Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/YimXrGXgwyBiXb2s0Uk55E7uRac.roa
File: YimXrGXgwyBiXb2s0Uk55E7uRac.roa (raw, json)
Hash identifier: 2pbaige/kGbo0qxCvumVOw+j/s52eabx7rfQb+8H9LU=
Subject key identifier: 62:29:97:AC:65:E0:C3:20:62:5D:BD:AC:D1:49:39:E4:4E:EE:45:A7
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 039F
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/YimXrGXgwyBiXb2s0Uk55E7uRac.roa
Signing time: Mon 08 Nov 2021 15:14:22 +0000
ROA not before: Mon 08 Nov 2021 15:14:22 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9678
IP address blocks: 2401:95c0:2d03::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927 (0x39f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Nov 8 15:14:22 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=622997AC65E0C320625DBDACD14939E44EEE45A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c6:8e:96:e6:2a:11:96:be:9a:ef:8d:c6:12:
28:df:fc:78:42:2f:a2:63:ce:76:4f:95:53:3b:8d:
7a:0a:26:99:de:08:1c:2e:12:ea:a3:2b:d2:15:3f:
ae:39:71:49:87:9c:54:29:da:1a:c5:ea:02:0f:b6:
0b:b2:3e:87:ae:0c:df:84:92:ab:75:30:01:fc:0b:
29:3e:29:27:d6:2c:5c:07:d5:dd:49:02:22:c0:32:
f4:57:c3:14:15:d4:b2:c3:b4:ae:c7:52:25:21:b9:
2c:87:98:73:b2:cd:66:a3:d7:25:84:c1:bd:5e:25:
f7:c5:d1:ea:61:8e:84:db:d9:e5:d2:d7:e7:76:7e:
0f:55:e3:ae:ec:7d:55:9f:26:5b:5c:40:31:6d:9d:
8e:c4:07:92:51:bd:e1:b2:2a:36:5f:01:6e:f0:86:
63:84:86:1f:a3:59:cd:e1:8b:c0:b2:aa:d9:e1:21:
ea:cc:5b:1b:76:68:fd:36:3e:fa:df:85:99:2c:92:
f3:26:5f:ba:14:0e:97:3c:6f:b8:6f:18:96:ee:d7:
10:64:6c:99:af:1e:91:59:07:94:40:a1:d9:83:97:
86:3b:a4:35:8d:33:08:4e:97:a0:9e:39:31:36:44:
c2:55:88:05:65:e4:81:44:4e:54:01:80:dd:24:2c:
0e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:29:97:AC:65:E0:C3:20:62:5D:BD:AC:D1:49:39:E4:4E:EE:45:A7
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/YimXrGXgwyBiXb2s0Uk55E7uRac.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:95c0:2d03::/48
Signature Algorithm: sha256WithRSAEncryption
80:a9:53:31:8a:80:92:66:5d:09:4f:19:47:5c:0e:cd:70:3f:
40:c5:13:ca:7a:a8:fb:50:17:4b:6d:cf:e8:dc:4e:e8:13:fa:
ce:26:e4:f5:cb:64:48:0c:ca:64:8f:28:e9:32:0a:ee:92:5c:
7a:59:dc:61:33:38:e7:86:26:fa:0a:f0:de:30:67:d5:6c:3f:
86:58:41:9c:a9:ab:de:17:6f:2e:ac:bd:48:8a:d2:34:ed:50:
8b:8a:1a:d6:2d:b6:a9:f8:9d:46:6c:43:4b:a1:72:b3:92:99:
8b:a8:c1:bc:d0:e6:fc:38:70:d4:a0:3d:f2:3d:83:cc:b3:b0:
b3:0e:97:65:ea:ee:c8:f2:74:95:49:43:39:3c:ea:0a:2e:fa:
cd:65:2d:44:62:90:79:60:90:46:8e:87:95:f0:24:33:a9:09:
48:63:ab:cd:ef:27:b1:1d:ad:30:24:59:42:3e:3c:3e:23:ec:
30:ed:93:8c:1e:59:3e:1d:0b:69:61:7c:84:26:b9:1d:17:ae:
70:aa:5b:12:f7:d6:5d:a1:58:c1:20:b2:1c:c1:10:57:99:65:
dd:6f:cc:88:13:d1:51:67:c8:f9:9a:29:f9:16:77:9e:5e:b4:
24:47:9e:cb:d0:a4:10:d6:c7:88:51:d2:94:0d:0a:63:c6:aa:
b9:4c:ab:85
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICA58wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yMTExMDgx
NTE0MjJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDYyMjk5N0FDNjVFMEMz
MjA2MjVEQkRBQ0QxNDkzOUU0NEVFRTQ1QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoxo6W5ioRlr6a743GEijf/HhCL6JjznZPlVM7jXoKJpneCBwu
EuqjK9IVP645cUmHnFQp2hrF6gIPtguyPoeuDN+Ekqt1MAH8Cyk+KSfWLFwH1d1J
AiLAMvRXwxQV1LLDtK7HUiUhuSyHmHOyzWaj1yWEwb1eJffF0ephjoTb2eXS1+d2
fg9V467sfVWfJltcQDFtnY7EB5JRveGyKjZfAW7whmOEhh+jWc3hi8CyqtnhIerM
Wxt2aP02PvrfhZkskvMmX7oUDpc8b7hvGJbu1xBkbJmvHpFZB5RAodmDl4Y7pDWN
MwhOl6CeOTE2RMJViAVl5IFETlQBgN0kLA4lAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYimXrGXgwyBiXb2s0Uk55E7uRacwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL1lpbVhyR1hnd3lCaVhiMnMw
VWs1NUU3dVJhYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
AZXALQMwDQYJKoZIhvcNAQELBQADggEBAICpUzGKgJJmXQlPGUdcDs1wP0DFE8p6
qPtQF0ttz+jcTugT+s4m5PXLZEgMymSPKOkyCu6SXHpZ3GEzOOeGJvoK8N4wZ9Vs
P4ZYQZypq94Xby6svUiK0jTtUIuKGtYttqn4nUZsQ0uhcrOSmYuowbzQ5vw4cNSg
PfI9g8yzsLMOl2Xq7sjydJVJQzk86gou+s1lLURikHlgkEaOh5XwJDOpCUhjq83v
J7EdrTAkWUI+PD4j7DDtk4weWT4dC2lhfIQmuR0XrnCqWxL31l2hWMEgshzBEFeZ
Zd1vzIgT0VFnyPmaKfkWd55etCRHnsvQpBDWx4hR0pQNCmPGqrlMq4U=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:23 2025 by rpki-client