Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/Q4QrXS8hgxbgQ21PwuvSQ1u-g1c.roa
File: Q4QrXS8hgxbgQ21PwuvSQ1u-g1c.roa (raw, json)
Hash identifier: e3imSKStXHdZKmOo4STF/mkd5Ccxv1W6867jmmlIupw=
Subject key identifier: 43:84:2B:5D:2F:21:83:16:E0:43:6D:4F:C2:EB:D2:43:5B:BE:83:57
Certificate issuer: /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial: 0314
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/Q4QrXS8hgxbgQ21PwuvSQ1u-g1c.roa
Signing time: Mon 26 Aug 2024 05:20:46 +0000
ROA not before: Mon 26 Aug 2024 05:20:46 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18428
IP address blocks: 2407:d240::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 788 (0x314)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Validity
Not Before: Aug 26 05:20:46 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=43842B5D2F218316E0436D4FC2EBD2435BBE8357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:50:74:40:bb:d6:ca:21:0c:09:99:e8:ef:d5:
79:09:b2:21:91:d2:b7:f0:8f:2e:aa:0f:ec:0a:9b:
4c:b7:6b:54:e3:d5:7b:6a:7e:14:c8:5e:1e:e8:f1:
56:ba:4f:fd:b1:13:7b:53:ce:4b:aa:fc:88:98:c0:
99:bd:02:2c:ff:f4:9f:3b:f8:95:41:ca:e0:53:f5:
ac:53:c7:61:e8:27:33:cf:ae:de:c3:1d:36:07:cf:
eb:29:7b:ec:bf:95:47:00:57:30:06:4e:79:7a:f7:
ee:85:59:9e:11:27:ff:70:19:f9:5c:85:6b:17:65:
5c:c0:f3:dc:e0:55:a7:70:67:e8:de:45:0d:c9:93:
6f:0a:33:31:55:35:00:31:4d:c2:35:49:b7:47:18:
9d:75:93:e0:c5:64:21:c1:0c:1b:c8:ee:e3:09:cd:
2e:97:77:49:15:fe:29:62:85:f0:15:54:59:03:6c:
f9:73:9c:2d:19:42:aa:bf:d9:69:6f:22:26:de:ce:
c3:4f:a5:a5:ce:bb:8c:aa:b0:72:e4:48:ff:5c:9a:
79:78:fa:cc:49:09:a1:d7:4d:cb:5d:a4:a6:b3:f4:
c3:51:8d:a1:84:eb:9b:bd:c8:bd:d7:d4:d5:5b:4f:
33:f0:c3:a4:e0:85:13:9a:80:b8:e2:1e:0e:73:00:
29:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:84:2B:5D:2F:21:83:16:E0:43:6D:4F:C2:EB:D2:43:5B:BE:83:57
X509v3 Authority Key Identifier:
keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/Q4QrXS8hgxbgQ21PwuvSQ1u-g1c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d240::/32
Signature Algorithm: sha256WithRSAEncryption
5c:56:9f:98:f1:62:ca:9b:95:85:e3:61:32:11:c3:76:da:14:
87:fb:4c:c8:02:14:66:43:da:a9:ee:33:5e:9a:49:4e:ee:9c:
93:af:8f:e1:f0:dd:73:f8:e9:dc:5f:5b:31:7d:eb:05:c9:81:
ee:38:a1:d5:80:21:fa:30:6e:31:8c:5c:36:49:aa:b0:fd:73:
7c:9d:d8:ed:5a:1f:68:15:43:f1:e4:48:c3:a0:15:00:2f:b6:
2d:2f:3f:53:fc:07:36:d4:40:ff:b3:c5:1c:64:e3:c5:83:2a:
c2:57:2b:bf:67:bd:37:1e:a8:b4:13:eb:b5:04:5c:42:bc:2a:
92:49:c1:b3:df:53:ed:89:ff:b1:cf:96:58:b3:3b:20:42:34:
22:ff:b5:28:a3:b3:21:47:1a:28:63:e4:a1:ad:58:08:bf:19:
23:5b:43:45:15:67:70:4f:60:58:03:df:3b:1f:2c:4b:e3:c9:
97:cd:e2:97:ac:e6:e0:91:94:d6:12:8f:4a:c8:87:8c:cd:55:
50:06:26:49:91:94:aa:38:e8:14:90:71:ff:45:0a:13:43:bb:
c6:5b:89:52:d8:e4:c3:5d:32:61:5e:a9:8b:30:e5:f6:fe:9b:
14:35:b4:16:95:7c:d9:9b:d3:2e:70:37:e7:c9:9b:72:1a:41:
5e:49:2c:b8
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yNDA4MjYw
NTIwNDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQzODQyQjVEMkYyMTgz
MTZFMDQzNkQ0RkMyRUJEMjQzNUJCRTgzNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkUHRAu9bKIQwJmejv1XkJsiGR0rfwjy6qD+wKm0y3a1Tj1Xtq
fhTIXh7o8Va6T/2xE3tTzkuq/IiYwJm9Aiz/9J87+JVByuBT9axTx2HoJzPPrt7D
HTYHz+spe+y/lUcAVzAGTnl69+6FWZ4RJ/9wGflchWsXZVzA89zgVadwZ+jeRQ3J
k28KMzFVNQAxTcI1SbdHGJ11k+DFZCHBDBvI7uMJzS6Xd0kV/ilihfAVVFkDbPlz
nC0ZQqq/2WlvIibezsNPpaXOu4yqsHLkSP9cmnl4+sxJCaHXTctdpKaz9MNRjaGE
65u9yL3X1NVbTzPww6TghROagLjiHg5zACmrAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUQ4QrXS8hgxbgQ21PwuvSQ1u+g1cwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC9RNFFyWFM4aGd4YmdR
MjFQd3V2U1ExdS1nMWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAfSQDANBgkqhkiG9w0BAQsFAAOCAQEAXFafmPFiypuVheNhMhHDdtoUh/tM
yAIUZkPaqe4zXppJTu6ck6+P4fDdc/jp3F9bMX3rBcmB7jih1YAh+jBuMYxcNkmq
sP1zfJ3Y7VofaBVD8eRIw6AVAC+2LS8/U/wHNtRA/7PFHGTjxYMqwlcrv2e9Nx6o
tBPrtQRcQrwqkknBs99T7Yn/sc+WWLM7IEI0Iv+1KKOzIUcaKGPkoa1YCL8ZI1tD
RRVncE9gWAPfOx8sS+PJl83il6zm4JGU1hKPSsiHjM1VUAYmSZGUqjjoFJBx/0UK
E0O7xluJUtjkw10yYV6pizDl9v6bFDW0FpV82ZvTLnA358mbchpBXkksuA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:37 2025 by rpki-client