Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/mlhIJnN1dfbOEvjGTcE83FLq17Q.roa
File: mlhIJnN1dfbOEvjGTcE83FLq17Q.roa (raw, json)
Hash identifier: 3vw+JDOv57RlN0tHlr6ZpRnyVCkks38Q5eFaOBjGG3w=
Subject key identifier: 9A:58:48:26:73:75:75:F6:CE:12:F8:C6:4D:C1:3C:DC:52:EA:D7:B4
Certificate issuer: /CN=6E398C52CC2A079DA90148210AC85328C11BBE96
Certificate serial: 060C
Authority key identifier: 6E:39:8C:52:CC:2A:07:9D:A9:01:48:21:0A:C8:53:28:C1:1B:BE:96
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/mlhIJnN1dfbOEvjGTcE83FLq17Q.roa
Signing time: Tue 19 Jan 2021 02:30:43 +0000
ROA not before: Tue 19 Jan 2021 02:30:43 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131677
IP address blocks: 2405:b8c0::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1548 (0x60c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6E398C52CC2A079DA90148210AC85328C11BBE96
Validity
Not Before: Jan 19 02:30:43 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=9A584826737575F6CE12F8C64DC13CDC52EAD7B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d5:89:e4:36:02:02:f3:f1:65:47:a5:fd:b5:
b4:86:64:20:6e:92:be:e5:bc:0c:c8:3b:71:aa:ad:
d3:69:26:a2:02:50:d2:e8:7e:d9:8f:e1:43:e6:94:
56:a2:09:5d:24:8b:61:3b:18:0a:e2:0c:99:ff:34:
50:11:44:63:f4:40:14:be:e4:a8:a2:7d:94:3b:91:
f7:e6:7a:8b:a0:ec:54:68:36:df:8b:f4:7e:97:fd:
67:d1:9f:dd:ce:77:d3:e4:8e:eb:f8:26:9b:80:00:
32:95:ce:f7:8b:d7:c8:cb:b5:2a:f1:af:a4:93:1b:
7c:52:16:a2:a7:05:9e:19:bb:b7:a8:c8:a4:66:79:
da:ea:13:38:88:5c:93:47:fc:5e:dd:24:89:28:a2:
9e:96:75:18:0a:f9:ef:51:d6:51:26:97:9c:a2:9f:
b5:37:62:c5:b2:a8:cb:0c:0b:74:7d:a9:82:65:89:
a5:c9:fe:f5:e4:1b:96:33:5f:c4:21:89:71:c6:06:
ce:6d:74:b0:42:51:6d:33:1e:19:68:84:27:ea:19:
3a:6d:4f:07:6b:f9:34:2b:dc:41:8e:cf:17:b0:20:
65:f6:75:b0:dd:77:1b:6a:ea:d8:2c:36:0e:a9:86:
1a:a5:56:56:e8:35:7d:43:e6:e0:b2:28:30:73:57:
a6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:58:48:26:73:75:75:F6:CE:12:F8:C6:4D:C1:3C:DC:52:EA:D7:B4
X509v3 Authority Key Identifier:
keyid:6E:39:8C:52:CC:2A:07:9D:A9:01:48:21:0A:C8:53:28:C1:1B:BE:96
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bjmMUswqB52pAUghCshTKMEbvpY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/mlhIJnN1dfbOEvjGTcE83FLq17Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:b8c0::/32
Signature Algorithm: sha256WithRSAEncryption
