Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKSMF/Okhv4KY7koLD9Cym6i9_QANXh8I.roa
File: Okhv4KY7koLD9Cym6i9_QANXh8I.roa (raw, json)
Hash identifier: CACz784oQjn9/mnd2nIyGqJVVSXYHukB8+OZT4VsAlM=
Subject key identifier: 3A:48:6F:E0:A6:3B:92:82:C3:F4:2C:A6:EA:2F:7F:40:03:57:87:C2
Certificate issuer: /CN=FBCFA1880AC86CE4FB99F974E9953F3597DCDE0A
Certificate serial: 0C37
Authority key identifier: FB:CF:A1:88:0A:C8:6C:E4:FB:99:F9:74:E9:95:3F:35:97:DC:DE:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/Okhv4KY7koLD9Cym6i9_QANXh8I.roa
Signing time: Fri 01 Sep 2023 09:14:56 +0000
ROA not before: Fri 01 Sep 2023 09:14:56 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131645
IP address blocks: 2405:29c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3127 (0xc37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FBCFA1880AC86CE4FB99F974E9953F3597DCDE0A
Validity
Not Before: Sep 1 09:14:56 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=3A486FE0A63B9282C3F42CA6EA2F7F40035787C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:83:60:90:9c:16:1a:8d:e3:fe:6b:d3:75:
63:64:52:ce:c0:3e:6a:d6:dd:ed:7b:4d:9d:20:08:
e9:08:d8:0d:56:13:1a:0b:a6:be:72:db:f9:eb:54:
67:b8:79:37:e6:e5:3d:2f:3a:17:48:ad:99:3f:69:
90:cd:c4:ce:12:01:90:62:10:9d:a5:e7:e1:93:43:
64:0d:bf:9a:a0:8b:50:2f:af:ba:ee:de:ab:fe:2d:
6d:ab:f2:65:b4:04:f9:37:43:41:da:e2:62:e7:75:
52:b1:1a:79:ba:87:e5:74:4c:3f:b4:26:6b:75:d3:
ed:6c:5b:98:f0:fc:9b:b1:94:17:c4:65:bd:5c:e9:
95:a9:12:00:92:72:40:7b:9b:cc:a0:bc:c1:7b:a6:
10:b6:7a:6f:5f:0f:63:af:f8:5c:1c:3b:bb:74:7b:
24:ce:5c:92:96:ea:c9:67:73:de:87:ea:0c:f9:65:
2d:fd:39:80:03:c8:fc:2e:b9:a0:bb:86:04:ab:43:
b8:3e:e9:63:d8:7c:10:66:79:d1:7c:d8:2a:66:c1:
45:c3:65:79:40:aa:d9:8b:53:d4:3b:d1:42:81:b0:
58:95:2c:dc:5c:77:79:c1:a7:7d:fe:99:14:7b:f3:
b9:a3:0d:4c:9e:27:ef:84:26:4a:d9:8c:4e:08:e6:
4e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:48:6F:E0:A6:3B:92:82:C3:F4:2C:A6:EA:2F:7F:40:03:57:87:C2
X509v3 Authority Key Identifier:
keyid:FB:CF:A1:88:0A:C8:6C:E4:FB:99:F9:74:E9:95:3F:35:97:DC:DE:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/-8-hiArIbOT7mfl06ZU_NZfc3go.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/Okhv4KY7koLD9Cym6i9_QANXh8I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:29c0::/32
Signature Algorithm: sha256WithRSAEncryption
17:8c:c6:70:52:4e:1a:97:83:27:c5:c5:3c:23:db:4a:00:8e:
