Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SGU/rfWagV2fhg7U4iOLMy_WnZis5TE.roa
File: rfWagV2fhg7U4iOLMy_WnZis5TE.roa (raw, json)
Hash identifier: lL3OV2cQoTasTwhs1IPkUm8+mas/oUIGJnGnZkyjdtA=
Subject key identifier: AD:F5:9A:81:5D:9F:86:0E:D4:E2:23:8B:33:2F:D6:9D:98:AC:E5:31
Certificate issuer: /CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Certificate serial: 0112
Authority key identifier: 32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/rfWagV2fhg7U4iOLMy_WnZis5TE.roa
Signing time: Sun 02 Jul 2023 15:49:02 +0000
ROA not before: Sun 02 Jul 2023 15:49:02 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 134823
IP address blocks: 2400:7420::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274 (0x112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Validity
Not Before: Jul 2 15:49:02 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=ADF59A815D9F860ED4E2238B332FD69D98ACE531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5d:f2:7e:20:2b:69:b3:d7:69:a8:35:54:6b:
c7:f8:5a:b2:d4:6a:df:93:5a:2a:01:2a:5a:ca:09:
49:08:4b:31:7b:f5:b9:a3:f1:9d:f7:7f:e4:a3:9c:
a1:13:b2:8f:66:61:7a:8a:4a:5d:1a:fe:c1:7f:0f:
05:fb:32:75:6e:dc:a1:45:28:65:b7:ac:33:85:8f:
3a:a6:6d:60:17:f6:e2:45:5d:cc:c9:5d:87:97:63:
49:bf:b1:fd:a2:bc:58:3b:93:dc:4f:61:5e:66:fd:
44:e2:0f:bb:c5:ae:bd:d5:4f:2f:f1:1d:1d:32:4d:
19:1f:0f:20:5b:90:98:b6:0c:d0:c6:e5:52:ff:25:
37:bc:ce:70:bd:01:83:ae:ef:39:55:48:b6:4b:6c:
90:77:23:17:12:b6:92:ad:e6:52:5b:95:29:ec:19:
58:e7:db:f1:b4:72:18:84:4a:ab:ce:c3:89:8e:ce:
ea:7c:24:f2:da:d8:65:b4:e2:2a:50:51:9d:f1:4b:
ee:ec:26:d6:6c:c0:c0:70:47:b9:94:92:81:a9:e9:
5c:2c:2f:92:54:cc:b0:07:34:8a:a6:3d:e7:f2:d3:
25:f1:de:b2:1d:05:39:b5:f6:9d:db:37:3e:a3:f3:
e8:e7:32:04:52:05:df:70:99:03:60:c8:cf:9f:3e:
0e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F5:9A:81:5D:9F:86:0E:D4:E2:23:8B:33:2F:D6:9D:98:AC:E5:31
X509v3 Authority Key Identifier:
keyid:32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/MpTnGQKkpcMbmHvWfQlK9YMKgW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/rfWagV2fhg7U4iOLMy_WnZis5TE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:7420::/32
Signature Algorithm: sha256WithRSAEncryption
85:54:f9:b1:66:bd:ff:0d:2e:7e:ca:e8:40:e1:91:33:0b:9e:
ff:62:c6:19:65:ba:ff:71:ed:62:8b:0c:bb:dc:62:a7:f3:76:
99:75:2d:95:14:08:e7:72:07:0f:9f:15:c6:fd:78:a6:bb:88:
c5:a5:8d:e9:08:81:51:ec:a0:24:35:dc:79:31:e7:78:96:fe:
c4:01:b1:f5:f6:91:83:04:b7:07:26:1d:df:4f:fc:f7:69:1b:
d7:90:c3:1a:6a:9e:37:f5:62:37:fa:0f:9d:d0:83:51:3a:08:
8e:20:30:79:f2:8e:91:38:26:a3:3f:df:cd:c7:4e:19:9a:8a:
4f:a3:ad:46:04:09:0f:d5:51:19:44:32:8d:c2:0b:50:d6:91:
66:e0:86:58:11:69:2f:5a:c5:f9:9a:5b:a4:6b:33:ad:30:51:
7b:97:f9:17:48:44:02:dc:f5:7a:74:73:ba:bc:0b:b6:8a:8f:
6b:99:fd:d6:19:2e:d4:36:a9:ea:04:c0:5f:c7:86:43:ce:74:
46:32:77:fc:53:18:71:8d:91:d5:af:7c:e8:b5:c3:da:d5:d3:
4f:95:f5:e8:56:59:af:59:d0:28:e0:f3:05:c3:89:ab:98:1b:
53:93:9c:3b:b6:7e:69:6c:f7:49:12:34:72:49:e4:1d:94:d2:
9d:f5:5c:1f
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICARIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzI5
NEU3MTkwMkE0QTVDMzFCOTg3QkQ2N0QwOTRBRjU4MzBBODE2RDAeFw0yMzA3MDIx
NTQ5MDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFERjU5QTgxNUQ5Rjg2
MEVENEUyMjM4QjMzMkZENjlEOThBQ0U1MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqXfJ+ICtps9dpqDVUa8f4WrLUat+TWioBKlrKCUkISzF79bmj
8Z33f+SjnKETso9mYXqKSl0a/sF/DwX7MnVu3KFFKGW3rDOFjzqmbWAX9uJFXczJ
XYeXY0m/sf2ivFg7k9xPYV5m/UTiD7vFrr3VTy/xHR0yTRkfDyBbkJi2DNDG5VL/
JTe8znC9AYOu7zlVSLZLbJB3IxcStpKt5lJblSnsGVjn2/G0chiESqvOw4mOzup8
JPLa2GW04ipQUZ3xS+7sJtZswMBwR7mUkoGp6VwsL5JUzLAHNIqmPefy0yXx3rId
BTm19p3bNz6j8+jnMgRSBd9wmQNgyM+fPg6PAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUrfWagV2fhg7U4iOLMy/WnZis5TEwHwYDVR0jBBgwFoAUMpTnGQKkpcMbmHvW
fQlK9YMKgW0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL01w
VG5HUUtrcGNNYm1IdldmUWxLOVlNS2dXMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TXBUbkdRS2twY01ibUh2V2ZRbEs5WU1LZ1cwLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL3JmV2FnVjJmaGc3VTRpT0xNeV9Xblpp
czVURS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAHQgMA0G
CSqGSIb3DQEBCwUAA4IBAQCFVPmxZr3/DS5+yuhA4ZEzC57/YsYZZbr/ce1iiwy7
3GKn83aZdS2VFAjncgcPnxXG/Ximu4jFpY3pCIFR7KAkNdx5Med4lv7EAbH19pGD
BLcHJh3fT/z3aRvXkMMaap439WI3+g+d0INROgiOIDB58o6ROCajP9/Nx04ZmopP
o61GBAkP1VEZRDKNwgtQ1pFm4IZYEWkvWsX5mlukazOtMFF7l/kXSEQC3PV6dHO6
vAu2io9rmf3WGS7UNqnqBMBfx4ZDznRGMnf8UxhxjZHVr3zotcPa1dNPlfXoVlmv
WdAo4PMFw4mrmBtTk5w7tn5pbPdJEjRySeQdlNKd9Vwf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org