Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/3h9uA02MdMAV0tu6xifSFjTSoLQ.roa
File: 3h9uA02MdMAV0tu6xifSFjTSoLQ.roa (raw, json)
Hash identifier: Saf7sefyNgEhY7CZCrGydB9EMN5Kr9f3ZtemC/Z5ZIo=
Subject key identifier: DE:1F:6E:03:4D:8C:74:C0:15:D2:DB:BA:C6:27:D2:16:34:D2:A0:B4
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E52
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/3h9uA02MdMAV0tu6xifSFjTSoLQ.roa
Signing time: Wed 29 Sep 2021 02:43:27 +0000
ROA not before: Wed 29 Sep 2021 02:43:27 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4780
IP address blocks: 2001:4580::/26 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3666 (0xe52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:27 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DE1F6E034D8C74C015D2DBBAC627D21634D2A0B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:85:25:76:67:0f:c0:73:72:58:f8:f4:7e:
64:29:9d:95:dd:45:65:b0:73:43:d1:f4:a8:59:d7:
6d:bb:e3:4f:4d:af:45:eb:22:5d:a7:07:54:62:92:
06:00:08:a1:9e:ec:95:22:fc:e7:c6:a9:02:d7:06:
3b:32:17:cf:29:11:f9:de:43:55:2b:ab:5c:d8:45:
a3:cb:61:9d:6c:3a:b5:06:52:36:5e:a3:ed:ae:2a:
26:ee:ff:81:29:52:36:69:50:4f:08:fe:3c:98:2a:
e0:fc:cd:d6:c4:63:61:13:09:c2:d3:a4:38:63:51:
99:a6:59:12:2f:25:2e:58:91:34:e8:ad:81:1e:1a:
c3:93:7a:41:db:4f:bd:03:f6:50:c8:87:a8:e3:f6:
9b:19:94:c0:18:a9:0f:fa:7d:e0:a4:cc:45:14:7c:
43:e9:06:f9:b7:ce:f7:70:32:26:a3:7c:ce:2f:e3:
cc:8a:33:87:81:49:c7:c2:ee:1e:cf:fc:7e:da:e8:
36:10:cc:7d:a4:a5:7e:0c:76:0b:3e:26:18:e9:70:
d4:ff:5f:f2:d4:88:f2:33:ee:86:b0:0b:a3:30:6c:
69:2a:27:fe:59:3e:cd:79:a8:e7:6b:f0:46:7c:6c:
fa:b1:77:06:53:28:22:c3:bf:c7:4e:33:c9:35:d0:
14:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1F:6E:03:4D:8C:74:C0:15:D2:DB:BA:C6:27:D2:16:34:D2:A0:B4
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/3h9uA02MdMAV0tu6xifSFjTSoLQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:4580::/26
Signature Algorithm: sha256WithRSAEncryption
32:e2:83:ef:33:40:7e:5b:af:c3:cc:d6:a2:1a:c0:d4:c9:a0:
8f:6a:2f:f5:78:12:dd:79:fc:91:63:6d:7e:12:1b:6d:2a:6e:
c7:ea:9f:47:93:95:0d:4d:13:7b:78:e5:4f:c2:32:ba:f0:58:
e3:5e:c4:4b:a1:c2:53:07:e1:e8:f2:91:81:f4:61:e8:a9:5b:
98:8b:59:c8:91:68:3e:9a:70:7c:94:47:49:90:2e:d6:62:dc:
5e:16:a9:ab:29:c6:df:4c:a5:81:13:83:f8:66:5c:9e:29:61:
c1:9a:da:47:5a:60:61:23:67:69:2d:bd:88:18:bf:d8:b5:8a:
94:70:c9:e4:85:ce:5d:a5:06:f3:1c:65:f1:db:0d:c5:15:ae:
3d:06:58:11:c6:39:dd:30:94:7d:0e:80:97:74:a3:0a:e9:56:
77:78:2b:2b:1d:b2:54:aa:6d:19:d0:2c:c3:9b:f0:0b:4d:99:
a4:bf:c3:d7:39:9d:e8:24:dd:c7:fa:ec:2a:82:3a:64:f7:cb:
2a:ea:a6:22:50:a2:c2:be:3e:e5:f7:88:fe:ee:cd:51:e2:41:
9a:de:42:67:bf:36:bc:20:cc:0c:7b:da:fc:14:41:ed:d1:20:
58:5e:1e:18:1b:5f:bb:10:5f:a2:e1:a6:40:61:70:74:6f:b5:
d4:49:f9:70
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDlIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMjdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERFMUY2RTAzNEQ4Qzc0
QzAxNUQyREJCQUM2MjdEMjE2MzREMkEwQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzjoUldmcPwHNyWPj0fmQpnZXdRWWwc0PR9KhZ1227409Nr0Xr
Il2nB1RikgYACKGe7JUi/OfGqQLXBjsyF88pEfneQ1Urq1zYRaPLYZ1sOrUGUjZe
o+2uKibu/4EpUjZpUE8I/jyYKuD8zdbEY2ETCcLTpDhjUZmmWRIvJS5YkTTorYEe
GsOTekHbT70D9lDIh6jj9psZlMAYqQ/6feCkzEUUfEPpBvm3zvdwMiajfM4v48yK
M4eBScfC7h7P/H7a6DYQzH2kpX4Mdgs+JhjpcNT/X/LUiPIz7oawC6MwbGkqJ/5Z
Ps15qOdr8EZ8bPqxdwZTKCLDv8dOM8k10BS1AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU3h9uA02MdMAV0tu6xifSFjTSoLQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvM2g5dUEwMk1kTUFWMHR1NnhpZlNG
alRTb0xRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBiABRYAw
DQYJKoZIhvcNAQELBQADggEBADLig+8zQH5br8PM1qIawNTJoI9qL/V4Et15/JFj
bX4SG20qbsfqn0eTlQ1NE3t45U/CMrrwWONexEuhwlMH4ejykYH0YeipW5iLWciR
aD6acHyUR0mQLtZi3F4Wqaspxt9MpYETg/hmXJ4pYcGa2kdaYGEjZ2ktvYgYv9i1
ipRwyeSFzl2lBvMcZfHbDcUVrj0GWBHGOd0wlH0OgJd0owrpVnd4KysdslSqbRnQ
LMOb8AtNmaS/w9c5negk3cf67CqCOmT3yyrqpiJQosK+PuX3iP7uzVHiQZreQme/
NrwgzAx72vwUQe3RIFheHhgbX7sQX6LhpkBhcHRvtdRJ+XA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:57 2023 by rpki-client on console-ams.rpki-client.org