Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IMCRS/wF00fLAIzH0s8dz_3G4b-QbixK0.roa
File: wF00fLAIzH0s8dz_3G4b-QbixK0.roa (raw, json)
Hash identifier: Kox+mtSpTXGSwH8BnTJ2EuD8dH4hqXj8vYBG+mAE9AU=
Subject key identifier: C0:5D:34:7C:B0:08:CC:7D:2C:F1:DC:FF:DC:6E:1B:F9:06:E2:C4:AD
Certificate issuer: /CN=22C51298D97A102902731FDC49BDFAB39D52AB2B
Certificate serial: 05
Authority key identifier: 22:C5:12:98:D9:7A:10:29:02:73:1F:DC:49:BD:FA:B3:9D:52:AB:2B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IsUSmNl6ECkCcx_cSb36s51Sqys.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/wF00fLAIzH0s8dz_3G4b-QbixK0.roa
Signing time: Fri 26 Nov 2021 07:58:47 +0000
ROA not before: Fri 26 Nov 2021 07:58:47 +0000
ROA not after: Sat 26 Nov 2022 00:46:50 +0000
asID: 38042
IP address blocks: 2400:37a0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22C51298D97A102902731FDC49BDFAB39D52AB2B
Validity
Not Before: Nov 26 07:58:47 2021 GMT
Not After : Nov 26 00:46:50 2022 GMT
Subject: CN=C05D347CB008CC7D2CF1DCFFDC6E1BF906E2C4AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:d4:97:21:32:8d:4b:86:07:69:27:01:21:
f5:83:50:74:68:17:82:90:a1:d2:52:95:f2:4a:32:
86:aa:48:2a:be:0e:84:41:9a:46:96:8d:e2:03:48:
f4:35:48:89:85:5d:28:d9:d3:e5:15:98:d1:42:5d:
2b:2c:93:f9:ff:4d:d2:23:7a:7a:8b:e8:6b:24:db:
d0:37:08:f3:a8:cf:3f:fd:82:b0:e7:22:91:e7:4d:
e5:2d:09:da:0f:2f:1a:1d:25:eb:24:36:d5:f5:ca:
a5:74:48:94:91:00:23:07:c8:5a:d1:d3:86:5a:b5:
32:b7:de:91:40:a1:ae:b9:02:05:fb:ce:85:67:03:
99:c2:6f:f5:39:ad:14:ca:70:4f:24:05:a2:a5:00:
df:26:5d:ed:26:5c:c0:65:a7:c0:62:fb:6e:fd:0e:
47:c5:5f:88:e5:21:50:42:ac:48:10:ca:69:62:fb:
43:84:3d:60:af:58:20:b5:1c:55:6d:22:5b:f7:a2:
fa:4b:a0:48:d7:b3:59:80:29:4e:5d:54:6d:33:ea:
83:3b:4d:54:a9:95:b3:26:26:28:24:45:fe:83:a2:
82:26:77:da:8f:a5:ca:4a:16:72:ad:3a:67:f6:61:
77:9c:0e:8e:d5:e1:5d:fe:af:fd:8d:83:14:e4:e3:
35:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5D:34:7C:B0:08:CC:7D:2C:F1:DC:FF:DC:6E:1B:F9:06:E2:C4:AD
X509v3 Authority Key Identifier:
keyid:22:C5:12:98:D9:7A:10:29:02:73:1F:DC:49:BD:FA:B3:9D:52:AB:2B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/IsUSmNl6ECkCcx_cSb36s51Sqys.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IsUSmNl6ECkCcx_cSb36s51Sqys.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/wF00fLAIzH0s8dz_3G4b-QbixK0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:37a0::/32
