Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CLARK/kCbvKGEsPqcIjqhZNGOTSoA8Wr0.roa
File: kCbvKGEsPqcIjqhZNGOTSoA8Wr0.roa (raw, json)
Hash identifier: dU+Ymm8qQWevBg+E+zXFTeQHu9Ti1TdMWsEweAo2w0c=
Subject key identifier: 90:26:EF:28:61:2C:3E:A7:08:8E:A8:59:34:63:93:4A:80:3C:5A:BD
Certificate issuer: /CN=74AF0402FEF56C34A192D1D2185E6FB546AA702C
Certificate serial: 05
Authority key identifier: 74:AF:04:02:FE:F5:6C:34:A1:92:D1:D2:18:5E:6F:B5:46:AA:70:2C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/dK8EAv71bDShktHSGF5vtUaqcCw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/kCbvKGEsPqcIjqhZNGOTSoA8Wr0.roa
Signing time: Tue 11 Apr 2023 07:19:53 +0000
ROA not before: Tue 11 Apr 2023 07:19:53 +0000
ROA not after: Wed 03 Apr 2024 15:30:09 +0000
asID: 20473
IP address blocks: 2400:f420::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74AF0402FEF56C34A192D1D2185E6FB546AA702C
Validity
Not Before: Apr 11 07:19:53 2023 GMT
Not After : Apr 3 15:30:09 2024 GMT
Subject: CN=9026EF28612C3EA7088EA8593463934A803C5ABD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b2:ed:68:f4:d5:c7:11:49:ff:3b:8b:7a:f3:
e3:27:70:5f:91:22:68:40:41:4d:89:00:17:9d:15:
a2:54:93:68:2a:3d:b3:f0:73:33:33:2d:11:59:4a:
d8:53:c0:9c:16:18:f9:e3:e8:dd:9a:d8:a1:b8:8d:
db:5b:cd:0d:64:cf:86:a9:04:88:89:e0:19:80:25:
4a:66:d7:10:86:45:cc:ae:ca:86:64:c9:5b:d5:62:
9b:38:68:e4:d8:0a:16:e5:06:c0:b4:21:f5:ca:f0:
9b:ee:b6:4f:d8:1b:5f:5b:05:c2:c6:dd:d9:8a:14:
49:a6:84:5c:ab:0b:79:c7:65:11:bf:b9:25:d3:1a:
46:14:11:d7:78:2d:e4:58:a0:df:7f:1a:a8:e8:64:
d5:7e:2b:ca:91:bf:cf:42:b5:e4:8a:28:24:33:16:
5d:39:8e:57:8f:9e:71:5e:4b:a5:c9:f4:ed:8d:ec:
9d:13:d5:e1:64:6a:84:7d:da:4a:ec:ba:4f:7b:02:
27:ea:76:1e:d1:f4:8c:32:e3:b1:df:82:a6:dd:25:
ec:3d:d0:f2:6f:25:b0:17:fa:ff:6a:18:33:27:a9:
31:a1:2c:fb:ee:b8:9c:76:a4:c3:6f:e0:c2:ed:eb:
2b:4f:0e:65:38:f2:8d:b4:1e:a3:36:65:fb:64:a7:
09:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:26:EF:28:61:2C:3E:A7:08:8E:A8:59:34:63:93:4A:80:3C:5A:BD
X509v3 Authority Key Identifier:
keyid:74:AF:04:02:FE:F5:6C:34:A1:92:D1:D2:18:5E:6F:B5:46:AA:70:2C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/dK8EAv71bDShktHSGF5vtUaqcCw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/dK8EAv71bDShktHSGF5vtUaqcCw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/kCbvKGEsPqcIjqhZNGOTSoA8Wr0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:f420::/32
