Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/DYx5ZAHqSRxxkj1cWrPcV_0QwRU.roa
File: DYx5ZAHqSRxxkj1cWrPcV_0QwRU.roa (raw, json)
Hash identifier: R7d3MumGezaTIotGKOwIu40PafiojrR6JbPQzy+CVZM=
Subject key identifier: 0D:8C:79:64:01:EA:49:1C:71:92:3D:5C:5A:B3:DC:57:FD:10:C1:15
Certificate issuer: /CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB
Certificate serial: 0334
Authority key identifier: 2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/DYx5ZAHqSRxxkj1cWrPcV_0QwRU.roa
Signing time: Fri 18 Sep 2020 09:05:10 +0000
ROA not before: Fri 18 Sep 2020 09:05:10 +0000
ROA not after: Tue 06 Apr 2021 07:43:39 +0000
asID: 131677
IP address blocks: 2405:e4c0::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 820 (0x334)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB
Validity
Not Before: Sep 18 09:05:10 2020 GMT
Not After : Apr 6 07:43:39 2021 GMT
Subject: CN=0D8C796401EA491C71923D5C5AB3DC57FD10C115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f9:41:6e:ef:eb:69:26:31:42:85:f7:e6:72:
51:1f:49:94:8d:92:a1:8b:99:68:18:d1:30:bd:df:
08:09:09:a2:2c:f8:04:1a:6c:90:ff:36:44:cc:ed:
2d:89:cb:b1:50:5a:3e:05:7c:16:b6:73:63:9e:6b:
0d:50:81:b3:88:b4:39:10:3a:53:47:e0:9d:f1:c9:
80:fc:75:68:9b:6a:93:cc:3a:58:46:ad:e4:5b:6f:
b3:b3:94:34:e6:49:17:10:64:0c:27:20:47:cc:81:
3b:ef:04:0f:ad:bb:bb:3d:e9:cf:23:c4:62:27:d5:
1e:7a:ca:53:b5:44:4b:d1:99:08:33:8b:0f:6c:c5:
e1:bc:35:40:7b:37:4e:28:d0:0b:98:fa:e3:46:8a:
84:aa:25:4d:48:01:dd:58:67:c8:0b:e5:49:ee:52:
f1:8e:a3:96:11:40:11:70:16:d9:9c:c2:88:a0:51:
25:bd:4c:27:23:51:ef:63:0d:78:11:4b:64:64:be:
f5:ae:4c:81:c8:1f:a8:63:77:44:da:28:6e:04:b2:
ea:e2:f3:20:ca:b9:44:29:94:70:95:64:d9:d4:c7:
00:fd:cf:b3:ad:d8:fe:9a:6f:4e:57:3e:a2:70:fa:
49:f0:02:4a:d3:9d:78:82:95:3f:aa:5b:ee:9b:a2:
ec:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8C:79:64:01:EA:49:1C:71:92:3D:5C:5A:B3:DC:57:FD:10:C1:15
X509v3 Authority Key Identifier:
keyid:2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/DYx5ZAHqSRxxkj1cWrPcV_0QwRU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:e4c0::/32
Signature Algorithm: sha256WithRSAEncryption
21:83:b0:d6:7f:e7:d7:f1:4d:54:87:7a:75:cb:81:45:32:ec:
6b:ef:d7:f1:4c:62:d1:eb:a4:2b:bf:f0:b0:ec:1f:17:17:90:
dc:cb:64:34:fc:7f:8b:d5:f3:05:66:a1:e3:9a:45:f9:df:ed:
ef:e1:5d:27:18:0b:bd:12:b3:2f:ef:dc:8d:b5:d9:7f:9b:0f:
d6:13:d5:72:ba:5a:1d:e6:d0:ee:f8:18:3e:5e:ad:55:57:97:
0c:21:09:14:f4:99:58:9b:93:13:85:9c:59:44:c5:ef:79:df:
c5:39:0c:c6:4b:e3:3d:4b:7f:36:c6:7d:d3:a9:72:87:3f:87:
e2:50:4e:8b:87:e6:74:77:48:6b:73:6e:7d:95:3f:ed:1f:19:
47:23:73:d1:a8:09:17:bc:13:75:75:e0:ca:56:95:ba:f8:81:
0d:95:60:1f:16:8e:29:5e:65:2b:a3:b9:ec:40:82:45:8b:3e:
30:8b:4f:16:c0:12:f6:df:00:dc:f0:94:fe:80:04:09:73:ef:
cb:26:e9:73:15:53:f9:e0:7b:b9:44:da:21:fc:e9:58:04:3c:
e7:55:9f:ab:b0:20:f1:9f:21:33:9d:e9:81:a1:66:53:a7:2c:
da:56:28:8a:ac:74:97:1b:57:d9:d3:44:7f:d0:28:0a:03:11:
c5:a5:0c:ca
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAzQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
RjJCM0MzQTlBMUI1M0MxNkMxQzcwRTU1MTFBRDU5MDMyODRGQjAeFw0yMDA5MTgw
OTA1MTBaFw0yMTA0MDYwNzQzMzlaMDMxMTAvBgNVBAMTKDBEOEM3OTY0MDFFQTQ5
MUM3MTkyM0Q1QzVBQjNEQzU3RkQxMEMxMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDf+UFu7+tpJjFChffmclEfSZSNkqGLmWgY0TC93wgJCaIs+AQa
bJD/NkTM7S2Jy7FQWj4FfBa2c2Oeaw1QgbOItDkQOlNH4J3xyYD8dWibapPMOlhG
reRbb7OzlDTmSRcQZAwnIEfMgTvvBA+tu7s96c8jxGIn1R56ylO1REvRmQgziw9s
xeG8NUB7N04o0AuY+uNGioSqJU1IAd1YZ8gL5UnuUvGOo5YRQBFwFtmcwoigUSW9
TCcjUe9jDXgRS2RkvvWuTIHIH6hjd0TaKG4Esuri8yDKuUQplHCVZNnUxwD9z7Ot
2P6ab05XPqJw+knwAkrTnXiClT+qW+6bouzRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDYx5ZAHqSRxxkj1cWrPcV/0QwRUwHwYDVR0jBBgwFoAULe8rPDqaG1PBbBxw
5VEa1ZAyhPswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTkZP
Ui9MZThyUERxYUcxUEJiQnh3NVZFYTFaQXloUHMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0xlOHJQRHFhRzFQQmJCeHc1VkVhMVpBeWhQcy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL09QRU5GT1IvRFl4NVpBSHFTUnh4a2ox
Y1dyUGNWXzBRd1JVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQF5MAwDQYJKoZIhvcNAQELBQADggEBACGDsNZ/59fxTVSHenXLgUUy7Gvv1/FM
YtHrpCu/8LDsHxcXkNzLZDT8f4vV8wVmoeOaRfnf7e/hXScYC70Ssy/v3I212X+b
D9YT1XK6Wh3m0O74GD5erVVXlwwhCRT0mVibkxOFnFlExe9538U5DMZL4z1LfzbG
fdOpcoc/h+JQTouH5nR3SGtzbn2VP+0fGUcjc9GoCRe8E3V14MpWlbr4gQ2VYB8W
jileZSujuexAgkWLPjCLTxbAEvbfANzwlP6ABAlz78sm6XMVU/nge7lE2iH86VgE
POdVn6uwIPGfITOd6YGhZlOnLNpWKIqsdJcbV9nTRH/QKAoDEcWlDMo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:24 2025 by rpki-client