Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKMT/heLmrC-5rhLd_VScBRGxgSnSNYw.roa
File: heLmrC-5rhLd_VScBRGxgSnSNYw.roa (raw, json)
Hash identifier: 4kTMqMsamyROpX+t9JWukkTMchP2YIaFfXbcbEG1g9Y=
Subject key identifier: 85:E2:E6:AC:2F:B9:AE:12:DD:FD:54:9C:05:11:B1:81:29:D2:35:8C
Certificate issuer: /CN=48540E13F8B2CAE86CD1F8C7252839A5078F16A5
Certificate serial: 0ADA
Authority key identifier: 48:54:0E:13:F8:B2:CA:E8:6C:D1:F8:C7:25:28:39:A5:07:8F:16:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SFQOE_iyyuhs0fjHJSg5pQePFqU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKMT/heLmrC-5rhLd_VScBRGxgSnSNYw.roa
Signing time: Wed 29 Sep 2021 02:38:06 +0000
ROA not before: Wed 29 Sep 2021 02:38:06 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131645
IP address blocks: 2405:1540::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2778 (0xada)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48540E13F8B2CAE86CD1F8C7252839A5078F16A5
Validity
Not Before: Sep 29 02:38:06 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=85E2E6AC2FB9AE12DDFD549C0511B18129D2358C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e2:c2:5e:99:4d:9a:64:de:44:3c:2b:3c:3f:
94:f0:ab:68:07:ed:0f:44:ec:b7:66:c8:73:4a:ed:
33:94:12:12:bc:f6:fc:43:e7:63:54:5b:c3:86:ec:
dd:f2:e6:17:f1:44:bf:e3:a9:84:05:a9:78:4b:f3:
a3:e6:c1:4c:97:cf:d1:96:f7:93:f1:4c:22:8f:f5:
61:fe:88:13:e3:91:8b:d5:d5:6f:6d:a2:3b:e6:c2:
b9:3e:04:c2:64:e5:7b:dd:88:fa:16:b5:5a:91:e2:
dd:1a:b6:43:74:41:6e:78:a3:f0:6d:3e:ef:bf:41:
bc:8c:d5:91:4f:87:0f:46:d3:73:1f:a7:51:79:95:
95:64:83:80:64:85:e6:f2:eb:ae:c0:eb:61:0f:ca:
f4:65:8e:88:80:ee:8a:1b:c4:6f:57:45:63:28:f9:
10:a6:49:18:c8:e7:7e:7e:d1:cd:d4:91:54:e5:bf:
95:99:c2:e7:ff:39:5b:ed:c8:f4:24:a8:fe:97:0d:
97:10:db:25:3a:f0:eb:21:68:fc:e6:f7:18:43:36:
36:06:95:a6:e0:92:44:9f:16:ff:ba:af:64:c4:8b:
d8:d4:0f:b1:9a:cc:08:c8:2a:bb:6e:aa:e3:67:6b:
3b:e6:22:d7:2e:48:fc:22:d3:f5:9d:10:f7:95:15:
ef:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E2:E6:AC:2F:B9:AE:12:DD:FD:54:9C:05:11:B1:81:29:D2:35:8C
X509v3 Authority Key Identifier:
keyid:48:54:0E:13:F8:B2:CA:E8:6C:D1:F8:C7:25:28:39:A5:07:8F:16:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKMT/SFQOE_iyyuhs0fjHJSg5pQePFqU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SFQOE_iyyuhs0fjHJSg5pQePFqU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKMT/heLmrC-5rhLd_VScBRGxgSnSNYw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:1540::/32
