Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/HQ3o9fRJZDEc6tK1XyXh9kU0Bgc.roa
File: HQ3o9fRJZDEc6tK1XyXh9kU0Bgc.roa (raw, json)
Hash identifier: +H7fywvDr0Qy4zbg4WEv+UevuZEMMuxBCbNv33GXttI=
Subject key identifier: 1D:0D:E8:F5:F4:49:64:31:1C:EA:D2:B5:5F:25:E1:F6:45:34:06:07
Certificate issuer: /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial: 06EE
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/HQ3o9fRJZDEc6tK1XyXh9kU0Bgc.roa
Signing time: Wed 29 Sep 2021 02:53:46 +0000
ROA not before: Wed 29 Sep 2021 02:53:46 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 209557
IP address blocks: 2405:a640:1173::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1774 (0x6ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Validity
Not Before: Sep 29 02:53:46 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=1D0DE8F5F44964311CEAD2B55F25E1F645340607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:4f:82:bb:2e:b8:03:5f:2e:65:d2:33:d4:
8d:0b:82:34:d1:a5:a6:7c:9b:37:e8:36:f5:5f:c2:
25:44:cb:b1:02:28:0e:dc:61:42:3a:c9:e2:12:ee:
50:f4:a5:91:3d:22:70:79:35:e0:33:22:dc:81:04:
b3:c2:3a:02:8d:ca:97:40:19:8a:48:c6:0c:a6:46:
01:c1:7d:ae:33:d8:a2:1c:bd:54:70:52:82:63:fe:
e8:3e:fd:29:2a:20:81:6e:af:77:1b:72:21:c6:90:
97:eb:6e:80:bc:45:fb:7e:77:44:64:07:fd:71:0a:
38:c3:b5:a2:7f:39:66:c4:33:99:a3:3b:4c:62:af:
1a:98:6f:d2:4b:23:f9:ad:7b:46:25:67:11:48:09:
9e:b7:d2:a2:c1:60:53:46:ed:d6:80:ea:e4:b7:24:
42:4f:84:92:5b:b9:fc:70:54:21:5a:47:db:11:89:
3c:cd:0b:14:ea:a8:03:2d:7a:c7:6f:5a:ae:b3:47:
46:5b:d0:e6:85:de:f5:e1:5b:1b:74:8e:09:c5:80:
f5:45:d6:f7:a2:73:1e:ca:8d:55:9b:85:46:85:f4:
88:32:a4:6d:84:15:14:2f:98:54:38:0f:c0:12:98:
77:6e:5a:b8:19:ed:00:34:1b:cd:44:8e:21:66:df:
d3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0D:E8:F5:F4:49:64:31:1C:EA:D2:B5:5F:25:E1:F6:45:34:06:07
X509v3 Authority Key Identifier:
keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/HQ3o9fRJZDEc6tK1XyXh9kU0Bgc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:a640:1173::/48
Signature Algorithm: sha256WithRSAEncryption
46:09:e8:b9:ad:e4:ad:62:86:43:02:84:5c:10:90:1b:39:6a:
20:0d:a8:76:c9:c8:8c:ec:58:99:c4:a6:5a:a8:a9:4e:94:36:
ec:ad:f5:9f:61:18:18:33:da:33:9a:9e:c4:c3:dc:7c:44:c5:
6d:4a:0c:86:88:bd:83:89:fa:76:7c:7f:35:f0:9e:9c:e3:74:
0e:d1:4e:1e:41:98:e6:01:41:94:cd:ab:61:e5:53:b7:49:cc:
b1:c1:82:3b:ba:88:c0:06:29:48:ac:31:a3:27:a2:3d:7a:5b:
ce:08:64:d6:b6:f6:e9:0c:a7:5a:e4:8f:38:ac:a5:43:36:71:
ae:68:ba:b7:7b:18:3e:90:82:14:9a:09:fd:5e:c0:92:de:c8:
0f:67:a5:31:23:f2:c3:86:51:e7:32:10:52:ec:d1:ae:57:73:
58:15:85:7a:6b:9b:78:71:67:f4:cd:6c:66:4f:41:0d:18:63:
d1:77:8e:0b:96:b5:cf:b4:0b:53:03:67:71:ac:fc:06:32:00:
08:fb:fa:43:aa:c2:80:56:b9:10:84:f0:7c:32:57:d1:bb:2e:
14:fc:a9:1a:b3:3d:2a:b9:7e:83:09:07:1f:98:c8:d5:ea:60:
36:cc:75:34:b4:0f:e7:ad:25:21:22:99:20:f8:58:69:61:90:
0a:87:08:72
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBu4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMTA5Mjkw
MjUzNDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFEMERFOEY1RjQ0OTY0
MzExQ0VBRDJCNTVGMjVFMUY2NDUzNDA2MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtz0+Cuy64A18uZdIz1I0LgjTRpaZ8mzfoNvVfwiVEy7ECKA7c
YUI6yeIS7lD0pZE9InB5NeAzItyBBLPCOgKNypdAGYpIxgymRgHBfa4z2KIcvVRw
UoJj/ug+/SkqIIFur3cbciHGkJfrboC8Rft+d0RkB/1xCjjDtaJ/OWbEM5mjO0xi
rxqYb9JLI/mte0YlZxFICZ630qLBYFNG7daA6uS3JEJPhJJbufxwVCFaR9sRiTzN
CxTqqAMtesdvWq6zR0Zb0OaF3vXhWxt0jgnFgPVF1veicx7KjVWbhUaF9IgypG2E
FRQvmFQ4D8ASmHduWrgZ7QA0G81EjiFm39P5AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUHQ3o9fRJZDEc6tK1XyXh9kU0BgcwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvSFEzbzlmUkpaREVjNnRLMVh5WGg5
a1UwQmdjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEARgnoua3krWKGQwKEXBCQGzlqIA2odsnIjOxY
mcSmWqipTpQ27K31n2EYGDPaM5qexMPcfETFbUoMhoi9g4n6dnx/NfCenON0DtFO
HkGY5gFBlM2rYeVTt0nMscGCO7qIwAYpSKwxoyeiPXpbzghk1rb26QynWuSPOKyl
QzZxrmi6t3sYPpCCFJoJ/V7Akt7ID2elMSPyw4ZR5zIQUuzRrldzWBWFemubeHFn
9M1sZk9BDRhj0XeOC5a1z7QLUwNncaz8BjIACPv6Q6rCgFa5EITwfDJX0bsuFPyp
GrM9Krl+gwkHH5jI1epgNsx1NLQP560lISKZIPhYaWGQCocIcg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:32 2023 by rpki-client on console-ams.rpki-client.org