Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/u-oxPKcbLF3W27Iw1CQIK-fPlVE.roa
File: u-oxPKcbLF3W27Iw1CQIK-fPlVE.roa (raw, json)
Hash identifier: YvN1neGgSbU/nO7Pqd/mgHNM6pI2RWXI1MGGEMPkibU=
Subject key identifier: BB:EA:31:3C:A7:1B:2C:5D:D6:DB:B2:30:D4:24:08:2B:E7:CF:95:51
Certificate issuer: /CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB
Certificate serial: 055A
Authority key identifier: 2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/u-oxPKcbLF3W27Iw1CQIK-fPlVE.roa
Signing time: Wed 29 Sep 2021 02:50:36 +0000
ROA not before: Wed 29 Sep 2021 02:50:36 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131677
IP address blocks: 2405:e4c0::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1370 (0x55a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB
Validity
Not Before: Sep 29 02:50:36 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=BBEA313CA71B2C5DD6DBB230D424082BE7CF9551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5a:59:63:94:82:95:6b:97:98:4b:c9:5f:95:
93:46:ef:14:ca:a8:5a:61:c7:7d:44:ea:40:b9:c9:
0d:09:c9:91:fd:ef:b5:40:1c:3d:9d:53:7e:ec:76:
02:3a:a9:5a:d9:9d:76:b4:20:b3:58:1a:b4:7a:de:
3f:fc:dd:70:73:ab:cd:b5:97:a5:b5:64:e8:ea:c2:
6d:12:0f:df:6a:be:d3:c2:9e:91:c2:19:31:b0:af:
ac:66:5a:0b:03:40:2d:dc:08:4c:8a:c4:07:26:d3:
d2:d9:68:1f:02:48:ea:a4:31:49:04:42:2c:f6:ea:
77:0e:e7:2f:bb:44:4b:45:07:f9:10:98:49:17:88:
4f:35:21:4c:da:c4:8b:1d:6d:f8:d6:6c:8c:6e:9b:
94:d8:07:bb:35:2d:88:9e:0b:f5:09:1f:be:0f:45:
a8:2f:0c:15:c0:ec:32:6b:09:7b:ee:ef:0f:8d:73:
33:00:f6:87:cf:7a:9b:1f:fd:7a:f7:3a:db:d3:28:
c3:cb:69:11:6c:64:30:e5:ff:e6:2c:37:b6:a0:fa:
ff:ac:09:0d:43:0c:40:d8:68:93:07:ea:19:4f:27:
73:01:ea:dd:1e:7b:c9:64:5b:9b:af:1c:e3:d0:9a:
42:68:6b:9f:c8:9f:91:cb:9f:70:b1:ad:05:c4:79:
35:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EA:31:3C:A7:1B:2C:5D:D6:DB:B2:30:D4:24:08:2B:E7:CF:95:51
X509v3 Authority Key Identifier:
keyid:2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/u-oxPKcbLF3W27Iw1CQIK-fPlVE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:e4c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:1e:82:58:bf:47:5f:0f:bb:37:1d:0c:a9:17:5b:d7:f4:d6:
b9:fa:98:bd:9b:5e:b6:72:98:28:06:16:b8:9f:f7:1c:64:73:
c2:7e:9b:ee:4d:bb:5d:70:b5:23:01:84:14:c1:aa:c5:85:5c:
51:fe:3c:3f:e7:fd:81:1a:1d:68:ed:91:ec:47:13:39:35:c0:
d4:e9:f6:f4:cb:e6:98:f1:5d:a0:80:11:02:ca:37:1d:3b:65:
c4:be:dc:24:1f:72:7d:05:f6:21:9e:48:88:c2:be:dd:d7:15:
0d:0f:22:de:81:c7:b0:12:a4:78:93:96:28:a3:9e:19:e4:46:
c5:a2:a3:e9:4d:b8:38:e6:cf:03:77:4e:c6:b6:b5:e7:8e:7e:
73:dc:89:43:b2:4d:aa:2c:bc:a9:ef:3c:4d:7c:29:2a:09:98:
66:40:2f:dc:79:b8:c7:8f:d4:f1:30:d8:74:ae:7c:0c:95:93:
74:fc:45:8b:91:b6:4c:3f:9e:a8:31:2d:0a:af:99:36:aa:f5:
0d:e6:bd:c5:aa:27:62:ea:18:7d:bb:e5:91:3e:f8:c6:49:92:
b1:2e:74:64:77:b2:3a:a9:0c:b4:07:d8:52:5e:74:9d:b7:78:
b3:ab:35:5e:23:18:b6:f6:96:b8:be:b3:50:ef:b2:44:c0:e1:
25:c2:b9:29
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
RjJCM0MzQTlBMUI1M0MxNkMxQzcwRTU1MTFBRDU5MDMyODRGQjAeFw0yMTA5Mjkw
MjUwMzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEJCRUEzMTNDQTcxQjJD
NURENkRCQjIzMEQ0MjQwODJCRTdDRjk1NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBWlljlIKVa5eYS8lflZNG7xTKqFphx31E6kC5yQ0JyZH977VA
HD2dU37sdgI6qVrZnXa0ILNYGrR63j/83XBzq821l6W1ZOjqwm0SD99qvtPCnpHC
GTGwr6xmWgsDQC3cCEyKxAcm09LZaB8CSOqkMUkEQiz26ncO5y+7REtFB/kQmEkX
iE81IUzaxIsdbfjWbIxum5TYB7s1LYieC/UJH74PRagvDBXA7DJrCXvu7w+NczMA
9ofPepsf/Xr3OtvTKMPLaRFsZDDl/+YsN7ag+v+sCQ1DDEDYaJMH6hlPJ3MB6t0e
e8lkW5uvHOPQmkJoa5/In5HLn3CxrQXEeTWPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUu+oxPKcbLF3W27Iw1CQIK+fPlVEwHwYDVR0jBBgwFoAULe8rPDqaG1PBbBxw
5VEa1ZAyhPswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTkZP
Ui9MZThyUERxYUcxUEJiQnh3NVZFYTFaQXloUHMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0xlOHJQRHFhRzFQQmJCeHc1VkVhMVpBeWhQcy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL09QRU5GT1IvdS1veFBLY2JMRjNXMjdJ
dzFDUUlLLWZQbFZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQF5MAwDQYJKoZIhvcNAQELBQADggEBAC0egli/R18PuzcdDKkXW9f01rn6mL2b
XrZymCgGFrif9xxkc8J+m+5Nu11wtSMBhBTBqsWFXFH+PD/n/YEaHWjtkexHEzk1
wNTp9vTL5pjxXaCAEQLKNx07ZcS+3CQfcn0F9iGeSIjCvt3XFQ0PIt6Bx7ASpHiT
liijnhnkRsWio+lNuDjmzwN3Tsa2teeOfnPciUOyTaosvKnvPE18KSoJmGZAL9x5
uMeP1PEw2HSufAyVk3T8RYuRtkw/nqgxLQqvmTaq9Q3mvcWqJ2LqGH275ZE++MZJ
krEudGR3sjqpDLQH2FJedJ23eLOrNV4jGLb2lri+s1DvskTA4SXCuSk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:14 2023 by rpki-client on console-fra.rpki-client.org