Signature Algorithm: sha256WithRSAEncryption
81:7b:b7:a1:28:30:6c:41:2b:19:1c:1b:87:b2:24:27:a8:e6:
18:d1:3e:55:5e:44:ec:ad:51:e1:40:7d:c4:07:13:fc:02:ec:
29:4d:30:92:c2:90:2a:a1:8d:33:20:ab:ee:21:e3:a8:b4:db:
74:2b:2a:0d:39:ff:1e:46:03:2b:3f:1e:d5:ef:e3:9e:96:2d:
58:58:60:df:81:09:23:c8:ec:03:f5:b3:33:db:5c:24:98:f2:
a8:5c:f3:a9:0f:03:f3:2e:44:ff:52:c8:f5:eb:4d:e6:4e:4c:
65:b4:39:ed:f1:c7:f4:81:35:37:88:1e:1a:4b:10:f9:40:9d:
6f:31:1d:fc:60:59:bc:06:65:13:8f:aa:95:6c:df:da:b1:23:
aa:0f:d9:98:94:bf:ce:f7:cd:e5:c4:0e:c4:84:0f:38:f9:6f:
db:c8:24:e3:0a:18:14:6e:72:e3:a8:82:33:c7:e4:8b:1e:b7:
57:dd:ea:c4:fa:6a:ad:ee:e9:c1:5a:a7:a5:f9:82:22:3a:22:
3a:d8:36:d4:f2:cf:2b:c8:84:9c:cf:f5:0c:0a:3f:db:95:5f:
67:78:51:07:e5:0a:32:74:dc:65:89:f1:49:00:b4:5e:4b:87:
42:47:e4:a0:35:d3:42:11:ad:8d:b3:71:6b:b2:09:02:30:5f:
eb:78:1b:36
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3NEFG
MDQwMkZFRjU2QzM0QTE5MkQxRDIxODVFNkZCNTQ2QUE3MDJDMB4XDTIzMDQxMTA3
MTk1M1oXDTI0MDQwMzE1MzAwOVowMzExMC8GA1UEAxMoOTAyNkVGMjg2MTJDM0VB
NzA4OEVBODU5MzQ2MzkzNEE4MDNDNUFCRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANyy7Wj01ccRSf87i3rz4ydwX5EiaEBBTYkAF50VolSTaCo9s/Bz
MzMtEVlK2FPAnBYY+ePo3ZrYobiN21vNDWTPhqkEiIngGYAlSmbXEIZFzK7KhmTJ
W9Vimzho5NgKFuUGwLQh9crwm+62T9gbX1sFwsbd2YoUSaaEXKsLecdlEb+5JdMa
RhQR13gt5Fig338aqOhk1X4rypG/z0K15IooJDMWXTmOV4+ecV5Lpcn07Y3snRPV
4WRqhH3aSuy6T3sCJ+p2HtH0jDLjsd+Cpt0l7D3Q8m8lsBf6/2oYMyepMaEs++64
nHakw2/gwu3rK08OZTjyjbQeozZl+2SnCWcCAwEAAaOCAe0wggHpMB0GA1UdDgQW
BBSQJu8oYSw+pwiOqFk0Y5NKgDxavTAfBgNVHSMEGDAWgBR0rwQC/vVsNKGS0dIY
Xm+1RqpwLDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DTEFSSy9k
SzhFQXY3MWJEU2hrdEhTR0Y1dnRVYXFjQ3cuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2RLOEVBdjcxYkRTaGt0SFNHRjV2dFVhcWNDdy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0NMQVJLL2tDYnZLR0VzUHFjSWpxaFpOR09U
U29BOFdyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAPQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCBe7ehKDBsQSsZHBuHsiQnqOYY0T5VXkTsrVHh
QH3EBxP8AuwpTTCSwpAqoY0zIKvuIeOotNt0KyoNOf8eRgMrPx7V7+Oeli1YWGDf
gQkjyOwD9bMz21wkmPKoXPOpDwPzLkT/Usj1603mTkxltDnt8cf0gTU3iB4aSxD5
QJ1vMR38YFm8BmUTj6qVbN/asSOqD9mYlL/O983lxA7EhA84+W/byCTjChgUbnLj
qIIzx+SLHrdX3erE+mqt7unBWqel+YIiOiI62DbU8s8ryIScz/UMCj/blV9neFEH
5QoydNxlifFJALReS4dCR+SgNdNCEa2Ns3FrsgkCMF/reBs2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org