Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/n3r1-qnE5GiBk6cUEvJ3CTKqYss.roa
File: n3r1-qnE5GiBk6cUEvJ3CTKqYss.roa (raw, json)
Hash identifier: FujlvFB+jQF0LzR7aUjRHv1BxAiQ706anaqlh/tGPcI=
Subject key identifier: 9F:7A:F5:FA:A9:C4:E4:68:81:93:A7:14:12:F2:77:09:32:AA:62:CB
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0A0B
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/n3r1-qnE5GiBk6cUEvJ3CTKqYss.roa
Signing time: Tue 29 Sep 2020 10:03:10 +0000
ROA not before: Tue 29 Sep 2020 10:03:10 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131641
IP address blocks: 2404:8cc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2571 (0xa0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 29 10:03:10 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=9F7AF5FAA9C4E4688193A71412F2770932AA62CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:86:24:d4:da:c3:b9:a7:c5:45:a6:30:34:0e:
9b:7b:f6:83:33:42:15:9c:dc:96:b3:fd:f0:96:9e:
c3:29:41:11:ee:d6:7a:8b:a2:ff:6d:87:db:9e:9e:
c5:75:6d:34:b3:28:94:fa:bc:83:b1:61:8a:09:9d:
b9:01:fc:85:69:a6:fb:3e:a3:b0:eb:d9:5a:a2:c6:
be:7d:97:22:ed:e1:e5:c7:99:e2:d4:6d:72:63:cd:
9f:61:e4:ad:5d:49:eb:66:8c:2a:93:65:e9:30:91:
fc:0d:74:0e:54:53:c0:21:cd:cc:c3:2e:33:80:9a:
74:f9:6a:93:c6:02:57:5a:c8:07:2f:fc:67:a5:8c:
26:75:9c:65:72:6f:1a:ba:89:c4:d9:7c:72:09:e0:
72:d2:ee:47:72:b7:e8:58:7b:8a:da:f7:b2:a5:60:
b9:33:de:ad:86:f1:a4:75:ad:f6:0e:73:f4:4e:a8:
97:ad:ac:30:28:34:84:b6:34:e9:6f:53:08:47:0a:
49:96:23:a3:2d:3f:16:4d:54:87:97:c6:7d:c4:b1:
37:d5:e2:9f:3b:d2:42:00:6b:8d:27:00:68:0d:40:
42:f6:22:c3:74:06:90:dd:87:95:45:1b:e8:d9:2e:
30:69:2e:56:19:b9:a0:9f:23:96:73:00:b6:96:2c:
68:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7A:F5:FA:A9:C4:E4:68:81:93:A7:14:12:F2:77:09:32:AA:62:CB
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/n3r1-qnE5GiBk6cUEvJ3CTKqYss.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:8cc0::/32
Signature Algorithm: sha256WithRSAEncryption
3e:68:6e:99:ea:7b:e3:06:b7:e6:6d:dc:3a:41:5b:f6:4a:ab:
73:37:02:db:0a:8e:2b:e6:27:94:c4:12:de:6d:29:ca:26:be:
f3:6a:99:0d:9d:47:ce:62:f6:d9:b8:31:ac:c1:cb:14:37:5e:
7b:15:cf:0f:38:21:e0:a8:85:f4:12:31:3d:2a:1b:bb:4f:a2:
4c:f6:68:57:53:76:f4:bd:03:60:9b:94:6b:19:1e:ba:d5:f5:
cd:32:95:0e:8e:6a:5a:65:fe:c1:b9:10:d9:14:c0:d1:f1:b6:
66:60:db:be:70:8f:87:02:dd:cb:bc:50:32:8d:e6:9b:a3:3a:
89:73:ed:e8:6d:76:97:4b:f6:e2:08:34:c0:c2:62:22:70:19:
a0:b8:23:17:6d:66:08:5e:1d:49:d2:16:91:ed:89:a4:36:af:
5d:0e:7b:64:df:11:57:74:34:6f:5a:26:2f:08:42:e3:00:3a:
84:a7:fe:27:f9:03:53:47:0d:82:7b:bc:0b:05:6d:f8:d9:2f:
25:6b:e3:4e:0e:2b:ba:07:8a:8a:31:4e:4e:e3:28:96:37:1c:
c1:c8:dd:e1:90:06:2a:3a:cd:ed:f4:ff:73:25:13:ef:46:89:
fa:51:ab:cb:d9:a0:b0:64:a2:c8:b3:fb:ca:f7:b1:0a:d3:a7:
bf:15:c6:b6
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCgswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMDA5Mjkx
MDAzMTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlGN0FGNUZBQTlDNEU0
Njg4MTkzQTcxNDEyRjI3NzA5MzJBQTYyQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYhiTU2sO5p8VFpjA0Dpt79oMzQhWc3Jaz/fCWnsMpQRHu1nqL
ov9th9uensV1bTSzKJT6vIOxYYoJnbkB/IVppvs+o7Dr2Vqixr59lyLt4eXHmeLU
bXJjzZ9h5K1dSetmjCqTZekwkfwNdA5UU8AhzczDLjOAmnT5apPGAldayAcv/Gel
jCZ1nGVybxq6icTZfHIJ4HLS7kdyt+hYe4ra97KlYLkz3q2G8aR1rfYOc/ROqJet
rDAoNIS2NOlvUwhHCkmWI6MtPxZNVIeXxn3EsTfV4p870kIAa40nAGgNQEL2IsN0
BpDdh5VFG+jZLjBpLlYZuaCfI5ZzALaWLGhnAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUn3r1+qnE5GiBk6cUEvJ3CTKqYsswHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL24zcjEtcW5FNUdpQms2Y1VFdkozQ1RL
cVlzcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBIzAMA0G
CSqGSIb3DQEBCwUAA4IBAQA+aG6Z6nvjBrfmbdw6QVv2SqtzNwLbCo4r5ieUxBLe
bSnKJr7zapkNnUfOYvbZuDGswcsUN157Fc8POCHgqIX0EjE9Khu7T6JM9mhXU3b0
vQNgm5RrGR661fXNMpUOjmpaZf7BuRDZFMDR8bZmYNu+cI+HAt3LvFAyjeabozqJ
c+3obXaXS/biCDTAwmIicBmguCMXbWYIXh1J0haR7YmkNq9dDntk3xFXdDRvWiYv
CELjADqEp/4n+QNTRw2Ce7wLBW342S8la+NODiu6B4qKMU5O4yiWNxzByN3hkAYq
Os3t9P9zJRPvRon6UavL2aCwZKLIs/vK97EK06e/Fca2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org