Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/rMVbJvqls20vjtpP3bhRjlI3vLU.roa
File: rMVbJvqls20vjtpP3bhRjlI3vLU.roa (raw, json)
Hash identifier: ye68P2mUZIkCA64CPAWPzdvmpwj3tfoQ56OIGE2vH70=
Subject key identifier: AC:C5:5B:26:FA:A5:B3:6D:2F:8E:DA:4F:DD:B8:51:8E:52:37:BC:B5
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 09AF
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/rMVbJvqls20vjtpP3bhRjlI3vLU.roa
Signing time: Wed 29 Sep 2021 02:40:43 +0000
ROA not before: Wed 29 Sep 2021 02:40:43 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18042
IP address blocks: 2400:df40::/32 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2479 (0x9af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 29 02:40:43 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=ACC55B26FAA5B36D2F8EDA4FDDB8518E5237BCB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c6:9d:28:67:4d:15:ee:67:0c:c1:07:94:41:
0f:44:ec:48:09:e9:2a:10:78:46:3b:cd:06:17:44:
11:d3:3a:f1:be:b0:49:d6:75:9c:df:c8:af:11:90:
33:45:dc:06:4e:95:5c:4a:92:2c:be:e5:0c:d1:cb:
78:d4:25:8d:d7:87:d3:b4:37:e2:fe:d8:37:46:8c:
69:19:24:ad:1f:fe:96:8f:19:0a:c9:17:ba:1e:5b:
a4:96:38:0f:32:12:af:e7:d4:1f:4c:bf:23:23:ab:
be:2c:07:78:0e:e2:1b:23:b0:09:3f:74:0f:c8:31:
d4:35:99:a6:af:81:a1:51:dd:08:d8:30:da:db:09:
1a:32:6d:f3:45:8a:62:07:56:ad:c3:b1:b6:b5:d0:
cb:25:e4:d6:40:94:f8:ec:fd:dc:a3:6e:ec:d2:8b:
9f:e7:bb:94:fa:8d:84:d4:9a:37:b4:aa:54:7e:9a:
d4:60:b6:cf:66:e1:82:55:d7:08:ce:17:b3:93:46:
4a:9d:8d:c6:89:55:2a:8e:ff:03:38:df:14:d4:a2:
2e:1e:50:9e:0f:43:39:ce:bc:80:ba:db:21:40:a2:
aa:78:ab:f7:91:f7:40:a5:41:02:81:fc:12:ff:19:
e9:cc:dd:32:bb:78:59:90:c4:d6:65:ac:43:07:c7:
58:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C5:5B:26:FA:A5:B3:6D:2F:8E:DA:4F:DD:B8:51:8E:52:37:BC:B5
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/rMVbJvqls20vjtpP3bhRjlI3vLU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:df40::/32
Signature Algorithm: sha256WithRSAEncryption
22:7d:23:da:74:e5:b9:27:58:73:81:cb:67:2c:43:fc:63:96:
96:77:79:03:0f:11:53:58:92:4c:1e:3b:95:c5:cd:5b:3e:66:
81:eb:5e:d1:cc:42:1d:66:e5:52:7d:ca:b0:23:59:2f:92:f0:
07:91:0b:68:ff:44:2d:b3:14:9b:2e:d1:83:62:c4:8d:57:f0:
d2:1e:7a:57:f1:3c:d6:20:b7:36:5e:b7:a0:57:66:e1:59:01:
28:88:9d:12:89:03:f0:aa:89:d9:b5:28:05:62:13:8f:63:79:
07:7f:9a:81:ef:01:dc:40:58:83:2d:f5:c4:a8:c3:61:54:c0:
bd:77:da:2d:19:44:54:15:21:e0:6e:a8:a6:bf:ce:2d:22:cc:
26:07:71:4c:e5:d5:47:c4:4a:32:31:0b:92:43:c6:a5:54:52:
9b:7f:7b:70:dc:ad:da:4b:c7:15:86:70:37:4c:99:59:37:31:
84:49:82:1f:64:9c:d3:9c:c0:6f:5d:ae:da:4b:0c:78:91:39:
f1:ab:2d:43:32:61:bb:fb:48:93:5c:5e:4e:5d:3c:14:d8:2d:
31:95:e2:e3:3e:fa:4a:ba:41:d7:11:e9:8c:6e:d3:b8:82:8b:
f7:b5:4e:c9:b6:6d:54:64:e2:11:0f:78:91:b7:41:29:17:28:
99:1b:b5:20
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMTA5Mjkw
MjQwNDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEFDQzU1QjI2RkFBNUIz
NkQyRjhFREE0RkREQjg1MThFNTIzN0JDQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnxp0oZ00V7mcMwQeUQQ9E7EgJ6SoQeEY7zQYXRBHTOvG+sEnW
dZzfyK8RkDNF3AZOlVxKkiy+5QzRy3jUJY3Xh9O0N+L+2DdGjGkZJK0f/paPGQrJ
F7oeW6SWOA8yEq/n1B9MvyMjq74sB3gO4hsjsAk/dA/IMdQ1maavgaFR3QjYMNrb
CRoybfNFimIHVq3Dsba10Msl5NZAlPjs/dyjbuzSi5/nu5T6jYTUmje0qlR+mtRg
ts9m4YJV1wjOF7OTRkqdjcaJVSqO/wM43xTUoi4eUJ4PQznOvIC62yFAoqp4q/eR
90ClQQKB/BL/GenM3TK7eFmQxNZlrEMHx1ihAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUrMVbJvqls20vjtpP3bhRjlI3vLUwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL3JNVmJKdnFsczIwdmp0cFAzYmhSamxJ
M3ZMVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAN9AMA0G
CSqGSIb3DQEBCwUAA4IBAQAifSPadOW5J1hzgctnLEP8Y5aWd3kDDxFTWJJMHjuV
xc1bPmaB617RzEIdZuVSfcqwI1kvkvAHkQto/0QtsxSbLtGDYsSNV/DSHnpX8TzW
ILc2XregV2bhWQEoiJ0SiQPwqonZtSgFYhOPY3kHf5qB7wHcQFiDLfXEqMNhVMC9
d9otGURUFSHgbqimv84tIswmB3FM5dVHxEoyMQuSQ8alVFKbf3tw3K3aS8cVhnA3
TJlZNzGESYIfZJzTnMBvXa7aSwx4kTnxqy1DMmG7+0iTXF5OXTwU2C0xleLjPvpK
ukHXEemMbtO4gov3tU7Jtm1UZOIRD3iRt0EpFyiZG7Ug
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:41 2025 by rpki-client