Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/RJ_gQJa8oCvTYFp8goXaDegp0z4.roa
File: RJ_gQJa8oCvTYFp8goXaDegp0z4.roa (raw, json)
Hash identifier: XucswbnxM0z2jsz86SXFheZATH7LZ5BuRFtLGKZ/rDU=
Subject key identifier: 44:9F:E0:40:96:BC:A0:2B:D3:60:5A:7C:82:85:DA:0D:E8:29:D3:3E
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 07A3
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/RJ_gQJa8oCvTYFp8goXaDegp0z4.roa
Signing time: Tue 29 Sep 2020 10:04:29 +0000
ROA not before: Tue 29 Sep 2020 10:04:29 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 2400:df40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1955 (0x7a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 29 10:04:29 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=449FE04096BCA02BD3605A7C8285DA0DE829D33E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d2:e8:45:06:97:53:0b:f3:3d:69:f3:90:2d:
fd:5e:13:dd:81:35:17:3d:8f:c9:20:e7:13:0c:fc:
18:f4:18:4c:03:79:25:ed:b3:dd:c9:cf:49:9e:bf:
96:56:ad:da:05:1c:f1:78:af:7e:92:a3:39:ab:e8:
f7:16:43:66:af:75:b0:5d:88:30:70:1d:97:17:36:
35:3d:e1:b0:8f:87:34:d7:0e:93:49:8d:3e:7e:30:
06:87:1c:37:54:83:cd:5a:da:c3:34:d8:b9:44:18:
a7:65:25:02:58:81:a7:00:17:86:5d:0e:f8:82:f0:
42:18:0c:53:5a:c9:65:08:8c:5e:c2:f3:33:28:ca:
14:91:74:39:ef:e9:7f:fc:86:77:99:1b:ad:e6:6d:
2d:33:3d:10:40:8a:51:9b:ae:39:48:8a:ea:39:db:
f7:dd:95:d1:c7:06:b2:92:be:d2:ea:78:cf:fc:6f:
10:57:74:61:98:55:2a:30:68:fc:be:d2:92:98:31:
3d:b4:77:75:1d:9d:bb:5d:ce:37:02:4a:25:12:78:
d3:23:aa:e9:88:37:6d:c3:c7:fd:67:f9:e6:b8:2c:
07:08:42:fd:c8:a8:bb:2c:70:dd:1f:a3:17:21:af:
45:41:4b:a4:96:bc:3d:2d:51:c9:a0:20:33:73:26:
8a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9F:E0:40:96:BC:A0:2B:D3:60:5A:7C:82:85:DA:0D:E8:29:D3:3E
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/RJ_gQJa8oCvTYFp8goXaDegp0z4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:df40::/32
Signature Algorithm: sha256WithRSAEncryption
36:30:22:fc:a3:e8:37:57:5e:1d:fd:07:f6:31:7d:bf:c0:8a:
e2:91:7f:06:0e:88:e7:11:f5:04:84:16:d0:77:04:8f:4b:7a:
97:b3:73:e6:dd:a0:b4:30:d7:73:a4:e3:2f:95:16:e8:ae:73:
82:a4:14:8a:27:ae:f9:bc:f3:44:05:39:ab:6b:6b:44:66:a8:
02:08:b5:26:27:ea:86:8c:52:b4:9f:9a:6d:21:24:60:b1:ac:
6d:ba:27:02:fb:da:49:b9:08:fe:01:74:41:50:4d:c9:7d:ee:
4a:b3:f1:ea:0a:31:63:a8:a2:3e:64:bb:9e:42:8b:51:56:cd:
d6:34:9e:d1:bc:4b:55:90:20:5e:0c:fe:53:9b:28:8c:c6:b6:
e4:d2:4f:e0:c8:d1:ca:ef:00:d6:51:f4:ae:f1:b1:8b:69:73:
97:8c:8b:ad:b7:55:ac:36:b9:41:3b:3b:8f:6c:d5:08:5d:15:
be:f6:1c:d8:10:0f:e3:12:1d:66:2f:57:14:60:2e:26:30:07:
5f:66:14:80:c3:40:74:a4:b8:e6:2b:55:11:9d:13:f2:5d:44:
f3:0e:86:38:6a:8e:3b:8d:6f:82:c5:ea:7a:2d:ea:23:41:52:
76:a8:80:0c:eb:a9:b6:54:81:a3:de:0f:ea:e7:34:93:0a:15:
e7:31:26:ce
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICB6MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMDA5Mjkx
MDA0MjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQ0OUZFMDQwOTZCQ0Ew
MkJEMzYwNUE3QzgyODVEQTBERTgyOUQzM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCg0uhFBpdTC/M9afOQLf1eE92BNRc9j8kg5xMM/Bj0GEwDeSXt
s93Jz0mev5ZWrdoFHPF4r36Sozmr6PcWQ2avdbBdiDBwHZcXNjU94bCPhzTXDpNJ
jT5+MAaHHDdUg81a2sM02LlEGKdlJQJYgacAF4ZdDviC8EIYDFNayWUIjF7C8zMo
yhSRdDnv6X/8hneZG63mbS0zPRBAilGbrjlIiuo52/fdldHHBrKSvtLqeM/8bxBX
dGGYVSowaPy+0pKYMT20d3UdnbtdzjcCSiUSeNMjqumIN23Dx/1n+ea4LAcIQv3I
qLsscN0foxchr0VBS6SWvD0tUcmgIDNzJorBAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQURJ/gQJa8oCvTYFp8goXaDegp0z4wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1JKX2dRSmE4b0N2VFlGcDhnb1hhRGVn
cDB6NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAN9AMA0G
CSqGSIb3DQEBCwUAA4IBAQA2MCL8o+g3V14d/Qf2MX2/wIrikX8GDojnEfUEhBbQ
dwSPS3qXs3Pm3aC0MNdzpOMvlRbornOCpBSKJ675vPNEBTmra2tEZqgCCLUmJ+qG
jFK0n5ptISRgsaxtuicC+9pJuQj+AXRBUE3Jfe5Ks/HqCjFjqKI+ZLueQotRVs3W
NJ7RvEtVkCBeDP5TmyiMxrbk0k/gyNHK7wDWUfSu8bGLaXOXjIutt1WsNrlBOzuP
bNUIXRW+9hzYEA/jEh1mL1cUYC4mMAdfZhSAw0B0pLjmK1URnRPyXUTzDoY4ao47
jW+Cxep6LeojQVJ2qIAM66m2VIGj3g/q5zSTChXnMSbO
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org