Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/cd8r3tg6p_NuYZM1Gj-ylvxpeik.roa
File: cd8r3tg6p_NuYZM1Gj-ylvxpeik.roa (raw, json)
Hash identifier: 0e3B1cbIzgLr53s203OjfnSvY86wvogrthj1uZj4hno=
Subject key identifier: 71:DF:2B:DE:D8:3A:A7:F3:6E:61:93:35:1A:3F:B2:96:FC:69:7A:29
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0912
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/cd8r3tg6p_NuYZM1Gj-ylvxpeik.roa
Signing time: Wed 03 Mar 2021 02:09:04 +0000
ROA not before: Wed 03 Mar 2021 02:09:04 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18042
IP address blocks: 2400:df40::/32 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2322 (0x912)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Mar 3 02:09:04 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=71DF2BDED83AA7F36E6193351A3FB296FC697A29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:5c:e2:c0:1c:45:9e:32:ce:c9:81:f9:be:ec:
c3:f9:81:cd:66:06:f0:ee:d6:12:f1:05:c7:cd:25:
ff:1c:eb:ac:64:20:5f:ed:b6:ea:9d:d1:5d:da:5d:
1c:22:d0:d1:90:74:d0:ba:e6:37:69:7e:fd:2e:04:
48:ad:67:1f:1a:f1:b9:35:84:87:d4:23:17:94:b2:
45:05:bf:86:8c:b8:c5:cf:bf:b8:60:ab:33:15:3a:
a7:21:65:6e:73:2d:4c:0f:b4:43:02:a4:70:ef:72:
08:3b:be:a9:43:98:2c:e7:88:89:dd:4d:4d:eb:0e:
c2:ee:de:1e:e8:ae:d1:f1:41:40:2d:22:33:5c:87:
53:3f:0c:46:46:62:ce:c7:33:ec:ca:42:ee:73:59:
16:9a:23:cb:7d:61:81:0c:f5:45:f3:b0:75:c8:08:
5b:24:bf:af:15:13:0e:c7:99:ad:c4:4f:a4:89:84:
d7:82:32:3b:61:0b:69:dc:f5:73:b1:bd:2b:f8:95:
45:0e:af:2b:73:aa:05:34:04:4a:7c:34:e0:3e:fa:
ad:24:92:9d:87:95:09:ce:06:01:55:30:5d:0c:09:
ca:d1:94:ba:5f:96:56:11:26:29:82:8c:5d:c0:d6:
03:37:09:bb:4f:6a:43:58:60:e6:cf:74:90:bc:bb:
b7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:DF:2B:DE:D8:3A:A7:F3:6E:61:93:35:1A:3F:B2:96:FC:69:7A:29
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/cd8r3tg6p_NuYZM1Gj-ylvxpeik.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:df40::/32
Signature Algorithm: sha256WithRSAEncryption
11:b6:ad:a5:31:e3:e8:ce:0c:e6:a1:8c:80:bf:a9:5e:2c:de:
94:34:ba:8d:29:9b:e6:f6:7b:f7:3f:0f:2c:cf:dc:22:f8:c9:
89:b6:c3:68:24:1c:3d:d4:c8:ad:ac:48:8b:70:cd:6c:07:40:
92:af:f8:60:69:36:9b:a0:58:0d:f5:a0:63:3f:0a:aa:da:7c:
2f:fa:27:44:32:cd:51:36:f7:69:4e:65:12:dd:b9:fe:af:f7:
a3:cf:c1:70:22:aa:b5:82:80:29:54:d4:9e:77:49:7b:ab:ac:
d2:cb:ed:94:f5:68:ec:91:7c:37:0d:cb:52:8e:90:70:ba:b5:
5b:c0:8d:a6:68:27:44:17:f6:7a:45:aa:29:81:2b:1d:79:b5:
99:9b:13:9d:f4:2f:b5:cd:d9:e6:4a:70:20:76:2b:bd:2f:38:
8f:90:a4:17:97:8b:5f:1d:2a:92:20:9c:a3:69:49:8b:69:d1:
61:b1:97:5f:74:4a:61:bc:e0:cd:b5:81:dc:0c:0c:de:bc:e2:
a1:4f:df:ac:ba:52:f0:6b:24:9d:57:94:fc:43:fe:4a:dc:da:
7d:c2:dd:b3:f9:03:88:92:cb:45:50:ec:7e:a6:f9:d8:4d:25:
2f:29:67:1b:5e:96:62:b1:47:ff:da:5f:0d:1a:b2:8b:8e:53:
63:d4:9f:c8
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCRIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTAzMDMw
MjA5MDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDcxREYyQkRFRDgzQUE3
RjM2RTYxOTMzNTFBM0ZCMjk2RkM2OTdBMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmXOLAHEWeMs7Jgfm+7MP5gc1mBvDu1hLxBcfNJf8c66xkIF/t
tuqd0V3aXRwi0NGQdNC65jdpfv0uBEitZx8a8bk1hIfUIxeUskUFv4aMuMXPv7hg
qzMVOqchZW5zLUwPtEMCpHDvcgg7vqlDmCzniIndTU3rDsLu3h7ortHxQUAtIjNc
h1M/DEZGYs7HM+zKQu5zWRaaI8t9YYEM9UXzsHXICFskv68VEw7Hma3ET6SJhNeC
MjthC2nc9XOxvSv4lUUOrytzqgU0BEp8NOA++q0kkp2HlQnOBgFVMF0MCcrRlLpf
llYRJimCjF3A1gM3CbtPakNYYObPdJC8u7eVAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUcd8r3tg6p/NuYZM1Gj+ylvxpeikwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL2NkOHIzdGc2cF9OdVlaTTFHai15bHZ4
cGVpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAN9AMA0G
CSqGSIb3DQEBCwUAA4IBAQARtq2lMePozgzmoYyAv6leLN6UNLqNKZvm9nv3Pw8s
z9wi+MmJtsNoJBw91MitrEiLcM1sB0CSr/hgaTaboFgN9aBjPwqq2nwv+idEMs1R
NvdpTmUS3bn+r/ejz8FwIqq1goApVNSed0l7q6zSy+2U9WjskXw3DctSjpBwurVb
wI2maCdEF/Z6RaopgSsdebWZmxOd9C+1zdnmSnAgdiu9LziPkKQXl4tfHSqSIJyj
aUmLadFhsZdfdEphvODNtYHcDAzevOKhT9+sulLwaySdV5T8Q/5K3Np9wt2z+QOI
kstFUOx+pvnYTSUvKWcbXpZisUf/2l8NGrKLjlNj1J/I
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org