Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/yFc4qxh9MkNe28p4pxvbXfRxMfM.roa
File: yFc4qxh9MkNe28p4pxvbXfRxMfM.roa (raw, json)
Hash identifier: /MZHf8Vd/orkhDlO2py07f9gwyyoElIiA3Vv1Z4oqgg=
Subject key identifier: C8:57:38:AB:18:7D:32:43:5E:DB:CA:78:A7:1B:DB:5D:F4:71:31:F3
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 078E
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/yFc4qxh9MkNe28p4pxvbXfRxMfM.roa
Signing time: Tue 29 Sep 2020 09:51:38 +0000
ROA not before: Tue 29 Sep 2020 09:51:38 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9674
IP address blocks: 2401:e180::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1934 (0x78e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Sep 29 09:51:38 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C85738AB187D32435EDBCA78A71BDB5DF47131F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0e:46:45:6f:52:70:80:47:06:02:a0:e9:cc:
01:34:10:d3:0a:10:a4:94:df:f1:08:3d:a1:5f:5e:
91:bb:9b:ba:ee:33:76:27:2d:44:38:e6:2c:19:f9:
7b:e4:4c:87:03:0c:ed:ec:ed:e7:c2:ed:3e:10:ca:
79:e8:56:df:8a:b8:b4:45:ec:7c:32:0c:56:0e:4f:
b7:4c:a8:c4:1d:ac:ec:35:d0:b0:b4:d6:33:4e:ef:
ad:f5:0d:a2:1f:ac:6e:98:c4:ce:c6:54:13:72:75:
71:00:ad:df:b4:a3:b0:90:0d:7b:57:cd:6e:bc:5c:
55:92:b9:b4:22:29:10:fb:64:8d:f7:46:99:f0:57:
d1:1e:34:a6:97:94:16:cb:69:07:bc:a1:2c:3e:f4:
58:59:48:f3:75:14:50:e9:fe:14:1c:34:ff:08:37:
53:e8:90:09:db:29:89:7a:f7:c2:ef:54:f9:4f:78:
5c:51:21:d8:4b:b7:7b:2b:7a:da:86:9c:44:69:68:
81:24:dc:2b:e2:85:f0:2c:1b:2e:66:da:f1:20:e9:
9b:a5:60:e2:53:3d:52:f0:0c:32:5e:3e:92:b0:e6:
a6:a1:ed:b7:a0:27:3c:59:56:c8:b7:5f:9c:56:ec:
e2:8b:36:2a:a5:12:35:b7:65:60:ca:06:ac:4f:3c:
84:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:57:38:AB:18:7D:32:43:5E:DB:CA:78:A7:1B:DB:5D:F4:71:31:F3
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/yFc4qxh9MkNe28p4pxvbXfRxMfM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e180::/32
Signature Algorithm: sha256WithRSAEncryption
cc:2d:44:8f:8b:46:33:bc:c8:55:4f:b3:fb:19:2b:cc:a5:81:
24:f3:d1:db:6a:f7:cf:fa:57:65:4f:93:2d:ac:5c:00:aa:d3:
1c:58:32:16:f3:05:89:fe:7b:e3:ea:8d:eb:02:d3:a4:df:fd:
1b:bb:24:db:6e:45:c8:83:64:c4:23:6d:c5:06:c7:a5:97:45:
fd:83:5a:8f:68:0f:4f:e8:99:21:cc:dc:87:62:39:e4:87:24:
35:84:2d:c1:6b:e0:af:1c:b1:1e:61:e0:39:5e:bb:b5:00:d1:
28:89:1f:c2:39:67:4c:94:c8:2e:86:00:24:28:9f:30:ea:86:
42:2f:c9:ea:9d:10:88:8e:94:15:2d:b7:f9:94:41:03:90:87:
8c:53:5e:66:ca:31:5e:df:5c:4b:24:94:80:21:f9:da:1e:7f:
70:80:3e:98:6e:55:14:a0:c5:05:65:cb:11:0d:17:a1:01:4c:
fe:3c:47:a8:e2:10:b4:80:31:c2:13:ee:41:9f:52:6d:36:25:
47:61:13:de:ad:ff:81:c5:b5:02:5e:2d:25:2b:6b:50:c4:7d:
0d:f8:24:50:79:96:f3:c7:ac:76:8a:79:a2:de:ea:57:69:f0:
ba:42:ee:f5:de:8f:37:40:9f:74:46:38:05:c2:aa:ca:fb:0d:
a7:12:fc:a3
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICB44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMDA5Mjkw
OTUxMzhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM4NTczOEFCMTg3RDMy
NDM1RURCQ0E3OEE3MUJEQjVERjQ3MTMxRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDADkZFb1JwgEcGAqDpzAE0ENMKEKSU3/EIPaFfXpG7m7ruM3Yn
LUQ45iwZ+XvkTIcDDO3s7efC7T4QynnoVt+KuLRF7HwyDFYOT7dMqMQdrOw10LC0
1jNO7631DaIfrG6YxM7GVBNydXEArd+0o7CQDXtXzW68XFWSubQiKRD7ZI33Rpnw
V9EeNKaXlBbLaQe8oSw+9FhZSPN1FFDp/hQcNP8IN1PokAnbKYl698LvVPlPeFxR
IdhLt3sretqGnERpaIEk3CvihfAsGy5m2vEg6ZulYOJTPVLwDDJePpKw5qah7beg
JzxZVsi3X5xW7OKLNiqlEjW3ZWDKBqxPPITZAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUyFc4qxh9MkNe28p4pxvbXfRxMfMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3lGYzRxeGg5TWtOZTI4cDRweHZiWGZS
eE1mTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAeGAMA0G
CSqGSIb3DQEBCwUAA4IBAQDMLUSPi0YzvMhVT7P7GSvMpYEk89HbavfP+ldlT5Mt
rFwAqtMcWDIW8wWJ/nvj6o3rAtOk3/0buyTbbkXIg2TEI23FBsell0X9g1qPaA9P
6JkhzNyHYjnkhyQ1hC3Ba+CvHLEeYeA5Xru1ANEoiR/COWdMlMguhgAkKJ8w6oZC
L8nqnRCIjpQVLbf5lEEDkIeMU15myjFe31xLJJSAIfnaHn9wgD6YblUUoMUFZcsR
DRehAUz+PEeo4hC0gDHCE+5Bn1JtNiVHYRPerf+BxbUCXi0lK2tQxH0N+CRQeZbz
x6x2inmi3upXafC6Qu713o83QJ90RjgFwqrK+w2nEvyj
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org