Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/64HAasr_aFgDba2Rqb1JX2fjQo0.roa
File: 64HAasr_aFgDba2Rqb1JX2fjQo0.roa (raw, json)
Hash identifier: 8cSqDiWgoydlbktH3nCa/yI+WR/dsgATcB+RNsCNZtA=
Subject key identifier: EB:81:C0:6A:CA:FF:68:58:03:6D:AD:91:A9:BD:49:5F:67:E3:42:8D
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 0395
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/64HAasr_aFgDba2Rqb1JX2fjQo0.roa
Signing time: Tue 02 Nov 2021 12:01:28 +0000
ROA not before: Tue 02 Nov 2021 12:01:28 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9678
IP address blocks: 2401:95c0::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 917 (0x395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Nov 2 12:01:28 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=EB81C06ACAFF6858036DAD91A9BD495F67E3428D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:59:34:06:32:7f:df:22:71:15:ff:80:6c:cc:
ce:e6:b2:a1:4d:b4:e4:0d:31:3d:42:da:1e:6d:62:
2a:56:45:47:89:64:7d:e8:8b:68:d7:a9:53:25:16:
30:20:33:42:62:02:71:91:1b:fd:ce:05:05:21:e1:
17:cb:7f:9e:3e:a8:85:40:5c:67:0c:62:b1:0b:7d:
09:31:84:a4:cc:f4:d4:87:c6:b4:c4:43:2d:7f:7d:
8c:1c:4c:7b:73:4a:eb:d0:12:5d:dc:02:87:15:11:
d4:6e:fe:49:4c:e0:a8:c5:58:2d:cd:89:a0:6c:b0:
32:df:03:0c:69:79:23:8d:77:3e:08:42:83:54:99:
15:41:8d:63:36:41:a6:14:a8:69:ee:82:4a:a3:07:
51:57:e5:a4:7b:36:7f:b9:b8:0c:75:cc:07:c4:e0:
ac:0b:4d:78:11:ab:64:17:c4:83:3d:75:ab:24:9c:
89:7f:a1:a7:5e:af:73:8b:e5:a7:d7:d9:42:5d:bc:
55:55:69:44:3a:e7:2b:95:d1:8e:3a:8d:ca:a3:37:
77:c9:24:d0:f5:f3:f2:8c:92:df:08:c6:13:08:22:
eb:2c:7a:03:30:e1:da:c7:7b:89:d7:a4:c2:65:68:
42:1d:69:d4:dc:de:07:75:f0:f4:dc:9b:ee:5f:d6:
64:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:81:C0:6A:CA:FF:68:58:03:6D:AD:91:A9:BD:49:5F:67:E3:42:8D
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/64HAasr_aFgDba2Rqb1JX2fjQo0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:95c0::/36
Signature Algorithm: sha256WithRSAEncryption
74:00:16:46:ef:55:0e:b6:fe:a6:16:e8:00:1e:ac:49:b8:43:
a0:00:f4:11:e7:bd:bc:6c:5b:32:fa:1a:6d:16:44:84:4e:2a:
4a:65:24:79:ad:2c:91:76:72:4d:56:43:17:cb:6a:d8:de:24:
04:94:c1:6b:d2:7e:d3:81:0f:9d:26:2d:89:b4:71:ae:da:d4:
d1:c2:bc:8e:3f:fa:ca:7b:d0:d2:45:14:41:45:df:06:1b:88:
fb:f9:e5:35:08:64:7a:de:16:49:6f:70:8b:1f:64:6c:ea:94:
07:c0:af:bb:ca:85:05:fd:1e:66:d4:ae:17:f0:98:b0:12:90:
9d:d3:6d:8a:62:70:70:a4:45:e3:2d:4a:00:08:24:c7:9c:db:
62:a1:84:e0:8e:aa:4a:52:8a:4e:d6:a7:b1:c1:e0:f1:6c:ba:
3f:6f:5e:8f:67:f1:2a:52:4e:66:3d:7e:02:d0:61:e1:54:96:
64:27:6a:84:9a:d9:fe:3d:73:17:76:34:ee:2f:d7:5a:23:ae:
52:5c:3a:a3:c6:43:3a:f3:36:bb:ea:8d:96:17:81:ec:dd:90:
dd:52:bf:f6:2f:78:33:84:40:f5:d0:ff:bb:0c:1a:34:ef:19:
6a:3a:8f:d0:51:e3:f0:da:2a:10:54:b4:3c:12:20:3e:2c:47:
c0:30:0e:78
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICA5UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yMTExMDIx
MjAxMjhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEVCODFDMDZBQ0FGRjY4
NTgwMzZEQUQ5MUE5QkQ0OTVGNjdFMzQyOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyWTQGMn/fInEV/4BszM7msqFNtOQNMT1C2h5tYipWRUeJZH3o
i2jXqVMlFjAgM0JiAnGRG/3OBQUh4RfLf54+qIVAXGcMYrELfQkxhKTM9NSHxrTE
Qy1/fYwcTHtzSuvQEl3cAocVEdRu/klM4KjFWC3NiaBssDLfAwxpeSONdz4IQoNU
mRVBjWM2QaYUqGnugkqjB1FX5aR7Nn+5uAx1zAfE4KwLTXgRq2QXxIM9dasknIl/
oader3OL5afX2UJdvFVVaUQ65yuV0Y46jcqjN3fJJND18/KMkt8IxhMIIussegMw
4drHe4nXpMJlaEIdadTc3gd18PTcm+5f1mTlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU64HAasr/aFgDba2Rqb1JX2fjQo0wHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOLzY0SEFhc3JfYUZnRGJhMlJx
YjFKWDJmalFvMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQk
AZXAADANBgkqhkiG9w0BAQsFAAOCAQEAdAAWRu9VDrb+phboAB6sSbhDoAD0Eee9
vGxbMvoabRZEhE4qSmUkea0skXZyTVZDF8tq2N4kBJTBa9J+04EPnSYtibRxrtrU
0cK8jj/6ynvQ0kUUQUXfBhuI+/nlNQhket4WSW9wix9kbOqUB8Cvu8qFBf0eZtSu
F/CYsBKQndNtimJwcKRF4y1KAAgkx5zbYqGE4I6qSlKKTtanscHg8Wy6P29ej2fx
KlJOZj1+AtBh4VSWZCdqhJrZ/j1zF3Y07i/XWiOuUlw6o8ZDOvM2u+qNlheB7N2Q
3VK/9i94M4RA9dD/uwwaNO8ZajqP0FHj8NoqEFS0PBIgPixHwDAOeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org