Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/bPkACq4VyAv4hzMuw5ubvFQK8M0.roa
File: bPkACq4VyAv4hzMuw5ubvFQK8M0.roa (raw, json)
Hash identifier: 69an+jn+Fe9HcmVX0CQqaEYsfnmkaWv/UC7LAdTzR8s=
Subject key identifier: 6C:F9:00:0A:AE:15:C8:0B:F8:87:33:2E:C3:9B:9B:BC:54:0A:F0:CD
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 09EB
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/bPkACq4VyAv4hzMuw5ubvFQK8M0.roa
Signing time: Tue 10 Nov 2020 08:15:35 +0000
ROA not before: Tue 10 Nov 2020 08:15:35 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131586
IP address blocks: 2401:a040::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2539 (0x9eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Nov 10 08:15:35 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=6CF9000AAE15C80BF887332EC39B9BBC540AF0CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:87:fc:a4:e5:54:67:cf:b0:10:cb:31:c9:95:
f8:8b:3a:d8:35:d7:59:d0:d3:59:9f:e6:9b:95:66:
0c:6e:2d:4f:a8:45:9d:0e:1a:39:de:82:b9:75:02:
d7:fe:59:b9:60:7a:79:69:b9:f4:f1:80:c4:16:cc:
37:6d:b0:7f:f0:ff:26:3b:cf:b6:f6:30:6b:59:3d:
57:e9:21:a0:c8:51:5c:d7:96:40:cc:bc:77:6e:64:
46:4a:56:4c:47:ad:a7:2e:d2:43:8c:9d:09:2a:ce:
f9:65:f0:4e:4b:03:c8:f0:2b:cb:4e:da:b0:d7:c4:
6d:7f:9d:c3:f1:77:40:01:1d:11:ba:3a:a3:86:03:
19:9d:45:61:15:dc:3b:00:21:45:32:6f:8f:56:92:
a3:6b:65:0d:68:65:a1:60:53:3d:e2:9f:14:b1:dd:
19:77:47:5f:ae:5c:91:80:e9:0b:d7:e6:f7:12:cf:
e3:a0:a9:27:6e:35:3b:bf:97:aa:43:b2:0d:e6:db:
94:22:33:51:97:cd:23:9d:ce:b7:f7:0c:56:65:3c:
ac:a9:81:ff:25:04:45:fb:80:a3:46:70:83:5c:c0:
0e:bd:f1:7d:5d:26:9d:f0:bd:6b:7f:2a:3d:6c:2c:
40:17:c9:01:b5:e4:b0:9a:e2:32:f1:97:17:22:ba:
d7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F9:00:0A:AE:15:C8:0B:F8:87:33:2E:C3:9B:9B:BC:54:0A:F0:CD
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/bPkACq4VyAv4hzMuw5ubvFQK8M0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:a040::/32
Signature Algorithm: sha256WithRSAEncryption
63:4b:12:84:8b:e0:3d:cb:ed:f9:a1:7f:95:36:da:0b:89:15:
26:11:c8:0a:c4:6c:6b:cf:df:54:dc:f1:d7:4a:5c:d6:d8:a9:
07:17:0d:df:84:7a:fd:ac:3c:e8:f6:b0:51:57:03:21:e5:5d:
e7:5c:68:8f:11:8b:77:12:cb:fb:33:04:60:60:0a:ff:b3:03:
77:43:ee:cc:13:85:d9:f1:c9:01:7f:56:27:49:40:85:1f:4f:
f2:4b:1d:ad:0a:23:78:8c:4c:b7:44:23:08:81:13:93:e7:d9:
ff:c0:84:be:72:78:7f:c5:ee:68:a5:b0:a7:5f:ae:90:e2:89:
5e:cd:6e:52:86:fd:c0:34:36:10:2f:2a:a4:41:2e:df:6f:cd:
33:b0:bd:89:22:50:14:c4:8d:15:55:ba:d8:fd:8f:f8:f9:78:
3a:b9:a2:6d:dc:49:8e:b4:fd:e7:78:01:6b:c5:0f:41:a8:9f:
0d:53:67:6b:7b:67:8c:51:4c:00:95:76:3e:1c:95:8d:a6:d2:
83:97:ac:4b:81:cf:59:a0:a8:4e:35:8d:f0:2b:5b:d4:44:f4:
dc:71:b8:f5:f9:f8:97:aa:bb:b5:67:a8:71:10:2b:b5:e2:f0:
62:52:d8:f0:26:58:df:e0:61:6a:d3:fb:b8:dd:eb:d5:6f:19:
bb:99:ab:2a
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDExMTAw
ODE1MzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZDRjkwMDBBQUUxNUM4
MEJGODg3MzMyRUMzOUI5QkJDNTQwQUYwQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyh/yk5VRnz7AQyzHJlfiLOtg111nQ01mf5puVZgxuLU+oRZ0O
Gjnegrl1Atf+WblgenlpufTxgMQWzDdtsH/w/yY7z7b2MGtZPVfpIaDIUVzXlkDM
vHduZEZKVkxHracu0kOMnQkqzvll8E5LA8jwK8tO2rDXxG1/ncPxd0ABHRG6OqOG
AxmdRWEV3DsAIUUyb49WkqNrZQ1oZaFgUz3inxSx3Rl3R1+uXJGA6QvX5vcSz+Og
qSduNTu/l6pDsg3m25QiM1GXzSOdzrf3DFZlPKypgf8lBEX7gKNGcINcwA698X1d
Jp3wvWt/Kj1sLEAXyQG15LCa4jLxlxciutcJAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUbPkACq4VyAv4hzMuw5ubvFQK8M0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvYlBrQUNxNFZ5QXY0aHpNdXc1dWJ2
RlFLOE0wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQBoEAw
DQYJKoZIhvcNAQELBQADggEBAGNLEoSL4D3L7fmhf5U22guJFSYRyArEbGvP31Tc
8ddKXNbYqQcXDd+Eev2sPOj2sFFXAyHlXedcaI8Ri3cSy/szBGBgCv+zA3dD7swT
hdnxyQF/VidJQIUfT/JLHa0KI3iMTLdEIwiBE5Pn2f/AhL5yeH/F7milsKdfrpDi
iV7NblKG/cA0NhAvKqRBLt9vzTOwvYkiUBTEjRVVutj9j/j5eDq5om3cSY60/ed4
AWvFD0Gonw1TZ2t7Z4xRTACVdj4clY2m0oOXrEuBz1mgqE41jfArW9RE9NxxuPX5
+Jequ7VnqHEQK7Xi8GJS2PAmWN/gYWrT+7jd69VvGbuZqyo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:12 2023 by rpki-client on console-fra.rpki-client.org