Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/3JzR1aITOM3dCb936XmVSi3JxAo.roa
File: 3JzR1aITOM3dCb936XmVSi3JxAo.roa (raw, json)
Hash identifier: MhQdG25q8BPmQCUYa59S/gwQIahkDzqcmFS8/mFJABI=
Subject key identifier: DC:9C:D1:D5:A2:13:38:CD:DD:09:BF:77:E9:79:95:4A:2D:C9:C4:0A
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0977
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/3JzR1aITOM3dCb936XmVSi3JxAo.roa
Signing time: Wed 29 Sep 2021 02:38:20 +0000
ROA not before: Wed 29 Sep 2021 02:38:20 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131590
IP address blocks: 2400:c780:fffe:1d03::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2423 (0x977)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Sep 29 02:38:20 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DC9CD1D5A21338CDDD09BF77E979954A2DC9C40A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:91:2d:fc:2b:4d:99:85:2a:15:4f:17:b8:5e:
cc:26:ce:94:ea:09:14:7c:49:ef:95:cd:9e:c6:ad:
ae:e5:c8:44:b6:b0:bd:36:d7:ec:be:fa:68:b4:49:
06:b8:ff:70:57:df:4e:63:b8:5c:41:4f:a7:8e:f9:
a0:64:23:6a:72:3a:08:0b:c3:26:aa:59:9f:e7:5f:
50:5a:eb:52:20:de:05:b2:56:ee:55:5e:5b:59:e5:
44:2f:4b:4e:6c:ce:77:90:8e:bc:57:da:03:ec:c8:
e3:8b:4b:2a:e5:27:05:dd:4e:20:58:a3:58:b5:e2:
b0:87:53:a0:f6:2f:aa:e0:9f:6d:97:7c:d6:4e:46:
49:e9:e1:69:1e:09:ad:3c:d5:b4:5c:8c:66:83:55:
37:b8:43:55:80:6f:1d:dc:65:f7:f8:e2:3a:97:05:
41:0d:4b:37:af:45:3e:57:24:6c:a3:02:cb:16:a3:
8f:7c:5e:e6:e9:dc:4f:c9:ec:83:00:02:69:0e:31:
26:b1:55:4c:5c:6a:5d:ac:e9:e5:a8:10:2a:b4:24:
57:29:b8:da:ef:19:62:e1:71:19:74:07:e4:90:5a:
35:ed:b7:42:f8:c3:e3:59:d5:72:5e:34:cd:36:d4:
96:9a:da:2f:1e:d1:3c:4c:7a:6d:26:d0:2b:3b:0e:
ee:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9C:D1:D5:A2:13:38:CD:DD:09:BF:77:E9:79:95:4A:2D:C9:C4:0A
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/3JzR1aITOM3dCb936XmVSi3JxAo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:c780:fffe:1d03::/64
Signature Algorithm: sha256WithRSAEncryption
b8:57:48:20:fb:04:e5:c3:23:e0:99:12:55:7c:51:58:c0:2f:
1f:90:c5:07:5b:0e:ca:91:ce:44:de:35:e5:1e:36:4a:4c:d1:
bb:f7:b4:a4:68:14:28:5b:01:25:e4:66:b1:82:d5:f1:ff:fd:
6f:06:f4:2d:6d:71:8a:57:09:f5:78:b3:2c:e8:5c:3f:b3:05:
25:da:b0:a1:7f:21:94:36:a9:96:c1:44:92:c6:8b:4a:cd:46:
44:93:0b:01:62:cb:c7:ac:1a:02:cd:29:97:9b:81:6c:5d:7e:
73:01:05:b9:c6:1c:50:f7:01:88:3e:57:59:ce:28:03:d9:7e:
9b:f0:87:8e:fa:c7:de:65:dc:f4:9b:1e:a0:00:70:89:45:ba:
63:48:9a:c8:a3:d8:5f:6e:ed:df:7e:0e:96:1e:df:e3:0a:5f:
01:70:89:8a:27:46:bd:a3:59:48:b8:f2:4b:c3:0a:69:7f:97:
60:2b:12:83:a1:94:67:c3:07:33:88:9f:27:1d:ed:8d:e0:df:
a2:00:39:fe:ce:05:99:be:41:bc:bb:72:d1:8b:3a:6d:20:9e:
c7:21:fe:ce:c1:57:78:55:74:84:16:66:08:bc:80:42:ae:eb:
7e:ff:62:50:ed:7f:9a:21:93:25:3f:9b:aa:1d:dc:36:83:ad:
ab:cf:67:a7
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMTA5Mjkw
MjM4MjBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERDOUNEMUQ1QTIxMzM4
Q0RERDA5QkY3N0U5Nzk5NTRBMkRDOUM0MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDekS38K02ZhSoVTxe4XswmzpTqCRR8Se+VzZ7Gra7lyES2sL02
1+y++mi0SQa4/3BX305juFxBT6eO+aBkI2pyOggLwyaqWZ/nX1Ba61Ig3gWyVu5V
XltZ5UQvS05szneQjrxX2gPsyOOLSyrlJwXdTiBYo1i14rCHU6D2L6rgn22XfNZO
Rknp4WkeCa081bRcjGaDVTe4Q1WAbx3cZff44jqXBUENSzevRT5XJGyjAssWo498
Xubp3E/J7IMAAmkOMSaxVUxcal2s6eWoECq0JFcpuNrvGWLhcRl0B+SQWjXtt0L4
w+NZ1XJeNM021Jaa2i8e0TxMem0m0Cs7Du7ZAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQU3JzR1aITOM3dCb936XmVSi3JxAowHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCLzNKelIxYUlUT00zZENiOTM2WG1WU2kz
SnhBby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAkAMeA//4d
AzANBgkqhkiG9w0BAQsFAAOCAQEAuFdIIPsE5cMj4JkSVXxRWMAvH5DFB1sOypHO
RN415R42SkzRu/e0pGgUKFsBJeRmsYLV8f/9bwb0LW1xilcJ9XizLOhcP7MFJdqw
oX8hlDaplsFEksaLSs1GRJMLAWLLx6waAs0pl5uBbF1+cwEFucYcUPcBiD5XWc4o
A9l+m/CHjvrH3mXc9JseoABwiUW6Y0iayKPYX27t334Olh7f4wpfAXCJiidGvaNZ
SLjyS8MKaX+XYCsSg6GUZ8MHM4ifJx3tjeDfogA5/s4Fmb5BvLty0Ys6bSCexyH+
zsFXeFV0hBZmCLyAQq7rfv9iUO1/miGTJT+bqh3cNoOtq89npw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org