Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/VFcrANlB28trFjV6jJXd7JN-W4I.roa
File: VFcrANlB28trFjV6jJXd7JN-W4I.roa (raw, json)
Hash identifier: 0Z4n5DMIEQ25em+P9H4RCU2j5Zts5COOAw2Hn+RLFWY=
Subject key identifier: 54:57:2B:00:D9:41:DB:CB:6B:16:35:7A:8C:95:DD:EC:93:7E:5B:82
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0A54
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/VFcrANlB28trFjV6jJXd7JN-W4I.roa
Signing time: Thu 15 Sep 2022 02:51:07 +0000
ROA not before: Thu 15 Sep 2022 02:51:07 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 57401
IP address blocks: 2403:7f40:e001::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2644 (0xa54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 15 02:51:07 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=54572B00D941DBCB6B16357A8C95DDEC937E5B82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bc:14:a3:ab:10:84:8c:12:dd:45:67:99:46:
9e:f4:e5:8b:4d:dd:d7:3e:66:bd:5d:44:21:45:df:
b1:1a:11:c1:f0:91:4e:c9:f7:d1:c2:33:1e:e8:71:
5f:6b:7e:79:b6:e8:5f:b1:ad:8c:89:3b:0a:40:47:
08:4a:b8:19:6c:48:d1:da:69:4e:03:e4:2c:2b:c1:
68:47:c3:d1:86:0e:43:84:aa:e3:db:dc:66:44:26:
6d:29:45:1b:ae:7c:f0:cb:8b:76:e3:3e:db:40:7d:
d8:b4:34:d3:33:63:77:03:24:5d:98:7c:e4:ff:08:
2b:db:c0:45:5b:31:f6:d3:57:59:73:92:05:2f:af:
c1:55:70:e3:f3:06:cb:6f:7e:b6:21:c6:a9:b1:12:
a0:ac:c9:3c:4d:c3:70:55:e5:5a:0d:98:fd:e0:a4:
a3:c0:a3:df:02:ea:48:ed:8e:65:5f:b9:6a:06:08:
4f:3c:27:6a:69:be:74:2b:52:2d:83:f8:16:2d:c0:
d8:64:96:84:7b:04:91:f5:ff:1f:4e:bc:a2:54:90:
d8:5c:24:3e:5e:66:bc:26:df:28:54:3c:57:fe:b8:
e8:19:f7:4f:a6:85:c4:c4:b6:95:c4:26:36:cb:d6:
3c:e0:16:20:cc:0e:58:35:b9:26:4a:01:be:92:4a:
55:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:57:2B:00:D9:41:DB:CB:6B:16:35:7A:8C:95:DD:EC:93:7E:5B:82
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/VFcrANlB28trFjV6jJXd7JN-W4I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:e001::/48
Signature Algorithm: sha256WithRSAEncryption
2f:ad:5f:bb:14:e9:47:0d:79:7b:a7:69:e6:c4:3d:be:e0:05:
24:ec:c4:cf:3f:bb:5c:84:e7:d9:62:67:63:f4:eb:e9:e4:02:
a6:77:0f:10:88:9c:ba:4a:68:1b:22:55:ec:bd:ea:a0:c7:0c:
ec:90:e3:be:4c:95:96:c9:3b:23:eb:62:91:6b:03:58:7f:5d:
cf:f1:34:e4:18:f2:5f:fb:78:00:00:9c:dd:91:1a:0f:37:f3:
65:37:b7:4b:81:2e:3b:b6:b6:2f:64:e7:ab:73:29:c7:d5:9c:
b4:13:48:73:9e:6a:5c:22:71:8d:ea:c1:0c:67:a1:15:08:d5:
2f:54:83:c3:e1:e6:7f:51:bc:ca:63:d3:35:a7:63:8c:35:da:
ea:b8:e7:22:c5:5e:64:91:87:19:55:7e:7d:b8:d1:5b:7b:38:
1b:a5:43:0a:4a:df:6a:71:4f:70:b3:04:97:c1:6f:7e:f6:9e:
06:97:36:a8:d5:f2:05:b8:51:4f:b7:8f:58:86:ed:b1:69:de:
cc:99:ca:7e:2e:6c:f4:31:e6:bf:d3:a8:37:18:1d:10:ca:aa:
4f:dc:a7:69:0b:98:64:be:ce:ac:03:9c:c2:0b:e9:ff:ef:82:
98:16:e2:2f:eb:ab:43:a4:f5:56:d4:51:d4:a6:99:8c:e6:c7:
a9:5b:1e:a5
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICClQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMjA5MTUw
MjUxMDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDU0NTcyQjAwRDk0MURC
Q0I2QjE2MzU3QThDOTVEREVDOTM3RTVCODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCvBSjqxCEjBLdRWeZRp705YtN3dc+Zr1dRCFF37EaEcHwkU7J
99HCMx7ocV9rfnm26F+xrYyJOwpARwhKuBlsSNHaaU4D5CwrwWhHw9GGDkOEquPb
3GZEJm0pRRuufPDLi3bjPttAfdi0NNMzY3cDJF2YfOT/CCvbwEVbMfbTV1lzkgUv
r8FVcOPzBstvfrYhxqmxEqCsyTxNw3BV5VoNmP3gpKPAo98C6kjtjmVfuWoGCE88
J2ppvnQrUi2D+BYtwNhkloR7BJH1/x9OvKJUkNhcJD5eZrwm3yhUPFf+uOgZ90+m
hcTEtpXEJjbL1jzgFiDMDlg1uSZKAb6SSlWBAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUVFcrANlB28trFjV6jJXd7JN+W4IwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL1ZGY3JBTmxCMjh0ckZqVjZqSlhkN0pO
LVc0SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A4AEw
DQYJKoZIhvcNAQELBQADggEBAC+tX7sU6UcNeXunaebEPb7gBSTsxM8/u1yE59li
Z2P06+nkAqZ3DxCInLpKaBsiVey96qDHDOyQ475MlZbJOyPrYpFrA1h/Xc/xNOQY
8l/7eAAAnN2RGg8382U3t0uBLju2ti9k56tzKcfVnLQTSHOealwicY3qwQxnoRUI
1S9Ug8Ph5n9RvMpj0zWnY4w12uq45yLFXmSRhxlVfn240Vt7OBulQwpK32pxT3Cz
BJfBb372ngaXNqjV8gW4UU+3j1iG7bFp3syZyn4ubPQx5r/TqDcYHRDKqk/cp2kL
mGS+zqwDnMIL6f/vgpgW4i/rq0Ok9VbUUdSmmYzmx6lbHqU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org