Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/emYzJC8LxYyCSZa9lIFy6okUOTA.roa
File: emYzJC8LxYyCSZa9lIFy6okUOTA.roa (raw, json)
Hash identifier: oTDP+8j/wkt1xkoCeXNnhBHVrMdiMA6i07Fv8lAIvaw=
Subject key identifier: 7A:66:33:24:2F:0B:C5:8C:82:49:96:BD:94:81:72:EA:89:14:39:30
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0C15
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/emYzJC8LxYyCSZa9lIFy6okUOTA.roa
Signing time: Wed 29 Sep 2021 02:36:29 +0000
ROA not before: Wed 29 Sep 2021 02:36:29 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18424
IP address blocks: 2404:8cc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3093 (0xc15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 29 02:36:29 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=7A6633242F0BC58C824996BD948172EA89143930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9c:d8:e4:5e:47:fc:18:1e:ec:91:a5:99:56:
f3:23:e5:55:83:9f:1b:36:a3:e1:29:c1:09:b1:7a:
7c:98:74:a7:99:69:6c:da:01:33:af:30:74:ae:a0:
37:b6:27:ff:3b:8f:2a:75:0c:ff:eb:32:5c:b6:37:
fb:af:b9:a5:9a:20:8f:4a:3f:71:1f:6c:5d:17:0c:
82:71:37:71:12:ab:37:92:2f:57:a7:e8:0f:75:93:
5f:e7:f5:7d:94:a0:a1:3d:44:69:07:b7:50:d3:93:
d9:c8:84:b3:f0:75:f8:fb:b5:fa:40:e2:0f:ce:ec:
c0:75:93:34:f5:56:d5:1f:ff:6b:fa:bf:d5:e3:54:
d2:27:de:ac:5a:aa:1a:e4:b0:6d:40:63:a4:02:6c:
66:60:b0:e1:62:4e:93:ef:4a:c0:e7:82:57:2e:8f:
6f:2a:cd:62:cf:1f:cf:ee:6a:eb:0c:fa:5a:8f:29:
45:30:3f:78:70:24:8f:52:00:3a:e0:d7:db:33:90:
cc:4b:08:36:a7:1f:d0:6a:21:12:7e:c1:62:b9:6e:
55:ce:3c:dd:6a:5c:91:55:21:a3:21:07:95:83:06:
77:40:c2:19:aa:8a:e7:cc:86:a1:e4:10:f3:2f:44:
a7:c9:89:39:66:43:94:f5:8a:7b:a3:59:65:e2:31:
44:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:66:33:24:2F:0B:C5:8C:82:49:96:BD:94:81:72:EA:89:14:39:30
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/emYzJC8LxYyCSZa9lIFy6okUOTA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:8cc0::/32
Signature Algorithm: sha256WithRSAEncryption
b3:6f:21:e0:61:02:ed:21:aa:2a:36:18:bf:31:93:b1:43:cb:
3a:b9:98:d7:ea:fb:8d:94:eb:ca:c6:0d:40:c4:d2:df:d9:1b:
69:c8:56:cd:12:f4:30:b0:14:52:97:9d:fd:cf:c4:6a:d7:b1:
42:8f:f4:12:f7:7a:a4:f9:f3:68:6e:33:a9:9e:06:14:42:e1:
1f:90:0d:50:fe:b0:b4:ef:3c:7b:9a:ab:7a:17:57:33:e0:64:
9d:27:25:5b:ca:8a:57:59:de:06:9b:ff:61:94:48:2f:5e:48:
9d:a8:83:60:95:ef:32:b2:61:10:4e:0e:45:ce:46:a1:b5:23:
e3:21:49:4e:38:2f:9f:ac:bb:6b:58:66:0f:22:b3:ee:b0:2c:
7a:87:c6:80:1a:bd:d7:a6:49:ae:b4:5e:0f:71:e5:ab:73:91:
3d:cf:2c:5b:28:f3:60:4e:f6:a3:bc:08:5b:09:65:45:cd:ec:
24:7c:23:73:56:d5:b4:32:95:27:41:88:b4:50:a8:59:e0:68:
64:40:81:5d:e1:50:27:5e:a3:a3:ba:01:22:67:4d:cb:97:a8:
2f:5a:12:30:37:71:2d:74:b1:6a:c6:aa:13:84:6e:d2:2c:1d:
f5:3d:67:97:8e:8e:be:c1:58:4d:1e:d9:4a:c3:a5:e3:5b:2e:
b5:4c:1e:2b
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDBUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMTA5Mjkw
MjM2MjlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDdBNjYzMzI0MkYwQkM1
OEM4MjQ5OTZCRDk0ODE3MkVBODkxNDM5MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNnNjkXkf8GB7skaWZVvMj5VWDnxs2o+EpwQmxenyYdKeZaWza
ATOvMHSuoDe2J/87jyp1DP/rMly2N/uvuaWaII9KP3EfbF0XDIJxN3ESqzeSL1en
6A91k1/n9X2UoKE9RGkHt1DTk9nIhLPwdfj7tfpA4g/O7MB1kzT1VtUf/2v6v9Xj
VNIn3qxaqhrksG1AY6QCbGZgsOFiTpPvSsDnglcuj28qzWLPH8/uausM+lqPKUUw
P3hwJI9SADrg19szkMxLCDanH9BqIRJ+wWK5blXOPN1qXJFVIaMhB5WDBndAwhmq
iufMhqHkEPMvRKfJiTlmQ5T1inujWWXiMUTnAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUemYzJC8LxYyCSZa9lIFy6okUOTAwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL2VtWXpKQzhMeFl5Q1NaYTlsSUZ5Nm9r
VU9UQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBIzAMA0G
CSqGSIb3DQEBCwUAA4IBAQCzbyHgYQLtIaoqNhi/MZOxQ8s6uZjX6vuNlOvKxg1A
xNLf2RtpyFbNEvQwsBRSl539z8Rq17FCj/QS93qk+fNobjOpngYUQuEfkA1Q/rC0
7zx7mqt6F1cz4GSdJyVbyopXWd4Gm/9hlEgvXkidqINgle8ysmEQTg5FzkahtSPj
IUlOOC+frLtrWGYPIrPusCx6h8aAGr3XpkmutF4PceWrc5E9zyxbKPNgTvajvAhb
CWVFzewkfCNzVtW0MpUnQYi0UKhZ4GhkQIFd4VAnXqOjugEiZ03Ll6gvWhIwN3Et
dLFqxqoThG7SLB31PWeXjo6+wVhNHtlKw6XjWy61TB4r
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org