Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/F0v3hPknHcJiCu2_krqJpL7F154.roa
File: F0v3hPknHcJiCu2_krqJpL7F154.roa (raw, json)
Hash identifier: 6lbauswKJDyIJxNiyjpM45PEM6zwbLIq3VLZ7wcaXi0=
Subject key identifier: 17:4B:F7:84:F9:27:1D:C2:62:0A:ED:BF:92:BA:89:A4:BE:C5:D7:9E
Certificate issuer: /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial: 04A5
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/F0v3hPknHcJiCu2_krqJpL7F154.roa
Signing time: Mon 14 Sep 2020 11:37:42 +0000
ROA not before: Mon 14 Sep 2020 11:37:42 +0000
ROA not after: Tue 02 Feb 2021 02:23:59 +0000
asID: 209557
IP address blocks: 2405:a640:1173::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1189 (0x4a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Validity
Not Before: Sep 14 11:37:42 2020 GMT
Not After : Feb 2 02:23:59 2021 GMT
Subject: CN=174BF784F9271DC2620AEDBF92BA89A4BEC5D79E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:08:27:34:0d:b5:40:e1:d7:48:89:7a:af:29:
e2:ed:0d:09:70:93:3e:95:ae:66:95:ac:1d:63:3e:
c1:c0:c7:73:48:bc:fb:93:0d:bc:ba:3d:84:ba:6d:
fd:6d:55:1d:d8:9d:88:20:7d:9f:f0:dd:b4:0e:28:
c7:7a:5e:29:92:49:09:58:22:6b:52:2e:1f:e6:4d:
68:df:97:c8:fd:89:54:64:0a:cc:0f:a7:a5:41:1a:
b9:f7:77:be:72:32:61:43:5c:36:45:67:0d:19:39:
77:3f:d4:c2:9f:d9:4e:9e:c9:f0:04:8d:86:62:b1:
ef:a7:7e:d8:f7:80:a7:fe:16:5e:47:39:a4:38:82:
94:4d:bf:91:82:c9:a7:79:b0:f8:96:71:e0:c7:d2:
06:24:a9:00:bb:6c:74:75:c4:ce:7c:83:37:c3:d8:
81:5e:84:2c:69:3d:7d:c6:59:d2:a6:ed:e3:a1:9e:
a1:9a:3d:62:46:55:8d:6b:24:b9:64:81:ef:61:42:
bd:f3:5a:24:a7:6e:71:fc:a3:f2:62:0a:4b:16:e3:
8e:78:f8:24:ad:0b:11:df:9e:92:9d:a9:4f:44:70:
3b:9c:a0:12:31:ce:76:1c:69:8b:87:77:05:ab:e3:
79:90:c3:e8:8f:6c:4c:19:6b:bf:9d:c1:53:01:c2:
ae:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4B:F7:84:F9:27:1D:C2:62:0A:ED:BF:92:BA:89:A4:BE:C5:D7:9E
X509v3 Authority Key Identifier:
keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/F0v3hPknHcJiCu2_krqJpL7F154.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:a640:1173::/48
Signature Algorithm: sha256WithRSAEncryption
b3:92:5c:77:e4:c2:ee:08:61:1d:03:fb:b4:ea:22:83:77:59:
66:68:bd:93:09:77:08:9a:ee:8d:45:d4:a8:b1:52:40:96:c8:
50:de:7e:ea:27:49:6b:94:ed:b8:9a:fb:12:10:41:32:db:f4:
33:41:78:6e:16:2b:df:49:77:17:29:96:4b:60:85:67:ae:30:
cf:a1:4b:ba:f2:40:99:0a:86:2e:22:77:4c:49:74:0a:83:d8:
a4:df:f9:24:3b:ba:ea:86:4e:94:18:8e:bd:df:2e:dd:ae:c2:
b7:84:1f:ef:e9:ca:d7:36:38:f4:97:da:2d:84:c1:7b:97:a5:
19:bb:25:09:db:c2:92:99:f9:fd:0d:2b:d3:de:47:4f:14:0c:
77:09:8a:e6:38:61:01:2d:0d:9b:64:51:71:f7:ea:ee:00:cb:
e4:8f:fb:43:1d:ba:dc:ff:95:fd:68:ce:be:43:a6:1c:64:13:
f9:7f:14:51:5f:b7:ac:7e:28:df:12:86:2c:8e:a3:f0:b9:c4:
c9:e3:57:ff:15:24:75:10:f1:e4:6a:4e:70:f8:62:75:2a:08:
42:43:48:3d:c4:7c:14:ce:b4:06:d4:d5:c0:0b:0c:ce:6f:59:
0c:68:fd:55:56:08:8d:97:26:4d:57:6e:37:30:06:26:89:cc:
ce:d7:ae:ae
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMDA5MTQx
MTM3NDJaFw0yMTAyMDIwMjIzNTlaMDMxMTAvBgNVBAMTKDE3NEJGNzg0RjkyNzFE
QzI2MjBBRURCRjkyQkE4OUE0QkVDNUQ3OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCCCc0DbVA4ddIiXqvKeLtDQlwkz6VrmaVrB1jPsHAx3NIvPuT
Dby6PYS6bf1tVR3YnYggfZ/w3bQOKMd6XimSSQlYImtSLh/mTWjfl8j9iVRkCswP
p6VBGrn3d75yMmFDXDZFZw0ZOXc/1MKf2U6eyfAEjYZise+nftj3gKf+Fl5HOaQ4
gpRNv5GCyad5sPiWceDH0gYkqQC7bHR1xM58gzfD2IFehCxpPX3GWdKm7eOhnqGa
PWJGVY1rJLlkge9hQr3zWiSnbnH8o/JiCksW4454+CStCxHfnpKdqU9EcDucoBIx
znYcaYuHdwWr43mQw+iPbEwZa7+dwVMBwq4TAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUF0v3hPknHcJiCu2/krqJpL7F154wHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvRjB2M2hQa25IY0ppQ3UyX2tycUpw
TDdGMTU0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEAs5Jcd+TC7ghhHQP7tOoig3dZZmi9kwl3CJru
jUXUqLFSQJbIUN5+6idJa5TtuJr7EhBBMtv0M0F4bhYr30l3FymWS2CFZ64wz6FL
uvJAmQqGLiJ3TEl0CoPYpN/5JDu66oZOlBiOvd8u3a7Ct4Qf7+nK1zY49JfaLYTB
e5elGbslCdvCkpn5/Q0r095HTxQMdwmK5jhhAS0Nm2RRcffq7gDL5I/7Qx263P+V
/WjOvkOmHGQT+X8UUV+3rH4o3xKGLI6j8LnEyeNX/xUkdRDx5GpOcPhidSoIQkNI
PcR8FM60BtTVwAsMzm9ZDGj9VVYIjZcmTVduNzAGJonMzteurg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:32 2023 by rpki-client on console-ams.rpki-client.org