Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/9Bt0ypwxdIx4JetHAPYPJSsTMuo.roa
File: 9Bt0ypwxdIx4JetHAPYPJSsTMuo.roa (raw, json)
Hash identifier: rw2+SXGnL6fne6NdNWoRL2JYLHESJrkHPes0vBrYkRU=
Subject key identifier: F4:1B:74:CA:9C:31:74:8C:78:25:EB:47:00:F6:0F:25:2B:13:32:EA
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0E00
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/9Bt0ypwxdIx4JetHAPYPJSsTMuo.roa
Signing time: Fri 01 Sep 2023 08:36:22 +0000
ROA not before: Fri 01 Sep 2023 08:36:22 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131641
IP address blocks: 2404:8cc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3584 (0xe00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 1 08:36:22 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F41B74CA9C31748C7825EB4700F60F252B1332EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1b:38:9b:01:7f:2e:f3:1a:31:3e:0c:b5:e1:
37:3e:2b:4c:31:ed:05:37:0f:d1:85:22:ff:12:15:
eb:7d:67:7a:18:81:31:9c:ff:c1:d0:c3:0b:31:8d:
9d:7c:a3:29:95:31:3e:85:d7:75:b0:18:28:d2:23:
a4:d2:9a:3c:3f:6d:dc:7c:69:bc:93:e1:4a:cb:65:
52:35:a6:2e:ef:0e:db:e0:02:1e:9c:8e:98:a8:5f:
a4:e5:81:a3:9b:87:76:90:c9:0b:b4:c0:b9:12:f6:
9f:cc:fb:ff:28:a2:cd:e5:4f:9c:bd:95:48:0f:f0:
24:76:4e:62:6e:01:5a:1b:8f:53:ec:3b:2c:00:89:
d6:32:f9:2c:c6:ca:38:ba:2b:35:21:e9:bc:10:77:
1e:f2:f8:ad:b9:6d:ed:7b:9c:81:cb:70:22:cd:93:
82:c2:bd:29:8d:29:87:ee:5d:f5:e5:75:fb:f7:d1:
55:b5:c4:70:54:c3:27:17:6c:e5:53:33:54:07:8a:
70:51:79:38:50:9c:7a:40:e6:bf:db:bb:82:a0:cf:
f7:4b:6c:1a:65:49:95:62:13:0b:04:6f:1b:21:c1:
41:e2:99:0f:da:d0:94:75:0b:e5:25:80:d7:81:2d:
66:5a:69:46:65:64:66:78:fb:77:16:d4:d8:fa:48:
36:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:1B:74:CA:9C:31:74:8C:78:25:EB:47:00:F6:0F:25:2B:13:32:EA
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/9Bt0ypwxdIx4JetHAPYPJSsTMuo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:8cc0::/32
Signature Algorithm: sha256WithRSAEncryption
22:b4:b8:9a:9b:ae:2a:0f:17:85:3d:ee:0b:00:80:a1:18:89:
07:b3:02:23:34:c9:40:df:d4:d4:72:11:c6:ed:7c:1c:42:80:
5f:fa:37:a7:08:95:b3:b2:b2:a3:6b:bc:56:61:17:f8:0c:c9:
16:1a:c9:6d:13:eb:2b:ec:16:30:35:28:13:3d:68:6e:a5:18:
6e:42:ec:c4:33:53:17:ba:22:93:c6:7f:e3:87:ba:4d:66:4f:
69:f6:a0:1b:c2:15:c6:c7:53:36:c7:c7:1d:a8:6c:8e:1a:32:
ee:40:8a:86:f1:e0:ad:fc:73:6e:86:ab:2d:bf:38:d8:3d:ad:
98:15:08:71:cc:d9:20:96:c5:98:2f:5e:68:2a:6a:69:6c:f6:
07:6d:b5:a7:9a:e9:37:56:52:83:c7:8f:bc:ed:9a:41:35:5b:
2d:83:2f:b1:4d:3d:b6:3d:3e:09:aa:e4:a8:14:eb:d6:0f:2e:
67:ec:9d:a5:85:d7:cc:ab:df:a1:7b:e1:b7:5a:3a:67:66:81:
0d:4e:c3:29:08:9e:27:92:d6:5c:bf:e7:0a:2b:97:91:92:27:
ff:3c:54:8c:6a:84:8c:af:c0:41:18:b4:7f:3d:07:fc:de:52:
1d:75:8b:15:55:b8:14:9e:82:d1:95:2c:44:89:2c:2c:54:79:
78:db:32:c6
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDgAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMzA5MDEw
ODM2MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEY0MUI3NENBOUMzMTc0
OEM3ODI1RUI0NzAwRjYwRjI1MkIxMzMyRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAGzibAX8u8xoxPgy14Tc+K0wx7QU3D9GFIv8SFet9Z3oYgTGc
/8HQwwsxjZ18oymVMT6F13WwGCjSI6TSmjw/bdx8abyT4UrLZVI1pi7vDtvgAh6c
jpioX6TlgaObh3aQyQu0wLkS9p/M+/8oos3lT5y9lUgP8CR2TmJuAVobj1PsOywA
idYy+SzGyji6KzUh6bwQdx7y+K25be17nIHLcCLNk4LCvSmNKYfuXfXldfv30VW1
xHBUwycXbOVTM1QHinBReThQnHpA5r/bu4Kgz/dLbBplSZViEwsEbxshwUHimQ/a
0JR1C+UlgNeBLWZaaUZlZGZ4+3cW1Nj6SDZRAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU9Bt0ypwxdIx4JetHAPYPJSsTMuowHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzlCdDB5cHd4ZEl4NEpldEhBUFlQSlNz
VE11by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBIzAMA0G
CSqGSIb3DQEBCwUAA4IBAQAitLiam64qDxeFPe4LAIChGIkHswIjNMlA39TUchHG
7XwcQoBf+jenCJWzsrKja7xWYRf4DMkWGsltE+sr7BYwNSgTPWhupRhuQuzEM1MX
uiKTxn/jh7pNZk9p9qAbwhXGx1M2x8cdqGyOGjLuQIqG8eCt/HNuhqstvzjYPa2Y
FQhxzNkglsWYL15oKmppbPYHbbWnmuk3VlKDx4+87ZpBNVstgy+xTT22PT4JquSo
FOvWDy5n7J2lhdfMq9+he+G3WjpnZoENTsMpCJ4nktZcv+cKK5eRkif/PFSMaoSM
r8BBGLR/PQf83lIddYsVVbgUnoLRlSxEiSwsVHl42zLG
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:50:47 2025 by rpki-client