Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PQS/lP9tvmbjZFJI3-WS1mTuhy3YxrY.roa
File: lP9tvmbjZFJI3-WS1mTuhy3YxrY.roa (raw, json)
Hash identifier: 2V72YOUis0m+/Y7U9leXdIa+yMzEVHuRiu2Geb9Ihek=
Subject key identifier: 94:FF:6D:BE:66:E3:64:52:48:DF:E5:92:D6:64:EE:87:2D:D8:C6:B6
Certificate issuer: /CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Certificate serial: 0C69
Authority key identifier: C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/lP9tvmbjZFJI3-WS1mTuhy3YxrY.roa
Signing time: Wed 29 Sep 2021 02:37:21 +0000
ROA not before: Wed 29 Sep 2021 02:37:21 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 64271
IP address blocks: 2404:aac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3177 (0xc69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Validity
Not Before: Sep 29 02:37:21 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=94FF6DBE66E3645248DFE592D664EE872DD8C6B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:24:50:ac:b6:b9:98:60:91:2f:7d:d4:c8:2d:
43:6d:93:c1:2d:eb:39:b5:a6:3d:e7:f4:aa:37:d3:
af:37:2a:18:e6:33:bb:8d:46:ce:5f:93:f6:8e:2a:
6e:b3:92:69:45:51:82:56:5a:74:c9:c7:56:d5:1d:
34:cc:c1:3c:83:ba:da:6f:eb:6a:f1:e1:68:bb:58:
df:7a:7a:a6:d0:b5:96:a2:39:aa:0e:8a:80:b5:19:
9a:ff:dd:f9:b7:6b:5b:46:3b:57:0a:c2:e5:3d:b4:
88:63:cb:af:4a:4d:37:ad:85:37:50:f1:bd:ce:99:
95:b9:6b:d2:ab:4e:b0:68:c8:0a:14:a1:48:4b:c4:
48:17:d9:63:8c:34:5a:10:37:5c:60:d6:8c:97:ee:
d6:09:dc:6e:08:3c:5a:d3:45:0c:64:63:72:f7:59:
2e:c4:3b:82:17:a4:c2:dd:e2:3c:a8:c9:a7:2f:6c:
73:32:6e:06:b9:56:ec:1b:a6:e7:38:3e:f0:26:fc:
b3:bb:40:90:9b:98:ac:c6:f1:9d:d1:29:81:30:8f:
32:76:9e:8e:54:78:04:fd:d2:fe:64:ab:ec:a7:d0:
c7:a7:26:be:c5:8a:d3:ff:ab:47:e8:f2:7d:8d:35:
37:8a:36:bb:c7:cc:9a:5c:dd:1c:52:f2:a2:d4:53:
18:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:FF:6D:BE:66:E3:64:52:48:DF:E5:92:D6:64:EE:87:2D:D8:C6:B6
X509v3 Authority Key Identifier:
keyid:C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/wU-s_UXCwCdo6CcvT7g_su2vdDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/lP9tvmbjZFJI3-WS1mTuhy3YxrY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:aac0::/32
Signature Algorithm: sha256WithRSAEncryption
ab:c5:db:5b:89:37:d5:3d:43:51:8d:0c:a1:d8:82:c9:99:ea:
ad:d6:8c:2e:aa:9f:d7:9f:12:7f:7a:bc:50:be:14:20:7e:4f:
2e:cc:7c:f2:a8:b7:db:7f:42:b6:13:7d:20:f7:1e:dc:22:a8:
40:63:a6:72:1f:5e:7f:a2:ab:a2:bc:15:52:b7:67:97:73:66:
d7:c8:e6:16:96:1f:0a:61:c0:1f:6f:58:a3:3b:35:30:dc:fa:
c7:90:13:eb:cb:44:2e:e5:99:ed:c5:16:a8:70:f5:9a:12:13:
d1:1d:92:4a:ae:7e:24:bd:4a:ee:6b:cc:93:fb:99:5a:dd:e6:
0c:61:c3:66:01:c3:ec:d5:f5:3a:70:b3:9d:13:ec:50:ad:4c:
cd:65:ac:bc:87:9f:93:02:e1:fd:eb:4d:6b:44:64:2d:4f:3b:
ce:b2:0b:70:9f:f6:89:93:fd:2b:10:f4:67:31:f7:0c:06:27:
ff:5f:d0:4f:72:bf:88:2f:f5:58:a3:e8:66:df:73:89:11:4b:
77:ca:b7:74:87:28:fe:30:0a:a3:06:fe:48:3b:25:79:58:f0:
f1:1d:e7:77:55:d7:71:70:1e:78:88:e6:84:d0:41:bb:c5:fd:
87:4b:0e:d7:19:b7:d3:ed:a7:18:c9:b1:47:6d:c8:73:c2:36:
43:ff:83:54
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzE0
RkFDRkQ0NUMyQzAyNzY4RTgyNzJGNEZCODNGQjJFREFGNzQzOTAeFw0yMTA5Mjkw
MjM3MjFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk0RkY2REJFNjZFMzY0
NTI0OERGRTU5MkQ2NjRFRTg3MkREOEM2QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8JFCstrmYYJEvfdTILUNtk8Et6zm1pj3n9Ko30683KhjmM7uN
Rs5fk/aOKm6zkmlFUYJWWnTJx1bVHTTMwTyDutpv62rx4Wi7WN96eqbQtZaiOaoO
ioC1GZr/3fm3a1tGO1cKwuU9tIhjy69KTTethTdQ8b3OmZW5a9KrTrBoyAoUoUhL
xEgX2WOMNFoQN1xg1oyX7tYJ3G4IPFrTRQxkY3L3WS7EO4IXpMLd4jyoyacvbHMy
bga5Vuwbpuc4PvAm/LO7QJCbmKzG8Z3RKYEwjzJ2no5UeAT90v5kq+yn0MenJr7F
itP/q0fo8n2NNTeKNrvHzJpc3RxS8qLUUxjZAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUlP9tvmbjZFJI3+WS1mTuhy3YxrYwHwYDVR0jBBgwFoAUwU+s/UXCwCdo6Ccv
T7g/su2vdDkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL3dV
LXNfVVhDd0NkbzZDY3ZUN2dfc3UydmREay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
d1Utc19VWEN3Q2RvNkNjdlQ3Z19zdTJ2ZERrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL2xQOXR2bWJqWkZKSTMtV1MxbVR1aHkz
WXhyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBKrAMA0G
CSqGSIb3DQEBCwUAA4IBAQCrxdtbiTfVPUNRjQyh2ILJmeqt1owuqp/XnxJ/erxQ
vhQgfk8uzHzyqLfbf0K2E30g9x7cIqhAY6ZyH15/oquivBVSt2eXc2bXyOYWlh8K
YcAfb1ijOzUw3PrHkBPry0Qu5ZntxRaocPWaEhPRHZJKrn4kvUrua8yT+5la3eYM
YcNmAcPs1fU6cLOdE+xQrUzNZay8h5+TAuH9601rRGQtTzvOsgtwn/aJk/0rEPRn
MfcMBif/X9BPcr+IL/VYo+hm33OJEUt3yrd0hyj+MAqjBv5IOyV5WPDxHed3Vddx
cB54iOaE0EG7xf2HSw7XGbfT7acYybFHbchzwjZD/4NU
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org