Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PQS/9TX_kRzqZtLK0u3_mqNIgRfmwVo.roa
File: 9TX_kRzqZtLK0u3_mqNIgRfmwVo.roa (raw, json)
Hash identifier: NyNObd1nThmGWPwXNryiKmrQtnczxQVUB9OpRF+7W6g=
Subject key identifier: F5:35:FF:91:1C:EA:66:D2:CA:D2:ED:FF:9A:A3:48:81:17:E6:C1:5A
Certificate issuer: /CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Certificate serial: 0C6B
Authority key identifier: C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/9TX_kRzqZtLK0u3_mqNIgRfmwVo.roa
Signing time: Wed 29 Sep 2021 02:37:21 +0000
ROA not before: Wed 29 Sep 2021 02:37:21 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131642
IP address blocks: 2404:aac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3179 (0xc6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Validity
Not Before: Sep 29 02:37:21 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=F535FF911CEA66D2CAD2EDFF9AA3488117E6C15A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ad:c4:9f:c1:9e:8e:c1:2b:26:60:9a:8a:4b:
92:7c:48:2f:60:0f:e9:46:a9:da:a2:13:fc:b8:bd:
17:4f:47:a4:37:1c:00:4f:fe:bb:39:42:3c:a3:ad:
92:31:33:18:33:e6:c4:ed:34:b0:b5:3f:05:48:1a:
83:e3:c1:34:39:cd:d9:d5:b6:42:6e:23:6c:25:48:
36:e0:88:f1:b1:5c:ad:ea:ef:84:c2:07:0b:09:4e:
3e:9a:e3:7b:75:b5:5d:bd:63:fc:dd:bf:76:60:5f:
20:d2:61:6a:df:77:49:96:1a:d8:89:bd:a3:6d:27:
c6:33:d1:2d:64:da:e8:7c:65:4d:e2:e3:c9:b4:1f:
33:a5:0d:81:6e:aa:c1:b2:01:30:da:14:ae:58:00:
b9:87:88:58:da:2e:78:20:ff:82:8e:fd:e3:f7:65:
e0:82:8f:41:dc:e1:59:9d:57:6e:15:6b:cf:88:48:
94:aa:78:3f:10:f6:fb:eb:0c:8e:46:e7:ef:a5:3c:
05:4f:45:e2:57:7c:2e:7b:cc:00:01:72:3f:55:3a:
60:37:bf:65:5e:02:be:26:09:10:c6:c2:df:95:55:
3d:44:1c:35:86:07:cd:cc:ad:49:e9:6b:3d:b0:e8:
b5:5a:94:90:d0:cc:ea:be:e5:ab:a7:2a:c3:a3:2b:
c2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:35:FF:91:1C:EA:66:D2:CA:D2:ED:FF:9A:A3:48:81:17:E6:C1:5A
X509v3 Authority Key Identifier:
keyid:C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/wU-s_UXCwCdo6CcvT7g_su2vdDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/9TX_kRzqZtLK0u3_mqNIgRfmwVo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:aac0::/32
Signature Algorithm: sha256WithRSAEncryption
67:46:94:ae:d6:70:1e:9f:22:5f:0c:2c:36:f8:61:97:32:e3:
99:df:db:8d:bd:9f:40:04:05:29:0f:e4:2e:38:7d:53:de:08:
fa:de:7e:bd:2f:af:45:62:53:64:01:f4:3c:f3:0a:7b:03:2e:
34:65:ff:e6:12:3c:d8:90:5f:4d:75:41:27:29:0a:b6:dd:2b:
fa:87:5a:fe:81:aa:e7:a1:13:f4:28:0f:53:6b:de:8a:c5:7a:
8c:e5:66:2b:19:a1:75:ab:21:07:62:82:6a:be:3d:10:0e:ef:
ef:76:fd:63:93:07:da:29:91:13:8c:2a:64:28:b0:40:e2:c4:
90:72:e3:59:2b:b5:48:f5:2d:da:28:f5:e1:fd:76:b8:18:cd:
d6:13:77:39:7d:81:f0:91:18:03:58:d8:ae:7d:86:8f:7c:59:
d1:fc:1e:42:63:c8:d3:aa:ab:60:97:52:f3:78:97:af:7e:a6:
22:cf:e7:f1:3b:38:15:36:c2:51:fb:d5:75:2f:97:e0:a7:02:
23:1a:32:8c:a5:e4:95:35:0c:63:e1:ba:36:26:7b:a3:9c:12:
c0:ac:11:72:0e:12:e5:b3:b9:bc:65:1e:50:67:65:c2:f6:0d:
79:49:41:e3:70:f8:99:66:94:ef:72:7b:94:aa:5d:9b:53:fd:
fb:d6:25:bf
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDGswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzE0
RkFDRkQ0NUMyQzAyNzY4RTgyNzJGNEZCODNGQjJFREFGNzQzOTAeFw0yMTA5Mjkw
MjM3MjFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEY1MzVGRjkxMUNFQTY2
RDJDQUQyRURGRjlBQTM0ODgxMTdFNkMxNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRrcSfwZ6OwSsmYJqKS5J8SC9gD+lGqdqiE/y4vRdPR6Q3HABP
/rs5QjyjrZIxMxgz5sTtNLC1PwVIGoPjwTQ5zdnVtkJuI2wlSDbgiPGxXK3q74TC
BwsJTj6a43t1tV29Y/zdv3ZgXyDSYWrfd0mWGtiJvaNtJ8Yz0S1k2uh8ZU3i48m0
HzOlDYFuqsGyATDaFK5YALmHiFjaLngg/4KO/eP3ZeCCj0Hc4VmdV24Va8+ISJSq
eD8Q9vvrDI5G5++lPAVPReJXfC57zAABcj9VOmA3v2VeAr4mCRDGwt+VVT1EHDWG
B83MrUnpaz2w6LValJDQzOq+5aunKsOjK8KtAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU9TX/kRzqZtLK0u3/mqNIgRfmwVowHwYDVR0jBBgwFoAUwU+s/UXCwCdo6Ccv
T7g/su2vdDkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL3dV
LXNfVVhDd0NkbzZDY3ZUN2dfc3UydmREay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
d1Utc19VWEN3Q2RvNkNjdlQ3Z19zdTJ2ZERrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTLzlUWF9rUnpxWnRMSzB1M19tcU5JZ1Jm
bXdWby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBKrAMA0G
CSqGSIb3DQEBCwUAA4IBAQBnRpSu1nAenyJfDCw2+GGXMuOZ39uNvZ9ABAUpD+Qu
OH1T3gj63n69L69FYlNkAfQ88wp7Ay40Zf/mEjzYkF9NdUEnKQq23Sv6h1r+garn
oRP0KA9Ta96KxXqM5WYrGaF1qyEHYoJqvj0QDu/vdv1jkwfaKZETjCpkKLBA4sSQ
cuNZK7VI9S3aKPXh/Xa4GM3WE3c5fYHwkRgDWNiufYaPfFnR/B5CY8jTqqtgl1Lz
eJevfqYiz+fxOzgVNsJR+9V1L5fgpwIjGjKMpeSVNQxj4bo2JnujnBLArBFyDhLl
s7m8ZR5QZ2XC9g15SUHjcPiZZpTvcnuUql2bU/371iW/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:14 2023 by rpki-client on console-fra.rpki-client.org