Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/I9cdr5XkZetWsl3ZOoT_Tm3yjhU.roa
File: I9cdr5XkZetWsl3ZOoT_Tm3yjhU.roa (raw, json)
Hash identifier: bE1AdmXaP8AzU1C9BqBkRowjA3g3ReammIFzNxlzebc=
Subject key identifier: 23:D7:1D:AF:95:E4:65:EB:56:B2:5D:D9:3A:84:FF:4E:6D:F2:8E:15
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 0471
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/I9cdr5XkZetWsl3ZOoT_Tm3yjhU.roa
Signing time: Thu 15 Sep 2022 02:35:04 +0000
ROA not before: Thu 15 Sep 2022 02:35:04 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9678
IP address blocks: 2401:95c0:2d03::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1137 (0x471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Sep 15 02:35:04 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=23D71DAF95E465EB56B25DD93A84FF4E6DF28E15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:90:d8:ad:00:01:5b:ab:32:36:ad:cf:2d:58:
3f:6b:1d:15:2d:2e:5c:dd:2f:16:e8:32:e3:e3:13:
c2:09:e0:af:cb:38:3d:19:f2:f3:d7:61:72:62:19:
8c:4f:e9:15:2a:11:f9:67:3d:43:47:8d:c4:d2:7f:
c5:9c:49:6b:93:97:4d:89:97:1e:9d:9d:7e:16:35:
5e:57:c7:f0:a1:08:fd:24:b4:19:27:7c:8e:80:83:
42:f2:e0:f7:a8:d3:df:c0:3f:d2:f6:90:0f:7c:76:
cc:ce:47:31:94:28:35:b4:cf:c8:c1:80:fd:3d:93:
fd:1c:60:b7:99:fb:b4:24:c4:24:60:b7:72:03:6a:
50:07:05:90:8b:f0:59:d7:45:8b:4f:dc:c9:2e:4b:
24:6c:ba:aa:ef:2f:aa:56:1a:95:91:2a:8a:43:96:
fd:4b:ea:03:b7:20:4c:6b:40:ee:24:34:66:e9:c9:
a8:ed:16:ef:37:83:8b:58:64:c1:c4:dd:3f:d3:39:
ea:bb:f4:4e:7b:8c:d6:61:e5:00:7e:05:b8:82:2c:
a2:d5:70:e0:66:69:e3:4a:38:a8:14:8e:db:b7:7b:
f9:19:1f:b5:9b:55:68:c7:83:93:94:74:69:c5:ce:
0d:6a:8d:f2:e1:8c:3e:61:63:d6:af:11:18:c6:a4:
54:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D7:1D:AF:95:E4:65:EB:56:B2:5D:D9:3A:84:FF:4E:6D:F2:8E:15
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/I9cdr5XkZetWsl3ZOoT_Tm3yjhU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:95c0:2d03::/48
Signature Algorithm: sha256WithRSAEncryption
2b:43:2d:71:9e:f5:e9:0d:78:de:53:02:56:52:f6:a2:68:f5:
88:12:67:e6:a7:7a:c0:34:a0:6f:24:30:18:20:13:db:b9:31:
2c:ce:54:b3:9b:fe:4d:3b:d1:76:2c:d0:95:11:7b:90:1d:4a:
a8:ed:a3:99:cb:04:dd:63:01:b9:de:1f:8b:e3:a5:f0:02:e0:
6d:e7:9a:c5:5f:63:3e:64:67:62:67:58:ad:3a:87:08:d9:08:
38:c5:3c:7e:d7:28:57:25:72:f4:f3:85:3a:db:4a:4d:2c:29:
dd:7d:1c:40:14:f8:14:35:73:02:23:fd:97:27:e8:03:fa:f3:
7b:3e:22:3c:50:df:d5:9c:8c:27:22:be:1a:27:e5:2b:d9:3c:
d9:a9:67:2f:4f:b1:75:97:01:0f:3f:2c:2a:49:6a:0e:c5:7a:
c0:bb:7e:2e:2d:10:50:3e:00:13:d0:20:5c:6e:b2:fe:b7:c7:
fa:f2:6a:84:ab:04:33:83:94:2a:2a:96:8d:1f:2a:a1:16:29:
92:db:cf:0c:f9:ce:50:84:13:84:de:24:2c:82:5a:0a:b0:97:
ab:13:4f:0d:71:2c:e6:f8:db:c7:70:05:89:93:53:5e:fc:24:
bd:2c:84:e2:33:e4:8f:56:3a:98:eb:82:ea:93:b6:39:e5:d9:
01:bc:04:ba
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yMjA5MTUw
MjM1MDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIzRDcxREFGOTVFNDY1
RUI1NkIyNUREOTNBODRGRjRFNkRGMjhFMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNkNitAAFbqzI2rc8tWD9rHRUtLlzdLxboMuPjE8IJ4K/LOD0Z
8vPXYXJiGYxP6RUqEflnPUNHjcTSf8WcSWuTl02Jlx6dnX4WNV5Xx/ChCP0ktBkn
fI6Ag0Ly4Peo09/AP9L2kA98dszORzGUKDW0z8jBgP09k/0cYLeZ+7QkxCRgt3ID
alAHBZCL8FnXRYtP3MkuSyRsuqrvL6pWGpWRKopDlv1L6gO3IExrQO4kNGbpyajt
Fu83g4tYZMHE3T/TOeq79E57jNZh5QB+BbiCLKLVcOBmaeNKOKgUjtu3e/kZH7Wb
VWjHg5OUdGnFzg1qjfLhjD5hY9avERjGpFS7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUI9cdr5XkZetWsl3ZOoT/Tm3yjhUwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL0k5Y2RyNVhrWmV0V3NsM1pP
b1RfVG0zeWpoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
AZXALQMwDQYJKoZIhvcNAQELBQADggEBACtDLXGe9ekNeN5TAlZS9qJo9YgSZ+an
esA0oG8kMBggE9u5MSzOVLOb/k070XYs0JURe5AdSqjto5nLBN1jAbneH4vjpfAC
4G3nmsVfYz5kZ2JnWK06hwjZCDjFPH7XKFclcvTzhTrbSk0sKd19HEAU+BQ1cwIj
/Zcn6AP683s+IjxQ39WcjCcivhon5SvZPNmpZy9PsXWXAQ8/LCpJag7FesC7fi4t
EFA+ABPQIFxusv63x/ryaoSrBDODlCoqlo0fKqEWKZLbzwz5zlCEE4TeJCyCWgqw
l6sTTw1xLOb428dwBYmTU178JL0shOIz5I9WOpjrguqTtjnl2QG8BLo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org