Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/7ZopbYbPgX4kFyQZCfLck5T0POE.roa
File: 7ZopbYbPgX4kFyQZCfLck5T0POE.roa (raw, json)
Hash identifier: SHHBzdTqVQMsu2F6erHiytINcwEQ86CaYYRZAz7+rZY=
Subject key identifier: ED:9A:29:6D:86:CF:81:7E:24:17:24:19:09:F2:DC:93:94:F4:3C:E1
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 0670
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/7ZopbYbPgX4kFyQZCfLck5T0POE.roa
Signing time: Thu 15 Sep 2022 02:49:35 +0000
ROA not before: Thu 15 Sep 2022 02:49:35 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131642
IP address blocks: 2405:cdc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1648 (0x670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Sep 15 02:49:35 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=ED9A296D86CF817E2417241909F2DC9394F43CE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:31:f4:d6:d6:27:66:f6:6c:f0:d9:2a:d0:25:
06:05:64:e1:80:55:2c:ae:f1:b3:7b:f8:5b:b0:21:
16:40:45:30:a2:ad:74:5d:ec:e7:15:66:f1:1c:93:
ca:f6:9e:33:5d:f2:70:5d:f9:1c:53:45:ff:92:64:
4d:fa:68:ad:12:67:df:91:3d:f7:4c:f9:68:49:4d:
ac:70:c6:0e:36:fa:c7:d5:72:09:03:97:5c:1a:de:
4f:b9:72:d0:33:a8:70:19:03:7d:e0:a3:79:bd:e9:
8c:20:65:ce:a7:26:bf:62:04:bc:d8:b2:ed:61:df:
78:e9:d1:cf:a8:c8:a6:52:53:5f:a2:2e:3b:7d:f5:
bd:d2:2b:de:b7:1a:c0:93:42:bf:51:fb:82:93:d5:
72:d4:0d:77:02:64:73:57:f3:73:08:34:ce:c2:1f:
0f:61:f7:7b:13:0e:19:72:bd:5f:aa:cd:b8:e2:c2:
b0:41:f5:e4:b2:79:bf:4d:17:b8:bf:ae:38:22:61:
db:83:e6:d8:e2:cc:00:e0:85:18:4a:15:cd:1b:d0:
e7:9c:e1:d3:17:75:77:9c:ed:34:9e:cd:ab:75:27:
dd:7d:d2:af:68:3a:6a:cb:3c:d1:b0:dc:d8:04:cd:
14:22:35:15:e8:d1:98:f2:3c:74:33:1b:7d:24:e5:
5c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9A:29:6D:86:CF:81:7E:24:17:24:19:09:F2:DC:93:94:F4:3C:E1
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/7ZopbYbPgX4kFyQZCfLck5T0POE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:cdc0::/32
Signature Algorithm: sha256WithRSAEncryption
85:2c:da:1d:f3:a6:ad:a6:55:d5:9f:6b:88:30:4b:91:a3:95:
ca:12:56:43:8c:96:73:12:82:59:a0:38:f4:20:03:14:b0:89:
97:0d:c8:1a:08:8a:04:fe:92:55:07:ca:50:58:81:34:e2:f8:
02:83:d2:76:e7:9f:80:66:f5:c2:25:16:71:16:6c:d9:70:0c:
4a:3e:9c:7d:bb:f5:fe:68:05:fc:d0:c3:81:e8:9e:2f:94:03:
c2:3b:73:ca:ad:1b:66:d7:e2:d5:b7:2b:1d:35:f7:8e:bd:5a:
6d:ad:33:80:a3:be:73:e6:6b:b3:55:9b:41:39:d3:68:69:92:
fc:a5:38:25:d3:7e:a0:6d:76:69:18:c2:01:87:45:61:52:05:
f7:bb:d7:13:69:3d:f7:6d:34:6f:93:73:57:d6:84:5a:7e:a4:
dc:fc:81:62:da:84:c5:f3:68:e5:26:96:cf:76:22:f8:b8:91:
a9:51:7c:cc:01:31:d3:31:85:80:57:94:e3:a8:db:a9:da:4f:
aa:ad:27:b9:a7:98:f0:f9:1d:55:c4:3c:85:c6:be:c9:2f:54:
bf:87:f4:bf:e3:89:d5:3d:a7:81:af:4a:47:f1:a8:e9:5b:4d:
3d:4e:8d:7c:52:7c:29:f1:17:52:13:b4:49:fd:5d:c5:d8:35:
da:e3:94:76
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICBnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yMjA5MTUw
MjQ5MzVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEVEOUEyOTZEODZDRjgx
N0UyNDE3MjQxOTA5RjJEQzkzOTRGNDNDRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnMfTW1idm9mzw2SrQJQYFZOGAVSyu8bN7+FuwIRZARTCirXRd
7OcVZvEck8r2njNd8nBd+RxTRf+SZE36aK0SZ9+RPfdM+WhJTaxwxg42+sfVcgkD
l1wa3k+5ctAzqHAZA33go3m96YwgZc6nJr9iBLzYsu1h33jp0c+oyKZSU1+iLjt9
9b3SK963GsCTQr9R+4KT1XLUDXcCZHNX83MINM7CHw9h93sTDhlyvV+qzbjiwrBB
9eSyeb9NF7i/rjgiYduD5tjizADghRhKFc0b0Oec4dMXdXec7TSezat1J9190q9o
OmrLPNGw3NgEzRQiNRXo0ZjyPHQzG30k5VxZAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU7ZopbYbPgX4kFyQZCfLck5T0POEwHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JLzdab3BiWWJQZ1g0a0Z5UVpDZkxjazVU
MFBPRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBc3AMA0G
CSqGSIb3DQEBCwUAA4IBAQCFLNod86atplXVn2uIMEuRo5XKElZDjJZzEoJZoDj0
IAMUsImXDcgaCIoE/pJVB8pQWIE04vgCg9J255+AZvXCJRZxFmzZcAxKPpx9u/X+
aAX80MOB6J4vlAPCO3PKrRtm1+LVtysdNfeOvVptrTOAo75z5muzVZtBOdNoaZL8
pTgl036gbXZpGMIBh0VhUgX3u9cTaT33bTRvk3NX1oRafqTc/IFi2oTF82jlJpbP
diL4uJGpUXzMATHTMYWAV5TjqNup2k+qrSe5p5jw+R1VxDyFxr7JL1S/h/S/44nV
PaeBr0pH8ajpW009To18Unwp8RdSE7RJ/V3F2DXa45R2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org