJMxDqxo7XPdKbWlBV/t55AbNnVDwZ/nfi8BbZ/c
/BOS/X/gtcKmDrJUgywMt7cZM+YhuPbT8HTKTKiyyDsZfpI9uTGqBiJN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org