Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/v2c41IZlqQbKnoaKPGewwwRaPb0.roa
File: v2c41IZlqQbKnoaKPGewwwRaPb0.roa (raw, json)
Hash identifier: dvZ4xGB5zI0Qy9/1zSkcgqg2MHAn5CfSh47QrdcoU78=
Subject key identifier: BF:67:38:D4:86:65:A9:06:CA:9E:86:8A:3C:67:B0:C3:04:5A:3D:BD
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0788
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/v2c41IZlqQbKnoaKPGewwwRaPb0.roa
Signing time: Tue 29 Sep 2020 09:51:35 +0000
ROA not before: Tue 29 Sep 2020 09:51:35 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9674
IP address blocks: 61.20.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1928 (0x788)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Sep 29 09:51:35 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=BF6738D48665A906CA9E868A3C67B0C3045A3DBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dc:7a:cb:bd:03:66:20:b5:37:b1:d4:a0:de:
f6:16:89:4f:8c:74:98:bd:b2:8f:00:40:4d:47:c7:
e9:73:da:d2:a3:61:4f:ac:50:1c:09:1d:45:0b:80:
86:35:ee:dc:c1:e1:f1:f7:e5:68:cc:42:5e:8e:d6:
36:48:56:1b:5b:fe:62:57:c8:b2:0a:9f:26:42:f4:
dd:1f:89:c3:c0:a2:ff:26:cc:47:4a:6c:f8:ef:f7:
a1:b9:b1:94:68:87:e7:09:e8:62:1e:34:1f:8f:fa:
bd:15:c6:c7:10:a0:af:e7:de:a8:df:b2:a6:b8:8e:
1e:ea:72:95:3b:05:ba:55:27:35:77:b4:87:68:5f:
71:0c:12:20:c8:a9:47:be:d4:14:b3:17:da:3c:0a:
81:5c:8f:29:cf:e7:c5:8c:fe:37:5e:22:fd:ca:64:
ff:eb:a6:a7:53:f3:bd:3d:e2:a3:de:46:72:57:04:
99:18:1d:b7:e5:f2:4c:16:77:4e:71:27:6d:9b:50:
64:02:27:35:19:47:9e:99:e8:41:c9:10:23:d5:70:
d7:31:45:b7:00:db:9b:65:cd:8a:cb:62:5b:a5:57:
50:c3:2c:7b:30:f3:18:e5:22:bd:d4:e9:14:2b:6f:
97:46:52:57:e5:be:04:da:a9:91:b2:b2:b9:f0:03:
4a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:67:38:D4:86:65:A9:06:CA:9E:86:8A:3C:67:B0:C3:04:5A:3D:BD
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/v2c41IZlqQbKnoaKPGewwwRaPb0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:c0:29:c0:ac:55:d1:da:fb:7c:9f:da:98:07:a0:f2:52:65:
58:33:9e:be:b2:28:c3:47:db:2f:ee:33:ad:8b:b0:92:c0:ac:
43:b3:c1:23:4b:44:5e:60:ed:0f:e7:e5:f9:83:f3:34:80:6c:
a6:19:7a:e7:7a:1c:25:a8:67:9a:00:69:b7:e0:52:98:23:2f:
b0:47:dd:5f:5e:c1:77:ec:a2:f0:91:23:a7:5e:61:16:3b:f3:
1e:6c:e1:92:0e:c1:2f:31:f5:4b:9c:0e:84:9a:37:f0:67:eb:
cb:ea:2d:50:6d:5c:14:6b:79:a9:7f:f7:5e:4f:79:ac:aa:e3:
a6:dc:5d:8d:62:b7:89:28:0d:9a:1e:f6:56:28:93:c0:85:da:
ef:d6:58:3f:30:ba:86:af:68:7a:5f:76:0b:e5:b5:b2:e2:77:
8a:71:13:cc:a4:0b:f7:41:af:8a:4c:be:c9:87:84:9e:0f:10:
98:a5:6f:a1:54:73:dd:5e:67:78:40:20:3c:29:39:19:ea:a2:
b5:d4:c6:df:68:e7:61:29:d6:e2:d4:a3:dd:5e:12:16:03:f7:
69:61:06:2d:20:34:74:41:56:8f:00:0f:ed:52:43:c0:f8:d9:
a9:c3:75:f7:eb:b3:44:5c:04:25:c0:63:39:1d:af:06:d1:22:
16:0f:f7:d8
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICB4gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMDA5Mjkw
OTUxMzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJGNjczOEQ0ODY2NUE5
MDZDQTlFODY4QTNDNjdCMEMzMDQ1QTNEQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt3HrLvQNmILU3sdSg3vYWiU+MdJi9so8AQE1Hx+lz2tKjYU+s
UBwJHUULgIY17tzB4fH35WjMQl6O1jZIVhtb/mJXyLIKnyZC9N0ficPAov8mzEdK
bPjv96G5sZRoh+cJ6GIeNB+P+r0VxscQoK/n3qjfsqa4jh7qcpU7BbpVJzV3tIdo
X3EMEiDIqUe+1BSzF9o8CoFcjynP58WM/jdeIv3KZP/rpqdT87094qPeRnJXBJkY
Hbfl8kwWd05xJ22bUGQCJzUZR56Z6EHJECPVcNcxRbcA25tlzYrLYlulV1DDLHsw
8xjlIr3U6RQrb5dGUlflvgTaqZGysrnwA0ovAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUv2c41IZlqQbKnoaKPGewwwRaPb0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3YyYzQxSVpscVFiS25vYUtQR2V3d3dS
YVBiMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwA9FDANBgkq
hkiG9w0BAQsFAAOCAQEAcsApwKxV0dr7fJ/amAeg8lJlWDOevrIow0fbL+4zrYuw
ksCsQ7PBI0tEXmDtD+fl+YPzNIBsphl653ocJahnmgBpt+BSmCMvsEfdX17Bd+yi
8JEjp15hFjvzHmzhkg7BLzH1S5wOhJo38Gfry+otUG1cFGt5qX/3Xk95rKrjptxd
jWK3iSgNmh72ViiTwIXa79ZYPzC6hq9oel92C+W1suJ3inETzKQL90Gviky+yYeE
ng8QmKVvoVRz3V5neEAgPCk5GeqitdTG32jnYSnW4tSj3V4SFgP3aWEGLSA0dEFW
jwAP7VJDwPjZqcN19+uzRFwEJcBjOR2vBtEiFg/32A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org