Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PQS/v286fT58ZzXJgVgY1g1HQj3y33s.roa
File: v286fT58ZzXJgVgY1g1HQj3y33s.roa (raw, json)
Hash identifier: VOzGzt9WGksavLjxT+tZ988w12VY1Z+rcpVgwCTzbvA=
Subject key identifier: BF:6F:3A:7D:3E:7C:67:35:C9:81:58:18:D6:0D:47:42:3D:F2:DF:7B
Certificate issuer: /CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Certificate serial: 0A58
Authority key identifier: C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/v286fT58ZzXJgVgY1g1HQj3y33s.roa
Signing time: Tue 29 Sep 2020 10:05:34 +0000
ROA not before: Tue 29 Sep 2020 10:05:34 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131642
IP address blocks: 2404:aac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2648 (0xa58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C14FACFD45C2C02768E8272F4FB83FB2EDAF7439
Validity
Not Before: Sep 29 10:05:34 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=BF6F3A7D3E7C6735C9815818D60D47423DF2DF7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4b:70:d6:e0:1f:a2:4c:4d:0a:6d:77:03:80:
53:c5:3a:90:ef:8b:a4:52:1d:0c:f8:eb:00:1e:c8:
bf:91:08:c1:68:45:6c:0a:24:bc:9b:30:d5:a7:04:
82:da:79:9c:50:0b:91:14:17:0c:2f:27:9d:61:32:
39:54:66:24:ca:79:fb:45:74:d9:ae:f8:b0:94:64:
07:d0:79:aa:3c:02:58:7f:ba:91:7e:70:87:8d:8e:
2c:27:74:83:03:43:69:44:85:9b:b9:30:8a:48:09:
13:35:3d:16:61:28:6a:be:e7:23:2f:c9:6b:f6:f5:
99:58:c1:69:21:62:c8:a6:1f:37:91:5e:44:ad:53:
16:70:74:13:f7:0a:4e:f4:2e:2d:82:75:b9:78:f9:
f0:0a:c9:73:d0:4d:e0:ee:54:50:f0:de:8f:68:1b:
7b:d2:82:be:bc:6a:f7:50:75:ef:89:48:9b:ef:36:
7b:76:d5:c1:ea:62:c9:68:e1:d4:b8:13:ed:cf:95:
35:07:ce:ee:35:75:71:ca:90:f4:fa:c8:91:5b:e0:
c8:5a:22:b5:70:7c:02:11:28:6d:3c:bc:15:7c:77:
ff:a2:9a:f5:54:f7:38:58:52:31:77:b3:fa:03:aa:
32:8f:4d:7a:1d:d1:11:6a:58:54:38:55:a8:9d:f9:
ae:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:6F:3A:7D:3E:7C:67:35:C9:81:58:18:D6:0D:47:42:3D:F2:DF:7B
X509v3 Authority Key Identifier:
keyid:C1:4F:AC:FD:45:C2:C0:27:68:E8:27:2F:4F:B8:3F:B2:ED:AF:74:39
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/wU-s_UXCwCdo6CcvT7g_su2vdDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wU-s_UXCwCdo6CcvT7g_su2vdDk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PQS/v286fT58ZzXJgVgY1g1HQj3y33s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:aac0::/32
Signature Algorithm: sha256WithRSAEncryption
a0:a5:87:a0:12:56:7d:8a:d2:9a:2e:e8:71:9c:86:1e:c3:4e:
80:7f:b6:b3:eb:2b:6b:56:62:23:be:cc:03:39:b9:7e:98:09:
cc:71:d7:66:53:71:6c:1d:c0:7a:60:e5:02:71:6e:eb:b3:c9:
53:5a:b4:8d:da:79:50:ba:67:b5:99:80:f6:bd:0b:89:7d:4d:
a8:c4:ee:d2:52:9c:0a:b1:77:22:8c:10:72:4d:e0:06:47:53:
02:45:2d:16:06:af:66:04:78:f1:8e:57:21:3d:47:fd:7f:03:
08:80:02:64:f0:44:53:96:38:3e:15:a1:b0:c0:2b:21:fc:f3:
69:f1:22:7d:b0:17:b9:c9:2f:96:5f:af:31:c8:77:a0:19:ae:
d9:0a:96:b3:14:2c:95:df:65:11:3c:67:d6:da:01:b0:93:e6:
9c:b4:9f:5c:74:68:b5:a6:9a:6f:9c:be:08:7a:a8:b5:7e:f5:
23:45:ca:6d:4c:1d:58:6c:ea:55:57:ea:3f:ad:c6:48:e8:6b:
7a:d3:1c:eb:80:a4:82:c5:ed:60:ec:a3:49:84:57:77:4e:3e:
c1:36:75:35:a6:0f:ae:c1:a5:52:dc:7e:b7:74:52:c0:ae:a1:
70:09:d8:7f:b1:73:74:39:37:b0:f1:92:2e:77:78:9e:d1:ae:
40:ba:1d:0d
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICClgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzE0
RkFDRkQ0NUMyQzAyNzY4RTgyNzJGNEZCODNGQjJFREFGNzQzOTAeFw0yMDA5Mjkx
MDA1MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJGNkYzQTdEM0U3QzY3
MzVDOTgxNTgxOEQ2MEQ0NzQyM0RGMkRGN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChS3DW4B+iTE0KbXcDgFPFOpDvi6RSHQz46wAeyL+RCMFoRWwK
JLybMNWnBILaeZxQC5EUFwwvJ51hMjlUZiTKeftFdNmu+LCUZAfQeao8Alh/upF+
cIeNjiwndIMDQ2lEhZu5MIpICRM1PRZhKGq+5yMvyWv29ZlYwWkhYsimHzeRXkSt
UxZwdBP3Ck70Li2Cdbl4+fAKyXPQTeDuVFDw3o9oG3vSgr68avdQde+JSJvvNnt2
1cHqYslo4dS4E+3PlTUHzu41dXHKkPT6yJFb4MhaIrVwfAIRKG08vBV8d/+imvVU
9zhYUjF3s/oDqjKPTXod0RFqWFQ4Vaid+a4bAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUv286fT58ZzXJgVgY1g1HQj3y33swHwYDVR0jBBgwFoAUwU+s/UXCwCdo6Ccv
T7g/su2vdDkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL3dV
LXNfVVhDd0NkbzZDY3ZUN2dfc3UydmREay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
d1Utc19VWEN3Q2RvNkNjdlQ3Z19zdTJ2ZERrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUFFTL3YyODZmVDU4WnpYSmdWZ1kxZzFIUWoz
eTMzcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBKrAMA0G
CSqGSIb3DQEBCwUAA4IBAQCgpYegElZ9itKaLuhxnIYew06Af7az6ytrVmIjvswD
Obl+mAnMcddmU3FsHcB6YOUCcW7rs8lTWrSN2nlQume1mYD2vQuJfU2oxO7SUpwK
sXcijBByTeAGR1MCRS0WBq9mBHjxjlchPUf9fwMIgAJk8ERTljg+FaGwwCsh/PNp
8SJ9sBe5yS+WX68xyHegGa7ZCpazFCyV32URPGfW2gGwk+actJ9cdGi1pppvnL4I
eqi1fvUjRcptTB1YbOpVV+o/rcZI6Gt60xzrgKSCxe1g7KNJhFd3Tj7BNnU1pg+u
waVS3H63dFLArqFwCdh/sXN0OTew8ZIud3ie0a5Auh0N
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org