Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/IydpJtoHS_NhEzTND_vcHr3Qg8Q.roa
File: IydpJtoHS_NhEzTND_vcHr3Qg8Q.roa (raw, json)
Hash identifier: 5GOL5sSstmwt/6Dt/ylUC7drPKB45wEzsr1SIIrIKvY=
Subject key identifier: 23:27:69:26:DA:07:4B:F3:61:13:34:CD:0F:FB:DC:1E:BD:D0:83:C4
Certificate issuer: /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial: 01E6
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/IydpJtoHS_NhEzTND_vcHr3Qg8Q.roa
Signing time: Mon 03 Jul 2023 08:21:36 +0000
ROA not before: Mon 03 Jul 2023 08:21:36 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 396998
IP address blocks: 2407:d240::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 486 (0x1e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Validity
Not Before: Jul 3 08:21:36 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=23276926DA074BF3611334CD0FFBDC1EBDD083C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f6:16:b8:93:ed:48:18:22:68:6d:34:89:eb:
bf:ab:c3:64:7d:8a:46:44:49:3d:51:05:a0:64:9d:
5b:34:2a:62:6b:6d:0a:86:9a:84:00:56:e8:df:d6:
8a:87:50:7f:10:1a:68:fa:39:69:83:19:c2:a2:b1:
42:f2:7d:f5:5e:9d:c2:ce:07:f1:72:f2:14:6a:a2:
6d:e9:a0:9e:e2:46:f1:c6:f1:c2:4d:71:27:67:c9:
c0:61:f9:82:2e:6e:51:34:7f:b3:7d:2b:a2:3b:0b:
41:cc:cc:3d:f4:cd:32:6a:15:ee:d7:f3:55:0a:f6:
c1:77:eb:c2:7a:82:6e:51:61:e6:3f:5c:4f:db:41:
19:58:75:53:3d:e2:07:a6:40:0b:e2:9d:49:65:94:
37:9d:51:11:bb:8e:fb:17:b7:9f:fe:b9:85:7a:9a:
6b:ab:bc:3f:4b:b8:ba:47:5f:8e:ec:32:05:a5:8c:
9e:9f:e4:0f:d0:55:d3:a2:f7:5d:32:cc:d0:92:d9:
8f:90:1a:93:96:d9:ca:43:58:77:80:93:c1:ec:89:
61:d9:d1:77:c5:ed:a4:47:ab:cb:db:ed:40:4a:ba:
4d:c1:a7:c3:06:0e:f9:c1:c8:ec:29:6a:85:10:a5:
2a:44:6f:76:91:de:ef:61:a1:ae:04:55:ef:76:ab:
34:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:27:69:26:DA:07:4B:F3:61:13:34:CD:0F:FB:DC:1E:BD:D0:83:C4
X509v3 Authority Key Identifier:
keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/IydpJtoHS_NhEzTND_vcHr3Qg8Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d240::/32
Signature Algorithm: sha256WithRSAEncryption
13:fc:29:ae:20:c9:81:ff:7d:44:33:31:e9:c6:04:73:a3:6f:
5c:f1:8e:84:07:c5:d1:01:6c:37:d8:b2:b0:0b:f9:5c:95:f6:
88:20:d3:9d:16:76:4b:9d:b3:96:83:09:97:8c:16:9c:e0:c3:
ca:f0:d7:39:fe:bf:f6:46:a0:40:a7:f0:48:b9:fb:9a:f4:a7:
96:e2:24:56:c2:3d:3c:f6:01:d8:18:a0:34:60:f5:9d:8e:5b:
2b:5e:c5:f2:98:6f:6d:ed:c2:6a:2e:30:c0:72:07:4d:74:0b:
6b:b6:19:f1:0e:e1:13:7c:25:81:d4:84:41:c3:16:74:a6:ec:
e2:c8:e7:e1:ea:7b:d7:da:2f:95:b0:8e:87:52:27:50:86:ad:
58:e1:9b:cc:04:1c:30:f2:c5:5b:aa:88:55:ac:4f:3c:1e:a8:
78:fe:ee:4d:26:a0:c5:2f:cf:ad:ee:6b:6b:f1:c6:0c:2f:3d:
1e:ea:a0:b8:b0:85:6c:2a:cb:32:53:f9:0c:cb:1b:1c:52:b5:
49:8c:c8:63:8c:58:7c:6d:a5:49:57:f1:28:c2:68:3b:59:1f:
fc:7c:56:c3:ea:e2:4f:09:32:70:e9:45:d8:68:d9:78:b5:66:
2e:8a:58:08:0d:89:30:fe:45:e5:ca:17:e0:5a:5e:c4:41:3d:
42:d5:35:79
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yMzA3MDMw
ODIxMzZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIzMjc2OTI2REEwNzRC
RjM2MTEzMzRDRDBGRkJEQzFFQkREMDgzQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+9ha4k+1IGCJobTSJ67+rw2R9ikZEST1RBaBknVs0KmJrbQqG
moQAVujf1oqHUH8QGmj6OWmDGcKisULyffVencLOB/Fy8hRqom3poJ7iRvHG8cJN
cSdnycBh+YIublE0f7N9K6I7C0HMzD30zTJqFe7X81UK9sF368J6gm5RYeY/XE/b
QRlYdVM94gemQAvinUlllDedURG7jvsXt5/+uYV6mmurvD9LuLpHX47sMgWljJ6f
5A/QVdOi910yzNCS2Y+QGpOW2cpDWHeAk8HsiWHZ0XfF7aRHq8vb7UBKuk3Bp8MG
DvnByOwpaoUQpSpEb3aR3u9hoa4EVe92qzThAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUIydpJtoHS/NhEzTND/vcHr3Qg8QwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC9JeWRwSnRvSFNfTmhF
elRORF92Y0hyM1FnOFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAfSQDANBgkqhkiG9w0BAQsFAAOCAQEAE/wpriDJgf99RDMx6cYEc6NvXPGO
hAfF0QFsN9iysAv5XJX2iCDTnRZ2S52zloMJl4wWnODDyvDXOf6/9kagQKfwSLn7
mvSnluIkVsI9PPYB2BigNGD1nY5bK17F8phvbe3Cai4wwHIHTXQLa7YZ8Q7hE3wl
gdSEQcMWdKbs4sjn4ep719ovlbCOh1InUIatWOGbzAQcMPLFW6qIVaxPPB6oeP7u
TSagxS/Pre5ra/HGDC89HuqguLCFbCrLMlP5DMsbHFK1SYzIY4xYfG2lSVfxKMJo
O1kf/HxWw+riTwkycOlF2GjZeLVmLopYCA2JMP5F5coX4FpexEE9QtU1eQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:11 2024 by rpki-client on console-ams.rpki-client.org