Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PQS/NcvMNHsh1YrVA8oJD6nqrOkDcnY.roa
File: NcvMNHsh1YrVA8oJD6nqrOkDcnY.roa (raw, json)
Hash identifier: 5yu8yIsOUZKLazYXsiJ583xvHXKNWOs0hKMN16zd6Ik=
Subject key identifier: 35:CB:CC:34:7B:21:D5:8A:D5:03:CA:09:0F:A9:EA:AC:E9:03:72:76
Certificate issuer: /CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Certificate serial: 0C6C
Authority key identifier: C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/NcvMNHsh1YrVA8oJD6nqrOkDcnY.roa
Signing time: Wed 29 Sep 2021 02:37:21 +0000
ROA not before: Wed 29 Sep 2021 02:37:21 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 64271
IP address blocks: 2404:aac0::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3180 (0xc6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Validity
Not Before: Sep 29 02:37:21 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=35CBCC347B21D58AD503CA090FA9EAACE9037276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0c:cf:07:b2:81:5c:b9:f8:00:e6:db:ff:13:
d5:3e:43:8b:77:1d:d0:62:87:c7:81:b4:90:23:c4:
3d:8a:2f:96:d1:ef:52:43:71:fb:6a:11:5e:8b:7b:
dc:f7:6b:3d:dd:17:c2:95:d8:0f:0c:99:27:11:22:
92:c2:5e:f5:49:c6:8c:1f:b7:01:77:49:f5:38:0f:
a2:85:f0:8b:36:52:27:dd:85:0a:4a:7c:77:81:cc:
9a:06:2d:fd:08:3a:cf:83:f3:b5:3f:e5:08:c4:3b:
c9:1d:55:40:55:36:36:27:75:46:13:85:5a:fa:21:
a5:8b:80:ba:a8:fc:46:01:bc:2d:8c:9f:6d:d5:ce:
af:a9:74:6f:39:32:c6:da:e0:34:8d:96:c9:2a:1a:
3f:3b:ce:a0:88:d6:86:a4:77:18:ea:58:46:0b:ae:
22:6b:15:f3:bc:db:ad:b2:09:df:ee:f7:47:53:a3:
6f:23:ba:a4:4d:60:c5:1b:88:44:49:26:40:c8:8d:
4e:b5:ad:d0:ac:0c:65:6b:ca:bd:df:50:ab:ca:4a:
b8:05:60:0c:07:04:ef:19:5a:f9:53:82:98:56:85:
46:4b:c5:6d:0f:1c:c1:35:5b:68:64:1b:02:f0:d5:
f7:eb:b5:ed:04:63:5b:51:41:0e:c6:63:58:e9:d8:
4b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CB:CC:34:7B:21:D5:8A:D5:03:CA:09:0F:A9:EA:AC:E9:03:72:76
X509v3 Authority Key Identifier:
keyid:C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/wU-s_UXCwCdo6CcvT7g_su2vdDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/NcvMNHsh1YrVA8oJD6nqrOkDcnY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:aac0::/44
Signature Algorithm: sha256WithRSAEncryption
20:84:68:0e:e0:d0:57:43:9c:7a:7e:b8:58:24:ff:a4:e7:9b:
e3:5a:dc:e1:91:fd:bc:d0:3d:af:6c:fd:70:79:a5:7f:69:36:
12:70:73:4c:ee:97:2a:4d:e5:7a:0f:d9:25:6a:38:ff:fb:aa:
d8:af:53:05:c8:77:1c:7a:c7:0c:17:67:b6:cd:ac:5e:5a:20:
20:1a:3f:9d:19:28:dd:45:3e:a7:d5:83:b0:45:6f:e8:af:8c:
a5:a9:3f:bd:67:b8:2c:2c:34:c5:fa:8d:ff:52:39:93:9d:30:
4d:2e:e1:06:76:b8:9a:36:10:64:45:bd:18:ac:5c:f3:d4:6d:
88:06:62:a9:15:33:e0:6b:7f:87:d2:a8:f9:ff:55:b7:d8:77:
1b:43:39:36:cc:70:2a:dc:cb:e1:03:f2:a1:33:99:16:b0:68:
b1:4f:9c:88:7f:18:aa:e0:d1:c3:1f:c8:cb:20:93:45:a2:2e:
1b:2f:0a:45:e9:38:ae:7e:98:d2:9e:df:f7:46:30:9a:8a:5d:
67:16:dc:89:4a:11:a2:79:24:9c:07:f2:a2:aa:61:87:a8:81:
3d:73:57:5f:02:8e:e3:61:3a:56:8b:30:da:ab:be:ab:49:c2:
5f:df:b4:42:8d:ce:ed:a8:06:34:31:bc:f1:45:2d:61:91:58:
53:9a:72:26
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDGwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzE0
RkFDRkQ0NUMyQzAyNzY4RTgyNzJGNEZCODNGQjJFREFGNzQzOTAeFw0yMTA5Mjkw
MjM3MjFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM1Q0JDQzM0N0IyMUQ1
OEFENTAzQ0EwOTBGQTlFQUFDRTkwMzcyNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvDM8HsoFcufgA5tv/E9U+Q4t3HdBih8eBtJAjxD2KL5bR71JD
cftqEV6Le9z3az3dF8KV2A8MmScRIpLCXvVJxowftwF3SfU4D6KF8Is2UifdhQpK
fHeBzJoGLf0IOs+D87U/5QjEO8kdVUBVNjYndUYThVr6IaWLgLqo/EYBvC2Mn23V
zq+pdG85Msba4DSNlskqGj87zqCI1oakdxjqWEYLriJrFfO8262yCd/u90dTo28j
uqRNYMUbiERJJkDIjU61rdCsDGVryr3fUKvKSrgFYAwHBO8ZWvlTgphWhUZLxW0P
HME1W2hkGwLw1ffrte0EY1tRQQ7GY1jp2Eu5AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUNcvMNHsh1YrVA8oJD6nqrOkDcnYwHwYDVR0jBBgwFoAUwU+s/UXCwCdo6Ccv
T7g/su2vdDkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL3dV
LXNfVVhDd0NkbzZDY3ZUN2dfc3UydmREay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
d1Utc19VWEN3Q2RvNkNjdlQ3Z19zdTJ2ZERrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL05jdk1OSHNoMVlyVkE4b0pENm5xck9r
RGNuWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkBKrAAAAw
DQYJKoZIhvcNAQELBQADggEBACCEaA7g0FdDnHp+uFgk/6Tnm+Na3OGR/bzQPa9s
/XB5pX9pNhJwc0zulypN5XoP2SVqOP/7qtivUwXIdxx6xwwXZ7bNrF5aICAaP50Z
KN1FPqfVg7BFb+ivjKWpP71nuCwsNMX6jf9SOZOdME0u4QZ2uJo2EGRFvRisXPPU
bYgGYqkVM+Brf4fSqPn/VbfYdxtDOTbMcCrcy+ED8qEzmRawaLFPnIh/GKrg0cMf
yMsgk0WiLhsvCkXpOK5+mNKe3/dGMJqKXWcW3IlKEaJ5JJwH8qKqYYeogT1zV18C
juNhOlaLMNqrvqtJwl/ftEKNzu2oBjQxvPFFLWGRWFOaciY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org