aa:87:b3:6a:cb:ce:bf:fd:96:01:55:44:f7:9f:a3:51:86:01:
8a:ba:82:e6:8b:90:79:30:af:ef:57:88:25:af:9a:33:75:50:
ea:8a:be:89:23:6c:83:6c:e9:17:00:44:71:30:d2:9f:be:a0:
10:7e:70:9f:f6:3e:50:77:49:5e:50:b4:5f:d2:61:b7:b3:c6:
d3:61:1a:12:6a:b6:fd:ba:f7:b2:65:b5:c7:82:04:75:38:05:
50:7f:62:a1:5f:7a:17:46:8a:4f:bc:a3:99:eb:d4:cf:c2:b9:
c3:14:d6:1c:7b:cd:22:60:69:9a:31:9a:d9:3d:e4:8c:09:50:
e2:27:f7:79:4f:33:53:21:45:b1:c8:8b:35:1c:10:1f:32:61:
28:14:d8:ff:3e:81:a9:9a:07:e0:1c:b2:8b:3d:38:eb:89:bc:
e2:1e:31:89:59:5d:3b:82:c9:32:e2:ff:e0:2c:00:6d:c3:28:
fb:98:28:cd:bf:64:a7:24:74:0e:91:dc:60:65:1c:50:53:5a:
c1:95:61:6a:c0:70:f0:fa:85:6e:db:af:37:70:04:b3:fb:da:
1d:29:92:f6:d1:ca:b9:a5:52:a3:24:fa:5c:c1:0c:72:b1:91:
e4:05:79:86
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICDDcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkJD
RkExODgwQUM4NkNFNEZCOTlGOTc0RTk5NTNGMzU5N0RDREUwQTAeFw0yMzA5MDEw
OTE0NTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNBNDg2RkUwQTYzQjky
ODJDM0Y0MkNBNkVBMkY3RjQwMDM1Nzg3QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC//INgkJwWGo3j/mvTdWNkUs7APmrW3e17TZ0gCOkI2A1WExoL
pr5y2/nrVGe4eTfm5T0vOhdIrZk/aZDNxM4SAZBiEJ2l5+GTQ2QNv5qgi1Avr7ru
3qv+LW2r8mW0BPk3Q0Ha4mLndVKxGnm6h+V0TD+0Jmt10+1sW5jw/JuxlBfEZb1c
6ZWpEgCSckB7m8ygvMF7phC2em9fD2Ov+FwcO7t0eyTOXJKW6slnc96H6gz5ZS39
OYADyPwuuaC7hgSrQ7g+6WPYfBBmedF82CpmwUXDZXlAqtmLU9Q70UKBsFiVLNxc
d3nBp33+mRR787mjDUyeJ++EJkrZjE4I5k71AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUOkhv4KY7koLD9Cym6i9/QANXh8IwHwYDVR0jBBgwFoAU+8+hiArIbOT7mfl0
6ZU/NZfc3gowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tTTUYv
LTgtaGlBckliT1Q3bWZsMDZaVV9OWmZjM2dvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8tOC1oaUFySWJPVDdtZmwwNlpVX05aZmMzZ28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS1NNRi9Pa2h2NEtZN2tvTEQ5Q3ltNmk5
X1FBTlhoOEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAUp
wDANBgkqhkiG9w0BAQsFAAOCAQEAF4zGcFJOGpeDJ8XFPCPbSgCOqoezasvOv/2W
AVVE95+jUYYBirqC5ouQeTCv71eIJa+aM3VQ6oq+iSNsg2zpFwBEcTDSn76gEH5w
n/Y+UHdJXlC0X9Jht7PG02EaEmq2/br3smW1x4IEdTgFUH9ioV96F0aKT7yjmevU
z8K5wxTWHHvNImBpmjGa2T3kjAlQ4if3eU8zUyFFsciLNRwQHzJhKBTY/z6BqZoH
4Byyiz0464m84h4xiVldO4LJMuL/4CwAbcMo+5gozb9kpyR0DpHcYGUcUFNawZVh
asBw8PqFbtuvN3AEs/vaHSmS9tHKuaVSoyT6XMEMcrGR5AV5hg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:27 2025 by rpki-client