Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/M2NIM/s_cCuZJ3mFgkUhh4YHKL51_GcbQ.roa
File: s_cCuZJ3mFgkUhh4YHKL51_GcbQ.roa (raw, json)
Hash identifier: NhZPSur9oc/sAEtNjbraU9KyN07sRl/wmx+G9UDUYYU=
Subject key identifier: B3:F7:02:B9:92:77:98:58:24:52:18:78:60:72:8B:E7:5F:C6:71:B4
Certificate issuer: /CN=CC4EFE97C9C1EA48F01A1F865DD617EBB13351A1
Certificate serial: 03
Authority key identifier: CC:4E:FE:97:C9:C1:EA:48:F0:1A:1F:86:5D:D6:17:EB:B1:33:51:A1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zE7-l8nB6kjwGh-GXdYX67EzUaE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/s_cCuZJ3mFgkUhh4YHKL51_GcbQ.roa
Signing time: Mon 04 Mar 2024 08:22:12 +0000
ROA not before: Mon 04 Mar 2024 08:22:12 +0000
ROA not after: Fri 28 Feb 2025 15:30:27 +0000
asID: 32595
IP address blocks: 2401:8420::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CC4EFE97C9C1EA48F01A1F865DD617EBB13351A1
Validity
Not Before: Mar 4 08:22:12 2024 GMT
Not After : Feb 28 15:30:27 2025 GMT
Subject: CN=B3F702B9927798582452187860728BE75FC671B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6e:ed:d3:25:39:bb:90:1e:52:82:be:41:a7:
c8:b3:1b:62:40:82:d8:2e:e2:a8:58:19:c0:15:3f:
08:79:5b:21:6a:56:dd:35:c7:50:44:43:b3:b8:e2:
c4:5b:46:d6:6b:9b:fe:20:be:e3:6a:fc:c8:ed:39:
e6:67:94:c5:cc:68:40:d7:9e:ae:a3:f6:c3:7e:9d:
92:4a:18:67:be:d2:ea:76:a3:e7:af:a4:e8:95:8e:
6b:2f:14:fb:1e:61:31:a9:00:23:11:1e:a4:7d:8b:
21:db:55:81:8d:29:57:0d:ab:ee:ec:d2:18:7e:d3:
11:1f:f3:7e:44:60:b1:f0:c1:a6:f7:12:17:fe:72:
78:e1:e1:f6:4b:14:1f:cd:1d:0d:5d:ca:56:52:4a:
1c:18:22:1e:ca:80:06:57:2d:c9:78:84:31:5d:22:
2d:df:08:ad:5d:68:b6:7b:f0:1d:0d:0f:44:ee:1d:
1d:98:6d:48:ca:18:fd:13:43:1a:ef:b8:b6:96:5e:
cb:7b:2a:5b:f3:31:d4:05:f7:f7:10:e7:1b:ef:8f:
58:25:e1:a7:f4:3d:88:eb:56:10:18:83:55:e9:02:
8c:d2:a9:7e:41:41:86:97:7b:c1:1a:47:99:50:e7:
fa:71:33:52:af:b8:6d:43:5a:04:00:40:48:76:3a:
13:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F7:02:B9:92:77:98:58:24:52:18:78:60:72:8B:E7:5F:C6:71:B4
X509v3 Authority Key Identifier:
keyid:CC:4E:FE:97:C9:C1:EA:48:F0:1A:1F:86:5D:D6:17:EB:B1:33:51:A1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/zE7-l8nB6kjwGh-GXdYX67EzUaE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zE7-l8nB6kjwGh-GXdYX67EzUaE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/s_cCuZJ3mFgkUhh4YHKL51_GcbQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:8420::/32
