Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/y8HffmXUfjUdPs-jHJqoM-4kh3M.roa
File: y8HffmXUfjUdPs-jHJqoM-4kh3M.roa (raw, json)
Hash identifier: 1LM/QoO1rVbFhdtMIUFWe371+rE5taL97E6XnW1h5Co=
Subject key identifier: CB:C1:DF:7E:65:D4:7E:35:1D:3E:CF:A3:1C:9A:A8:33:EE:24:87:73
Certificate issuer: /CN=ABC8439FE19D99B038270208C94B66CA231FFED5
Certificate serial: F8
Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/y8HffmXUfjUdPs-jHJqoM-4kh3M.roa
Signing time: Wed 22 Feb 2023 06:53:55 +0000
ROA not before: Wed 22 Feb 2023 06:53:55 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38047
IP address blocks: 2400:61a0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 248 (0xf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5
Validity
Not Before: Feb 22 06:53:55 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=CBC1DF7E65D47E351D3ECFA31C9AA833EE248773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:06:12:81:c9:14:62:71:2b:31:fc:bf:57:13:
c8:31:ee:da:14:a2:ac:b1:b6:fd:b9:45:1d:e2:86:
a4:cd:ea:12:eb:5e:ab:72:b4:18:e8:4b:86:10:b3:
d2:45:a4:58:a3:c4:2f:10:a3:2c:7c:65:25:6d:83:
ec:76:92:44:f8:af:77:b5:39:6d:26:48:f2:88:dc:
2f:0f:6a:74:cc:46:31:a7:42:73:e1:67:bd:4e:d9:
8a:52:f2:aa:8d:06:52:02:aa:41:0f:02:d9:d3:f4:
f8:25:96:31:ee:cb:ad:7f:d5:db:07:42:7a:c0:86:
65:42:a6:f3:e4:d3:fe:31:58:a9:9b:35:2f:d2:b8:
43:71:50:4b:52:85:4e:2e:ed:05:4d:19:d0:a7:4d:
5b:df:4c:cd:87:66:8d:80:09:2d:9b:55:f3:49:9a:
93:87:e5:2d:08:1e:46:ca:ad:43:a7:66:bb:a7:b4:
df:5f:69:26:6c:06:a7:8b:42:94:34:57:46:19:99:
8d:aa:a5:7a:eb:48:38:2f:5e:2b:79:ce:4a:8e:d8:
21:ca:14:40:5d:e4:cd:a5:4e:f7:08:7e:9f:df:29:
69:13:6a:80:3a:cd:4a:56:de:69:17:17:07:fd:08:
34:ad:24:19:fc:bb:04:a1:6f:4c:2d:87:e4:33:88:
90:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C1:DF:7E:65:D4:7E:35:1D:3E:CF:A3:1C:9A:A8:33:EE:24:87:73
X509v3 Authority Key Identifier:
keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/y8HffmXUfjUdPs-jHJqoM-4kh3M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:61a0::/32
Signature Algorithm: sha256WithRSAEncryption
17:c0:df:21:53:e5:cd:84:1d:eb:69:0a:cd:44:14:f1:12:41:
73:c8:da:f6:0a:3f:de:68:c7:96:32:86:f0:fa:42:ce:54:50:
b7:35:8e:8c:b9:a9:eb:98:a1:2c:a7:61:96:71:70:09:3e:4b:
b9:45:2e:2f:dd:69:69:b8:b4:2f:cd:b1:34:9c:76:50:92:14:
09:cc:ae:06:4c:f4:bc:61:fd:34:78:19:27:d0:fb:a5:e1:be:
f8:17:2c:11:8a:d0:63:b5:44:34:99:39:02:4f:fe:62:69:e0:
d1:06:68:39:2c:b5:27:49:3e:98:40:e7:35:a4:4e:4e:e3:f2:
22:4e:00:4d:67:61:04:7d:f7:c9:58:b2:a8:8b:03:d2:2a:2e:
93:bc:05:85:41:b4:3d:61:1c:6e:32:1c:66:42:67:bf:e4:e2:
36:eb:5c:f3:98:4d:73:80:1a:77:b1:15:5c:ea:00:07:57:ed:
18:4d:42:f9:1e:9a:ff:fb:0d:a4:4a:59:ad:74:3d:2c:a2:4e:
ac:27:8b:5f:98:3a:dc:0e:07:f6:ca:3d:19:d7:f2:89:4b:be:
ba:06:c2:9f:a1:90:4c:0f:a2:41:28:dd:a3:04:ac:36:d9:ab:
9a:d2:fc:d2:84:b9:f9:07:1d:58:cf:13:6c:64:07:6c:45:9f:
24:33:86:53
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJD
ODQzOUZFMTlEOTlCMDM4MjcwMjA4Qzk0QjY2Q0EyMzFGRkVENTAeFw0yMzAyMjIw
NjUzNTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENCQzFERjdFNjVENDdF
MzUxRDNFQ0ZBMzFDOUFBODMzRUUyNDg3NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKBhKByRRicSsx/L9XE8gx7toUoqyxtv25RR3ihqTN6hLrXqty
tBjoS4YQs9JFpFijxC8Qoyx8ZSVtg+x2kkT4r3e1OW0mSPKI3C8PanTMRjGnQnPh
Z71O2YpS8qqNBlICqkEPAtnT9PglljHuy61/1dsHQnrAhmVCpvPk0/4xWKmbNS/S
uENxUEtShU4u7QVNGdCnTVvfTM2HZo2ACS2bVfNJmpOH5S0IHkbKrUOnZruntN9f
aSZsBqeLQpQ0V0YZmY2qpXrrSDgvXit5zkqO2CHKFEBd5M2lTvcIfp/fKWkTaoA6
zUpW3mkXFwf9CDStJBn8uwShb0wth+QziJBjAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUy8HffmXUfjUdPs+jHJqoM+4kh3MwHwYDVR0jBBgwFoAUq8hDn+GdmbA4JwII
yUtmyiMf/tUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU
RUwvcThoRG4tR2RtYkE0SndJSXlVdG15aU1mX3RVLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRFTC95OEhmZm1YVWZqVWRQ
cy1qSEpxb00tNGtoM00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJABhoDANBgkqhkiG9w0BAQsFAAOCAQEAF8DfIVPlzYQd62kKzUQU8RJBc8ja
9go/3mjHljKG8PpCzlRQtzWOjLmp65ihLKdhlnFwCT5LuUUuL91pabi0L82xNJx2
UJIUCcyuBkz0vGH9NHgZJ9D7peG++BcsEYrQY7VENJk5Ak/+Ymng0QZoOSy1J0k+
mEDnNaROTuPyIk4ATWdhBH33yViyqIsD0iouk7wFhUG0PWEcbjIcZkJnv+TiNutc
85hNc4Aad7EVXOoAB1ftGE1C+R6a//sNpEpZrXQ9LKJOrCeLX5g63A4H9so9Gdfy
iUu+ugbCn6GQTA+iQSjdowSsNtmrmtL80oS5+QcdWM8TbGQHbEWfJDOGUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org