Signature Algorithm: sha256WithRSAEncryption
89:f1:10:e9:d3:bf:12:f2:cc:0a:22:8b:6b:e3:65:b5:96:1a:
f2:82:2f:b7:b6:12:f6:78:00:17:bd:7b:9b:6c:9e:3a:1a:28:
1d:5f:f3:5b:f2:be:66:e4:a9:8f:97:d4:9f:9d:c6:ca:68:f6:
32:f3:f4:91:3b:d4:c9:3e:18:f9:58:30:86:6d:03:06:62:df:
a7:42:88:3d:21:d0:62:65:73:b6:c0:3f:bb:45:6a:6c:5d:b6:
c6:ae:37:ab:58:fd:12:a3:c4:63:3e:5f:51:f1:82:2c:ba:b7:
50:46:b4:7c:28:cd:b8:7b:c0:1f:04:e9:6a:13:a3:83:72:b4:
93:d6:c5:be:76:ae:2b:22:fa:fa:c8:cd:d8:e2:c0:2b:7e:39:
8d:5c:7a:30:54:5a:bc:b4:72:5c:d0:6e:3f:01:50:ae:24:c8:
22:88:92:92:07:01:25:ab:9b:59:ff:06:2a:fe:35:2e:29:73:
6d:65:35:11:55:52:88:e4:28:4e:ef:8c:e9:81:83:39:bc:06:
b2:16:98:5f:e7:f7:80:c8:c1:e2:19:68:8f:4a:e3:fd:2a:63:
19:2a:b7:ea:8a:56:84:f8:e5:76:80:3a:36:bc:6a:03:08:0c:
6c:50:60:7b:c6:74:bd:5d:77:cb:7f:35:30:3b:8d:ba:46:fd:
c4:0f:d9:ee
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyMkM1
MTI5OEQ5N0ExMDI5MDI3MzFGREM0OUJERkFCMzlENTJBQjJCMB4XDTIxMTEyNjA3
NTg0N1oXDTIyMTEyNjAwNDY1MFowMzExMC8GA1UEAxMoQzA1RDM0N0NCMDA4Q0M3
RDJDRjFEQ0ZGREM2RTFCRjkwNkUyQzRBRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALE61JchMo1LhgdpJwEh9YNQdGgXgpCh0lKV8koyhqpIKr4OhEGa
RpaN4gNI9DVIiYVdKNnT5RWY0UJdKyyT+f9N0iN6eovoayTb0DcI86jPP/2CsOci
kedN5S0J2g8vGh0l6yQ21fXKpXRIlJEAIwfIWtHThlq1MrfekUChrrkCBfvOhWcD
mcJv9TmtFMpwTyQFoqUA3yZd7SZcwGWnwGL7bv0OR8VfiOUhUEKsSBDKaWL7Q4Q9
YK9YILUcVW0iW/ei+kugSNezWYApTl1UbTPqgztNVKmVsyYmKCRF/oOigiZ32o+l
ykoWcq06Z/Zhd5wOjtXhXf6v/Y2DFOTjNe0CAwEAAaOCAe0wggHpMB0GA1UdDgQW
BBTAXTR8sAjMfSzx3P/cbhv5BuLErTAfBgNVHSMEGDAWgBQixRKY2XoQKQJzH9xJ
vfqznVKrKzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JTUNSUy9J
c1VTbU5sNkVDa0NjeF9jU2IzNnM1MVNxeXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0lzVVNtTmw2RUNrQ2N4X2NTYjM2czUxU3F5cy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0lNQ1JTL3dGMDBmTEFJekgwczhkel8zRzRi
LVFiaXhLMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkADeg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJ8RDp078S8swKIotr42W1lhrygi+3thL2eAAX
vXubbJ46GigdX/Nb8r5m5KmPl9SfncbKaPYy8/SRO9TJPhj5WDCGbQMGYt+nQog9
IdBiZXO2wD+7RWpsXbbGrjerWP0So8RjPl9R8YIsurdQRrR8KM24e8AfBOlqE6OD
crST1sW+dq4rIvr6yM3Y4sArfjmNXHowVFq8tHJc0G4/AVCuJMgiiJKSBwElq5tZ
/wYq/jUuKXNtZTURVVKI5ChO74zpgYM5vAayFphf5/eAyMHiGWiPSuP9KmMZKrfq
ilaE+OV2gDo2vGoDCAxsUGB7xnS9XXfLfzUwO426Rv3ED9nu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org