Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/ZrCqPOtIiHrZDEH181Do7h2xrLg.roa
File: ZrCqPOtIiHrZDEH181Do7h2xrLg.roa (raw, json)
Hash identifier: CSP0ivzp+v+zP4mpkrqHgmQAkbMn02yQynAvU1joaLY=
Subject key identifier: 66:B0:AA:3C:EB:48:88:7A:D9:0C:41:F5:F3:50:E8:EE:1D:B1:AC:B8
Certificate issuer: /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial: 04A0
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/ZrCqPOtIiHrZDEH181Do7h2xrLg.roa
Signing time: Sun 13 Sep 2020 18:10:48 +0000
ROA not before: Sun 13 Sep 2020 18:10:48 +0000
ROA not after: Tue 02 Feb 2021 02:23:59 +0000
asID: 141173
IP address blocks: 2405:a640:1173::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1184 (0x4a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Validity
Not Before: Sep 13 18:10:48 2020 GMT
Not After : Feb 2 02:23:59 2021 GMT
Subject: CN=66B0AA3CEB48887AD90C41F5F350E8EE1DB1ACB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:81:37:77:7d:22:58:1c:8e:e8:ad:f9:fb:14:
69:d5:b0:b4:d1:e8:eb:40:e2:ad:84:d1:3b:a4:06:
4e:bd:25:78:a8:1a:65:43:25:21:2a:30:56:b7:09:
4a:13:28:2e:b3:b3:64:52:25:a1:85:2a:61:bf:69:
7d:df:21:17:49:8f:9d:16:93:ad:73:e5:69:1f:91:
14:fd:ea:c4:a3:b6:9e:e3:7b:c7:b6:63:6f:60:50:
66:cc:7c:fc:f5:c5:3d:44:38:44:eb:37:4c:79:37:
98:e5:26:6f:38:1e:4a:5d:a7:a4:e5:ff:e6:10:f2:
0f:64:25:e7:47:8e:ff:45:4a:c9:c6:44:bb:66:2a:
70:53:18:ed:86:dd:a8:c0:6d:d3:f1:4d:32:5b:44:
57:34:25:96:88:c0:f5:22:41:4e:6f:88:77:cd:18:
1f:be:ce:38:23:ae:b7:95:35:c6:8a:16:3e:35:39:
88:fd:c4:41:cd:ad:64:8d:92:68:02:7d:e1:a7:a8:
2c:3e:51:60:ad:24:82:56:de:15:24:8c:57:87:33:
53:51:90:4f:cf:ea:17:db:f7:c5:2b:fd:cb:fa:d1:
2b:f5:cd:b2:8a:de:b0:d0:cd:92:18:91:1d:5a:71:
a7:cf:a7:0a:33:9a:ce:d1:66:02:58:aa:ba:d6:61:
65:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B0:AA:3C:EB:48:88:7A:D9:0C:41:F5:F3:50:E8:EE:1D:B1:AC:B8
X509v3 Authority Key Identifier:
keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/ZrCqPOtIiHrZDEH181Do7h2xrLg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:a640:1173::/48
Signature Algorithm: sha256WithRSAEncryption
00:8d:ad:ac:a6:71:9c:d1:bf:46:42:da:9b:36:10:99:9f:87:
45:df:46:be:86:7f:9c:b0:8a:36:a1:b7:0f:41:60:72:e4:39:
e8:52:07:06:63:4e:b7:81:07:62:e6:df:25:88:6d:c1:b9:25:
a9:a7:21:e2:94:8d:4a:12:d7:8b:96:e0:ae:a3:cc:14:00:8d:
cb:54:68:50:29:e1:7a:93:88:c0:f6:a0:6a:77:49:79:cc:8f:
46:c4:95:b8:6a:f8:ac:7d:b4:32:93:4d:b5:78:c0:8b:a6:21:
aa:04:31:b1:45:73:1d:0e:d6:72:fd:79:06:25:39:57:30:ca:
da:2b:f5:fc:e7:bf:10:1f:d0:45:d5:c1:fd:0f:64:fe:59:06:
10:e1:66:0f:d6:83:ce:f7:f6:fb:61:f9:a6:82:76:cd:09:f7:
26:78:03:96:09:3a:cf:3b:90:35:2f:6b:21:03:1f:dd:7a:c5:
50:ab:6d:39:ea:de:a9:d4:e3:33:cb:f7:7f:4a:65:99:0b:8e:
d1:60:56:5f:ba:53:87:62:9e:90:34:9e:d9:21:f5:48:50:04:
ac:52:a3:60:02:88:be:2b:4d:e7:5b:2c:b9:38:40:a6:02:80:
87:9d:db:5f:81:8f:55:b9:13:95:97:f5:30:61:61:b8:71:ac:
0b:31:22:b1
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMDA5MTMx
ODEwNDhaFw0yMTAyMDIwMjIzNTlaMDMxMTAvBgNVBAMTKDY2QjBBQTNDRUI0ODg4
N0FEOTBDNDFGNUYzNTBFOEVFMURCMUFDQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDggTd3fSJYHI7orfn7FGnVsLTR6OtA4q2E0TukBk69JXioGmVD
JSEqMFa3CUoTKC6zs2RSJaGFKmG/aX3fIRdJj50Wk61z5WkfkRT96sSjtp7je8e2
Y29gUGbMfPz1xT1EOETrN0x5N5jlJm84Hkpdp6Tl/+YQ8g9kJedHjv9FSsnGRLtm
KnBTGO2G3ajAbdPxTTJbRFc0JZaIwPUiQU5viHfNGB++zjgjrreVNcaKFj41OYj9
xEHNrWSNkmgCfeGnqCw+UWCtJIJW3hUkjFeHM1NRkE/P6hfb98Ur/cv60Sv1zbKK
3rDQzZIYkR1acafPpwozms7RZgJYqrrWYWUtAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUZrCqPOtIiHrZDEH181Do7h2xrLgwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvWnJDcVBPdElpSHJaREVIMTgxRG83
aDJ4ckxnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEAAI2trKZxnNG/RkLamzYQmZ+HRd9GvoZ/nLCK
NqG3D0FgcuQ56FIHBmNOt4EHYubfJYhtwbklqach4pSNShLXi5bgrqPMFACNy1Ro
UCnhepOIwPagandJecyPRsSVuGr4rH20MpNNtXjAi6YhqgQxsUVzHQ7Wcv15BiU5
VzDK2iv1/Oe/EB/QRdXB/Q9k/lkGEOFmD9aDzvf2+2H5poJ2zQn3JngDlgk6zzuQ
NS9rIQMf3XrFUKttOereqdTjM8v3f0plmQuO0WBWX7pTh2KekDSe2SH1SFAErFKj
YAKIvitN51ssuThApgKAh53bX4GPVbkTlZf1MGFhuHGsCzEisQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:43 2023 by rpki-client on console-fra.rpki-client.org