Signature Algorithm: sha256WithRSAEncryption
10:44:6a:5e:31:fb:65:f6:29:b8:7b:c0:10:83:bd:cc:06:f0:
11:95:10:10:2d:7f:b9:ca:cb:6d:e0:00:17:76:43:71:c0:0f:
40:69:43:11:3d:25:f1:3c:3f:fa:60:da:d6:66:07:b8:a1:a1:
53:c3:c2:cb:c6:00:da:7b:b7:83:dd:5b:92:7c:12:4b:ab:a0:
f8:dd:b9:b7:03:ab:7e:a3:48:1e:0e:4f:65:d2:f3:90:97:39:
cc:cd:fe:6b:05:eb:88:d6:a2:10:26:94:17:2d:1e:b6:d4:87:
8c:5a:df:aa:35:0f:e2:f8:ba:db:73:af:54:a2:66:e8:38:28:
78:96:b8:78:2e:25:47:39:da:3e:19:6a:fc:8d:97:8e:3a:11:
15:b4:d4:9f:2b:c4:31:10:87:f8:23:5b:78:06:7b:cc:b7:21:
04:7a:30:9f:9a:fe:66:b2:f0:ca:43:20:28:a8:c8:5a:61:f4:
80:4e:36:02:04:b6:ef:7a:13:01:24:77:5e:5b:5f:44:9e:8d:
20:8d:20:ff:61:0c:ec:1f:cc:75:83:fd:09:69:e6:a5:b1:d0:
fa:ad:79:fa:8c:82:be:9e:dd:ea:d1:46:53:bd:c0:de:a1:04:
4e:c3:c9:14:bb:79:90:1b:de:b4:03:64:b6:d7:e8:a5:cd:02:
88:a5:37:7c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDQzRF
RkU5N0M5QzFFQTQ4RjAxQTFGODY1REQ2MTdFQkIxMzM1MUExMB4XDTI0MDMwNDA4
MjIxMloXDTI1MDIyODE1MzAyN1owMzExMC8GA1UEAxMoQjNGNzAyQjk5Mjc3OTg1
ODI0NTIxODc4NjA3MjhCRTc1RkM2NzFCNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALtu7dMlObuQHlKCvkGnyLMbYkCC2C7iqFgZwBU/CHlbIWpW3TXH
UERDs7jixFtG1mub/iC+42r8yO055meUxcxoQNeerqP2w36dkkoYZ77S6naj56+k
6JWOay8U+x5hMakAIxEepH2LIdtVgY0pVw2r7uzSGH7TER/zfkRgsfDBpvcSF/5y
eOHh9ksUH80dDV3KVlJKHBgiHsqABlctyXiEMV0iLd8IrV1otnvwHQ0PRO4dHZht
SMoY/RNDGu+4tpZey3sqW/Mx1AX39xDnG++PWCXhp/Q9iOtWEBiDVekCjNKpfkFB
hpd7wRpHmVDn+nEzUq+4bUNaBABASHY6E9ECAwEAAaOCAe0wggHpMB0GA1UdDgQW
BBSz9wK5kneYWCRSGHhgcovnX8ZxtDAfBgNVHSMEGDAWgBTMTv6XycHqSPAaH4Zd
1hfrsTNRoTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NMk5JTS96
RTctbDhuQjZrandHaC1HWGRZWDY3RXpVYUUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3pFNy1sOG5CNmtqd0doLUdYZFlYNjdFelVhRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL00yTklNL3NfY0N1WkozbUZna1VoaDRZSEtM
NTFfR2NiUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAYQg
MA0GCSqGSIb3DQEBCwUAA4IBAQAQRGpeMftl9im4e8AQg73MBvARlRAQLX+5ystt
4AAXdkNxwA9AaUMRPSXxPD/6YNrWZge4oaFTw8LLxgDae7eD3VuSfBJLq6D43bm3
A6t+o0geDk9l0vOQlznMzf5rBeuI1qIQJpQXLR621IeMWt+qNQ/i+Lrbc69Uombo
OCh4lrh4LiVHOdo+GWr8jZeOOhEVtNSfK8QxEIf4I1t4BnvMtyEEejCfmv5msvDK
QyAoqMhaYfSATjYCBLbvehMBJHdeW19Eno0gjSD/YQzsH8x1g/0JaealsdD6rXn6
jIK+nt3q0UZTvcDeoQROw8kUu3mQG960A2S21+ilzQKIpTd8
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:25:08 2025 by rpki-client