Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HST/fvBweyLzJbCs8fLW3f1tl5LOXcc.roa
File: fvBweyLzJbCs8fLW3f1tl5LOXcc.roa (raw, json)
Hash identifier: eQTIXJtOkOmdJnD7xBSy2N68MzBdILsi1KSslqJZ3Yc=
Subject key identifier: 7E:F0:70:7B:22:F3:25:B0:AC:F1:F2:D6:DD:FD:6D:97:92:CE:5D:C7
Certificate issuer: /CN=833D5BF79B45C730ED141CB539A508D01AA30908
Certificate serial: 0889
Authority key identifier: 83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/fvBweyLzJbCs8fLW3f1tl5LOXcc.roa
Signing time: Fri 01 Sep 2023 09:00:47 +0000
ROA not before: Fri 01 Sep 2023 09:00:47 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131666
IP address blocks: 2405:6440::/32 maxlen: 38
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2185 (0x889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833D5BF79B45C730ED141CB539A508D01AA30908
Validity
Not Before: Sep 1 09:00:47 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=7EF0707B22F325B0ACF1F2D6DDFD6D9792CE5DC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ae:44:b3:db:90:7b:81:1c:f3:3e:13:d4:26:
18:6f:73:10:b6:58:64:47:1b:bb:16:94:28:ed:52:
04:52:6b:c9:20:fa:4a:51:c5:6b:df:96:25:f1:1f:
bf:f9:47:92:f9:a9:b4:54:91:77:2d:b7:5d:dc:e7:
8a:b8:68:10:ad:0f:cd:49:06:ed:a3:bc:35:29:72:
fe:c3:2f:cc:87:b3:e7:79:60:51:22:09:a0:d1:15:
e2:1d:df:64:60:bb:2e:be:56:0f:84:77:e6:ad:17:
e5:c1:c6:80:cc:d4:a7:9a:ea:83:66:ba:69:13:85:
bb:68:a9:63:ca:ea:fd:1e:bf:e6:3b:0d:0e:62:2e:
51:ca:8f:b2:39:1b:75:26:e0:11:90:45:88:f1:79:
0d:c9:46:a0:55:73:e4:30:86:c5:6f:74:e8:4c:3d:
91:28:08:8a:38:7c:cd:c5:59:85:73:dc:00:40:e9:
84:d6:9c:28:df:4b:6a:d6:cb:02:c6:83:bb:29:e2:
c8:65:62:4e:a9:74:f8:a4:c4:d8:97:47:1c:8a:ff:
57:49:f6:22:56:c4:fa:1a:75:f2:6d:9d:68:2c:10:
50:48:60:b3:d5:b9:0d:77:d9:75:eb:3b:88:74:c7:
55:d7:ab:11:60:91:47:0c:34:0e:06:03:b0:87:88:
31:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F0:70:7B:22:F3:25:B0:AC:F1:F2:D6:DD:FD:6D:97:92:CE:5D:C7
X509v3 Authority Key Identifier:
keyid:83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/gz1b95tFxzDtFBy1OaUI0BqjCQg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/fvBweyLzJbCs8fLW3f1tl5LOXcc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:6440::/32
Signature Algorithm: sha256WithRSAEncryption
46:f6:93:36:eb:e0:93:5b:90:66:a4:0b:bb:6a:3e:ba:a3:b0:
8f:59:bf:48:90:62:6c:21:db:ec:e7:cd:1c:57:ea:f9:4a:76:
8c:44:9d:d0:9a:2d:18:ef:27:a7:0e:8f:64:b8:e3:a4:cc:b9:
f1:23:d7:56:94:25:74:8b:26:77:6f:cc:9e:98:31:be:14:7a:
8e:4f:91:99:6d:ac:c9:57:9e:bc:c1:62:5f:f0:3f:3e:9d:54:
67:c9:b1:e3:c4:24:82:92:92:62:c3:cd:89:ca:7e:1e:d5:9c:
0d:cb:2e:8c:3e:15:57:0a:88:89:f9:e3:7c:9b:7c:7d:4d:d8:
cf:d8:33:ee:a9:5f:10:6f:36:f2:d2:79:3b:a3:fc:11:0e:89:
f3:63:96:81:69:37:82:9a:15:c9:14:8d:8f:7f:24:48:93:a8:
21:b4:f6:d0:45:a7:c4:0f:28:73:48:71:f2:73:ba:dd:6b:83:
bd:d9:47:b0:22:0e:39:a5:f3:5b:83:0a:45:1a:8f:21:ed:7a:
ca:95:20:50:82:30:54:ac:8f:8f:15:2e:a0:f5:21:3f:e6:54:
90:5e:1f:4d:84:b4:a8:de:7c:65:48:eb:02:8b:6a:8a:68:e4:
43:0a:f3:c3:2c:04:72:c4:b8:69:4e:de:01:ec:70:db:38:d1:
64:2c:45:fb
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMz
RDVCRjc5QjQ1QzczMEVEMTQxQ0I1MzlBNTA4RDAxQUEzMDkwODAeFw0yMzA5MDEw
OTAwNDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDdFRjA3MDdCMjJGMzI1
QjBBQ0YxRjJENkRERkQ2RDk3OTJDRTVEQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjrkSz25B7gRzzPhPUJhhvcxC2WGRHG7sWlCjtUgRSa8kg+kpR
xWvfliXxH7/5R5L5qbRUkXctt13c54q4aBCtD81JBu2jvDUpcv7DL8yHs+d5YFEi
CaDRFeId32Rguy6+Vg+Ed+atF+XBxoDM1Kea6oNmumkThbtoqWPK6v0ev+Y7DQ5i
LlHKj7I5G3Um4BGQRYjxeQ3JRqBVc+QwhsVvdOhMPZEoCIo4fM3FWYVz3ABA6YTW
nCjfS2rWywLGg7sp4shlYk6pdPikxNiXRxyK/1dJ9iJWxPoadfJtnWgsEFBIYLPV
uQ132XXrO4h0x1XXqxFgkUcMNA4GA7CHiDGPAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUfvBweyLzJbCs8fLW3f1tl5LOXccwHwYDVR0jBBgwFoAUgz1b95tFxzDtFBy1
OaUI0BqjCQgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL2d6
MWI5NXRGeHpEdEZCeTFPYVVJMEJxakNRZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Z3oxYjk1dEZ4ekR0RkJ5MU9hVUkwQnFqQ1FnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL2Z2QndleUx6SmJDczhmTFczZjF0bDVM
T1hjYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBWRAMA0G
CSqGSIb3DQEBCwUAA4IBAQBG9pM26+CTW5BmpAu7aj66o7CPWb9IkGJsIdvs580c
V+r5SnaMRJ3Qmi0Y7yenDo9kuOOkzLnxI9dWlCV0iyZ3b8yemDG+FHqOT5GZbazJ
V568wWJf8D8+nVRnybHjxCSCkpJiw82Jyn4e1ZwNyy6MPhVXCoiJ+eN8m3x9TdjP
2DPuqV8Qbzby0nk7o/wRDonzY5aBaTeCmhXJFI2PfyRIk6ghtPbQRafEDyhzSHHy
c7rda4O92UewIg45pfNbgwpFGo8h7XrKlSBQgjBUrI+PFS6g9SE/5lSQXh9NhLSo
3nxlSOsCi2qKaORDCvPDLARyxLhpTt4B7HDbONFkLEX7
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:01 2025 by rpki-client