79:b2:95:aa:ff:ad:fc:96:2f:00:77:f3:d2:10:a8:90:b6:d6:
56:41:e5:7c:2b:94:c0:2a:a2:8f:d6:ba:e1:10:36:52:ae:79:
24:d6:ae:67:c2:1d:0c:5a:ed:83:3c:4c:db:c6:8e:ee:1d:25:
cb:c9:cb:f9:35:b6:31:f8:59:93:ed:47:09:85:cc:e4:67:a4:
4a:53:33:25:bf:51:ee:87:58:8e:49:ec:c0:77:b6:c3:14:b6:
54:c2:04:54:5b:fd:4f:e5:02:9e:c4:f3:9e:19:e7:24:0f:88:
ea:50:e1:b0:be:d3:d1:90:0e:30:9d:84:68:58:bc:28:cc:35:
fd:aa:00:d5:a6:6c:cc:5c:3a:7f:91:3b:07:98:df:77:67:2c:
c3:d4:dd:d1:b0:d4:b3:81:ce:70:2f:44:1c:b1:2b:83:43:b0:
91:fa:04:2d:3d:cd:8d:2c:88:e0:4c:55:4c:a6:2b:aa:d9:16:
0e:49:fa:2e:54:04:69:1a:fc:bc:35:30:7d:d0:2d:a9:9d:ae:
c7:50:31:42:62:b2:c9:df:6a:c2:df:e6:3b:ed:32:22:c5:56:
60:fe:35:1f:56:a1:56:77:e4:86:3e:f7:83:55:bf:3f:5c:1a:
a0:e6:10:34:e8:5c:58:f2:04:bf:c9:dc:29:5d:01:59:3f:52:
e0:4e:f0:c6
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkUz
OThDNTJDQzJBMDc5REE5MDE0ODIxMEFDODUzMjhDMTFCQkU5NjAeFw0yMTAxMTkw
MjMwNDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlBNTg0ODI2NzM3NTc1
RjZDRTEyRjhDNjREQzEzQ0RDNTJFQUQ3QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq1YnkNgIC8/FlR6X9tbSGZCBukr7lvAzIO3GqrdNpJqICUNLo
ftmP4UPmlFaiCV0ki2E7GAriDJn/NFARRGP0QBS+5KiifZQ7kffmeoug7FRoNt+L
9H6X/WfRn93Od9Pkjuv4JpuAADKVzveL18jLtSrxr6STG3xSFqKnBZ4Zu7eoyKRm
edrqEziIXJNH/F7dJIkoop6WdRgK+e9R1lEml5yin7U3YsWyqMsMC3R9qYJliaXJ
/vXkG5YzX8QhiXHGBs5tdLBCUW0zHhlohCfqGTptTwdr+TQr3EGOzxewIGX2dbDd
dxtq6tgsNg6phhqlVlboNX1D5uCyKDBzV6ajAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUmlhIJnN1dfbOEvjGTcE83FLq17QwHwYDVR0jBBgwFoAUbjmMUswqB52pAUgh
CshTKMEbvpYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTlJJ
Q0gvYmptTVVzd3FCNTJwQVVnaENzaFRLTUVidnBZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9iam1NVXN3cUI1MnBBVWdoQ3NoVEtNRWJ2cFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9PUEVOUklDSC9tbGhJSm5OMWRmYk9F
dmpHVGNFODNGTHExN1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAW4wDANBgkqhkiG9w0BAQsFAAOCAQEAebKVqv+t/JYvAHfz0hCokLbWVkHl
fCuUwCqij9a64RA2Uq55JNauZ8IdDFrtgzxM28aO7h0ly8nL+TW2MfhZk+1HCYXM
5GekSlMzJb9R7odYjknswHe2wxS2VMIEVFv9T+UCnsTznhnnJA+I6lDhsL7T0ZAO
MJ2EaFi8KMw1/aoA1aZszFw6f5E7B5jfd2csw9Td0bDUs4HOcC9EHLErg0OwkfoE
LT3NjSyI4ExVTKYrqtkWDkn6LlQEaRr8vDUwfdAtqZ2ux1AxQmKyyd9qwt/mO+0y
IsVWYP41H1ahVnfkhj73g1W/P1waoOYQNOhcWPIEv8ncKV0BWT9S4E7wxg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:02 2023 by rpki-client on console-ams.rpki-client.org