Signature Algorithm: sha256WithRSAEncryption
49:ef:ca:2f:e8:f3:df:9c:e2:e1:52:6c:6a:03:02:ac:df:67:
48:ac:ee:c2:6d:c9:74:24:b4:ba:de:3c:66:b8:50:4a:71:c1:
00:cc:de:d6:35:f5:91:e4:ff:dd:47:8b:d2:4f:16:43:c7:02:
4b:80:74:03:e7:ba:78:da:ed:91:41:93:68:a6:2e:d6:7c:82:
8f:35:0f:fc:67:10:1d:62:19:bb:46:70:91:57:4c:75:9d:df:
28:cd:d3:7e:7b:f6:36:b2:10:bc:f5:7b:d1:7c:58:bb:6d:d6:
01:f0:66:e7:70:1f:3b:30:ca:4f:04:18:30:fd:a6:b5:38:b0:
b9:31:2d:52:1a:5a:3b:69:ac:7d:06:be:11:6d:2d:45:c0:42:
07:f0:f0:b7:43:5f:1a:02:9c:bf:47:15:69:69:32:ae:72:7c:
5b:a9:62:87:6a:e4:67:e6:9e:05:9a:81:d8:fe:ca:34:39:9e:
a7:83:bb:b2:e2:de:85:cc:95:f2:18:ee:15:11:9c:43:3a:11:
04:ed:f3:68:ef:6b:ab:a5:4e:7d:53:13:41:b1:85:79:12:b4:
95:76:48:70:d9:46:6b:ab:24:57:96:ba:80:cd:50:41:8a:85:
8e:b6:61:cd:66:32:d3:c5:c1:22:da:16:f9:3a:a9:e8:ff:cc:
52:14:11:b9
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCtowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDg1
NDBFMTNGOEIyQ0FFODZDRDFGOEM3MjUyODM5QTUwNzhGMTZBNTAeFw0yMTA5Mjkw
MjM4MDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg1RTJFNkFDMkZCOUFF
MTJEREZENTQ5QzA1MTFCMTgxMjlEMjM1OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr4sJemU2aZN5EPCs8P5Twq2gH7Q9E7LdmyHNK7TOUEhK89vxD
52NUW8OG7N3y5hfxRL/jqYQFqXhL86PmwUyXz9GW95PxTCKP9WH+iBPjkYvV1W9t
ojvmwrk+BMJk5XvdiPoWtVqR4t0atkN0QW54o/BtPu+/QbyM1ZFPhw9G03Mfp1F5
lZVkg4Bkheby667A62EPyvRljoiA7oobxG9XRWMo+RCmSRjI535+0c3UkVTlv5WZ
wuf/OVvtyPQkqP6XDZcQ2yU68OshaPzm9xhDNjYGlabgkkSfFv+6r2TEi9jUD7Ga
zAjIKrtuquNnazvmItcuSPwi0/WdEPeVFe//AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUheLmrC+5rhLd/VScBRGxgSnSNYwwHwYDVR0jBBgwFoAUSFQOE/iyyuhs0fjH
JSg5pQePFqUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tNVC9T
RlFPRV9peXl1aHMwZmpISlNnNXBRZVBGcVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1NGUU9FX2l5eXVoczBmakhKU2c1cFFlUEZxVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0tLTVQvaGVMbXJDLTVyaExkX1ZTY0JSR3hn
U25TTll3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQFFUAw
DQYJKoZIhvcNAQELBQADggEBAEnvyi/o89+c4uFSbGoDAqzfZ0is7sJtyXQktLre
PGa4UEpxwQDM3tY19ZHk/91Hi9JPFkPHAkuAdAPnunja7ZFBk2imLtZ8go81D/xn
EB1iGbtGcJFXTHWd3yjN03579jayELz1e9F8WLtt1gHwZudwHzswyk8EGDD9prU4
sLkxLVIaWjtprH0GvhFtLUXAQgfw8LdDXxoCnL9HFWlpMq5yfFupYodq5GfmngWa
gdj+yjQ5nqeDu7Li3oXMlfIY7hURnEM6EQTt82jva6ulTn1TE0GxhXkStJV2SHDZ
RmurJFeWuoDNUEGKhY62Yc1mMtPFwSLaFvk6qej/zFIUEbk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:57 2023 by rpki-client on console-ams.rpki-client.org