Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/1rzdYQ7gufQ1F2gEkZnNgjhS6b8.roa
File: 1rzdYQ7gufQ1F2gEkZnNgjhS6b8.roa (raw, json)
Hash identifier: 3t3/rKs8LV9CnceaT6nM3BGmfvRC+6oYiscoaSbtYTU=
Subject key identifier: D6:BC:DD:61:0E:E0:B9:F4:35:17:68:04:91:99:CD:82:38:52:E9:BF
Certificate issuer: /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Certificate serial: 0A52
Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/1rzdYQ7gufQ1F2gEkZnNgjhS6b8.roa
Signing time: Thu 15 Sep 2022 02:38:37 +0000
ROA not before: Thu 15 Sep 2022 02:38:37 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 134823
IP address blocks: 2403:a2c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2642 (0xa52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Validity
Not Before: Sep 15 02:38:37 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D6BCDD610EE0B9F4351768049199CD823852E9BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:69:1f:d2:52:05:34:2e:92:69:14:4b:3e:a4:
36:8a:48:3c:d0:ff:bc:d8:a3:fe:47:40:96:b2:47:
39:21:13:07:c9:dd:7c:80:4e:34:21:98:79:b2:82:
62:ae:3a:f4:8f:20:2e:20:b7:e3:38:40:92:1a:03:
30:41:99:b6:7f:72:cc:c3:25:4c:25:d9:7a:f8:e2:
03:6d:20:43:99:7a:49:1f:f3:96:33:8f:c6:f0:a8:
b2:67:ac:d1:1f:b3:26:0f:89:51:8d:86:8d:d7:99:
e1:4d:2b:d8:31:f3:d2:8b:ec:ce:43:f1:d1:32:80:
3a:94:7a:78:cf:db:00:7e:3a:8b:22:bb:d5:02:44:
a5:c3:77:1a:3a:18:0a:c3:c5:8c:b3:6c:bd:7b:b9:
83:45:cd:09:20:7a:4c:09:fd:ff:77:3c:e9:1d:1e:
59:da:0f:72:06:9a:2e:94:b2:be:45:65:22:a1:a9:
b2:7d:05:04:d7:12:34:2b:80:f3:6f:3c:27:33:4e:
99:cd:72:8c:2f:83:58:06:d1:ba:72:40:22:07:a3:
e8:c1:70:6b:d6:25:bc:ef:52:88:6e:e4:4c:69:46:
e1:0a:53:5c:8c:2b:96:3e:5f:29:c0:d5:14:04:a6:
7b:d1:c4:61:ac:49:2a:f0:3d:6c:2b:fb:9c:0a:ac:
b0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BC:DD:61:0E:E0:B9:F4:35:17:68:04:91:99:CD:82:38:52:E9:BF
X509v3 Authority Key Identifier:
keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/1rzdYQ7gufQ1F2gEkZnNgjhS6b8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:a2c0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:88:d5:13:fd:2e:19:2d:bb:6b:55:09:8b:37:b1:02:01:64:
f1:e6:a9:34:51:a7:cd:ef:89:07:62:db:36:5c:e9:7f:31:3e:
ca:9f:19:08:09:f8:e0:93:54:57:ff:d0:b7:ed:fc:51:a1:03:
1f:bd:5d:ee:88:76:a2:d2:36:4e:b3:18:09:1a:db:5b:28:2d:
0c:72:1f:f2:8c:ce:00:12:0d:a5:f4:66:1a:d4:25:f9:27:6d:
50:bf:07:7b:82:ff:1b:28:30:7a:2d:71:af:f3:c5:85:f4:63:
fc:8f:61:0c:f1:b3:14:ef:3b:f2:8a:79:51:5d:01:ed:59:4a:
87:dd:e9:e8:bb:6b:50:f4:0b:d2:d5:37:4f:6f:2f:b1:7b:44:
b9:c7:61:4c:be:bc:e4:46:ed:66:92:4c:70:a4:79:e9:4c:f9:
a2:87:be:71:57:a8:70:4e:a3:2e:67:ca:2c:ed:01:0a:0f:f8:
55:06:32:25:d0:6e:43:69:64:86:68:af:9f:5d:08:2a:2c:c4:
07:37:6c:24:62:f1:b0:d8:b5:75:14:1f:5f:bc:cb:44:d0:1d:
4f:fa:85:e1:2b:b5:ae:2a:3f:0b:d2:2e:0f:02:31:00:a4:48:
f7:da:a8:62:47:1b:55:02:71:52:ef:5f:b0:af:b5:1a:f6:63:
f9:3d:57:47
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICClIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF
RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yMjA5MTUw
MjM4MzdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ2QkNERDYxMEVFMEI5
RjQzNTE3NjgwNDkxOTlDRDgyMzg1MkU5QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8aR/SUgU0LpJpFEs+pDaKSDzQ/7zYo/5HQJayRzkhEwfJ3XyA
TjQhmHmygmKuOvSPIC4gt+M4QJIaAzBBmbZ/cszDJUwl2Xr44gNtIEOZekkf85Yz
j8bwqLJnrNEfsyYPiVGNho3XmeFNK9gx89KL7M5D8dEygDqUenjP2wB+Oosiu9UC
RKXDdxo6GArDxYyzbL17uYNFzQkgekwJ/f93POkdHlnaD3IGmi6Usr5FZSKhqbJ9
BQTXEjQrgPNvPCczTpnNcowvg1gG0bpyQCIHo+jBcGvWJbzvUohu5ExpRuEKU1yM
K5Y+XynA1RQEpnvRxGGsSSrwPWwr+5wKrLDHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1rzdYQ7gufQ1F2gEkZnNgjhS6b8wHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc
TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ
Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vMXJ6ZFlRN2d1ZlExRjJn
RWtabk5namhTNmI4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQDosAwDQYJKoZIhvcNAQELBQADggEBABqI1RP9Lhktu2tVCYs3sQIBZPHmqTRR
p83viQdi2zZc6X8xPsqfGQgJ+OCTVFf/0Lft/FGhAx+9Xe6IdqLSNk6zGAka21so
LQxyH/KMzgASDaX0ZhrUJfknbVC/B3uC/xsoMHotca/zxYX0Y/yPYQzxsxTvO/KK
eVFdAe1ZSofd6ei7a1D0C9LVN09vL7F7RLnHYUy+vORG7WaSTHCkeelM+aKHvnFX
qHBOoy5nyiztAQoP+FUGMiXQbkNpZIZor59dCCosxAc3bCRi8bDYtXUUH1+8y0TQ
HU/6heErta4qPwvSLg8CMQCkSPfaqGJHG1UCcVLvX7CvtRr2Y/k9V0c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org