Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SGU/rJXTeBjY3lfV8YzHf5EWfNvfohw.roa
File: rJXTeBjY3lfV8YzHf5EWfNvfohw.roa (raw, json)
Hash identifier: 6JCyBUnuVs42qmI8tXIAsh26lP3Isdgsu9ZSMSl9K5Q=
Subject key identifier: AC:95:D3:78:18:D8:DE:57:D5:F1:8C:C7:7F:91:16:7C:DB:DF:A2:1C
Certificate issuer: /CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Certificate serial: 9E
Authority key identifier: 32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/rJXTeBjY3lfV8YzHf5EWfNvfohw.roa
Signing time: Sun 15 Jan 2023 03:27:41 +0000
ROA not before: Sun 15 Jan 2023 03:27:41 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 63908
IP address blocks: 2400:7420::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158 (0x9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Validity
Not Before: Jan 15 03:27:41 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=AC95D37818D8DE57D5F18CC77F91167CDBDFA21C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ab:97:ec:4b:17:35:1b:b4:1a:26:22:6d:44:
41:6e:15:eb:be:25:3a:1f:8b:62:df:6a:63:9f:9d:
e6:8c:73:0c:ce:04:43:83:86:02:ce:c3:92:5b:94:
b1:d0:62:5d:14:d5:bd:c8:11:99:ea:fc:91:68:22:
c6:6b:0f:c0:a7:d0:ea:0f:19:15:6e:e9:33:00:bf:
94:97:32:3c:33:bf:96:6c:1a:ba:34:83:1c:53:c2:
9f:46:ed:88:3d:2e:ab:63:76:96:6a:6c:9c:9b:6a:
83:fb:d1:c5:ef:7f:ad:de:c7:ce:7e:0e:fa:fe:38:
73:6d:51:cb:b0:b4:a9:e8:72:b7:be:3b:19:b0:87:
2c:7a:39:a9:b9:f4:95:9a:e3:0c:0a:c9:64:45:3c:
23:29:99:f7:a9:e8:9d:1a:6d:03:13:09:88:32:06:
c1:ed:dd:64:71:19:de:25:84:76:be:d5:67:a4:11:
b4:fe:74:1a:47:39:7f:fb:a7:89:13:8f:fd:ac:1d:
54:72:41:fb:df:cb:0c:0a:7e:a7:7e:86:a8:55:38:
97:2c:10:9b:32:48:32:79:78:f9:c0:2c:05:91:59:
94:12:83:ff:ef:98:63:3e:ab:de:da:c9:27:23:83:
d1:70:0d:30:53:4e:bf:8d:e0:d8:ff:b0:8a:91:39:
72:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:95:D3:78:18:D8:DE:57:D5:F1:8C:C7:7F:91:16:7C:DB:DF:A2:1C
X509v3 Authority Key Identifier:
keyid:32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/MpTnGQKkpcMbmHvWfQlK9YMKgW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/rJXTeBjY3lfV8YzHf5EWfNvfohw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:7420::/32
Signature Algorithm: sha256WithRSAEncryption
9c:a9:92:4d:d2:94:b5:be:45:ed:34:e4:8d:96:df:76:93:8e:
5f:e7:84:df:45:ab:52:26:01:75:5a:a0:92:67:58:60:f8:e5:
cc:49:e0:1b:7c:3b:f3:84:81:35:42:63:86:b4:c8:40:2c:5b:
8e:f6:42:62:c0:ee:c4:2e:14:70:f8:3d:7a:d9:3b:93:cd:fc:
19:5e:a2:31:e8:fa:f1:98:eb:8e:d2:2b:3d:93:d8:3d:59:8a:
87:40:28:6e:ad:70:84:ca:a9:66:06:89:f1:be:49:9c:2d:d7:
89:60:0f:9a:59:2f:44:25:96:40:e3:26:ca:e0:09:16:b3:db:
37:04:a3:2a:cc:c1:fa:38:d6:ff:d2:26:1f:31:ad:0a:15:6d:
c0:24:9f:93:00:3c:b8:5c:56:12:95:f6:ce:cf:f3:8c:d0:4d:
12:2b:c8:57:9f:77:5e:6f:d5:c5:12:89:88:ea:42:b6:0f:3d:
fa:53:6c:c1:d5:a6:b5:30:95:33:85:17:be:b2:90:68:52:61:
99:2b:24:fe:3b:cd:55:ca:30:25:27:cd:d5:ab:01:da:93:5c:
a8:a9:f0:42:1a:32:26:9d:5b:d3:08:bb:6d:ba:f3:81:06:6a:
87:d5:2a:3f:ac:1f:30:4e:96:0d:86:a8:3b:46:a1:86:63:70:
3b:f5:6a:c6
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzI5
NEU3MTkwMkE0QTVDMzFCOTg3QkQ2N0QwOTRBRjU4MzBBODE2RDAeFw0yMzAxMTUw
MzI3NDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFDOTVEMzc4MThEOERF
NTdENUYxOENDNzdGOTExNjdDREJERkEyMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeq5fsSxc1G7QaJiJtREFuFeu+JTofi2LfamOfneaMcwzOBEOD
hgLOw5JblLHQYl0U1b3IEZnq/JFoIsZrD8Cn0OoPGRVu6TMAv5SXMjwzv5ZsGro0
gxxTwp9G7Yg9LqtjdpZqbJybaoP70cXvf63ex85+Dvr+OHNtUcuwtKnocre+Oxmw
hyx6Oam59JWa4wwKyWRFPCMpmfep6J0abQMTCYgyBsHt3WRxGd4lhHa+1WekEbT+
dBpHOX/7p4kTj/2sHVRyQfvfywwKfqd+hqhVOJcsEJsySDJ5ePnALAWRWZQSg//v
mGM+q97ayScjg9FwDTBTTr+N4Nj/sIqROXKPAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUrJXTeBjY3lfV8YzHf5EWfNvfohwwHwYDVR0jBBgwFoAUMpTnGQKkpcMbmHvW
fQlK9YMKgW0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL01w
VG5HUUtrcGNNYm1IdldmUWxLOVlNS2dXMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TXBUbkdRS2twY01ibUh2V2ZRbEs5WU1LZ1cwLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL3JKWFRlQmpZM2xmVjhZekhmNUVXZk52
Zm9ody5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAHQgMA0G
CSqGSIb3DQEBCwUAA4IBAQCcqZJN0pS1vkXtNOSNlt92k45f54TfRatSJgF1WqCS
Z1hg+OXMSeAbfDvzhIE1QmOGtMhALFuO9kJiwO7ELhRw+D162TuTzfwZXqIx6Prx
mOuO0is9k9g9WYqHQChurXCEyqlmBonxvkmcLdeJYA+aWS9EJZZA4ybK4AkWs9s3
BKMqzMH6ONb/0iYfMa0KFW3AJJ+TADy4XFYSlfbOz/OM0E0SK8hXn3deb9XFEomI
6kK2Dz36U2zB1aa1MJUzhRe+spBoUmGZKyT+O81VyjAlJ83VqwHak1yoqfBCGjIm
nVvTCLttuvOBBmqH1So/rB8wTpYNhqg7RqGGY3A79WrG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org