Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/4u-8ykdEkZmIxc8G6XB3HRobydM.roa
File: 4u-8ykdEkZmIxc8G6XB3HRobydM.roa (raw, json)
Hash identifier: 8uJ2Ff/R1GamklhygcNmDz6nh89jaqqqh4b8f+jUMOQ=
Subject key identifier: E2:EF:BC:CA:47:44:91:99:88:C5:CF:06:E9:70:77:1D:1A:1B:C9:D3
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0A61
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/4u-8ykdEkZmIxc8G6XB3HRobydM.roa
Signing time: Thu 15 Sep 2022 02:38:34 +0000
ROA not before: Thu 15 Sep 2022 02:38:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131590
IP address blocks: 2400:c780:fffe:1d00::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2657 (0xa61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Sep 15 02:38:34 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E2EFBCCA4744919988C5CF06E970771D1A1BC9D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c3:97:c3:43:1c:9e:c0:c1:6f:56:79:ae:27:
07:97:6b:44:38:14:eb:8d:fa:f7:f1:99:5e:82:87:
3f:f8:eb:2c:79:56:8a:50:72:03:23:1e:e3:91:a7:
2c:b0:d7:1a:7b:d2:d5:f8:13:f3:a6:2f:78:c5:45:
94:38:7a:fc:19:f2:7c:88:35:20:cb:3c:6e:ec:e4:
99:db:99:79:e1:9a:c7:da:c6:e4:3e:43:0c:b5:ab:
9b:c5:bd:b4:1f:d3:fd:08:92:d5:57:4f:13:99:e0:
5e:aa:65:b4:2d:3e:c8:e9:86:54:f9:0f:0f:99:6e:
16:57:0c:54:5b:b7:b0:25:29:7a:b1:1c:c6:20:be:
d8:65:9e:ac:cf:c6:79:05:1b:18:2d:5b:3d:29:60:
af:b5:00:67:9b:69:e3:44:c6:f9:c3:24:a0:f4:9c:
36:09:aa:cf:cc:1f:4e:b8:ed:3d:53:8c:a3:3e:e4:
9a:aa:d0:9e:0c:e1:82:78:b4:40:96:96:8c:af:e0:
b8:3c:81:2f:3d:72:d5:8d:52:29:89:41:dd:98:ef:
9f:42:01:b5:df:5f:cd:17:f1:57:d3:c5:96:9f:2c:
e9:00:56:54:c8:6e:b7:c6:04:43:87:17:b8:0d:62:
26:25:7b:8d:8f:4d:27:1a:2e:a0:cd:2a:09:95:6e:
44:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EF:BC:CA:47:44:91:99:88:C5:CF:06:E9:70:77:1D:1A:1B:C9:D3
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/4u-8ykdEkZmIxc8G6XB3HRobydM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:c780:fffe:1d00::/64
Signature Algorithm: sha256WithRSAEncryption
6f:76:68:da:c4:f0:25:41:96:b6:e0:7e:19:1c:19:d9:09:e1:
9f:58:fb:67:8b:d9:82:67:0d:42:44:d4:41:c9:37:05:91:50:
e0:08:8f:d0:1f:59:c7:49:89:e1:19:90:9e:6a:09:ac:53:63:
11:74:17:b9:b9:44:66:8a:c7:da:90:7b:f7:0a:c7:40:aa:36:
b7:aa:ac:4c:26:b6:64:56:96:b7:69:90:c9:1c:87:2e:03:88:
03:22:10:f9:f8:24:d1:1d:36:a1:b5:08:dd:eb:a5:70:a0:1f:
f0:98:11:ca:d5:26:d4:77:b4:31:03:57:d1:c7:32:4a:e3:10:
2d:9d:80:96:d9:33:84:73:5e:ff:59:b9:36:e9:4d:1b:0b:20:
6e:f6:7c:31:9e:16:d4:47:99:5a:d9:b7:4f:9c:f3:64:a4:3d:
fd:a5:10:62:9a:38:ea:8a:57:ca:3f:f4:ce:6c:40:aa:84:2f:
9d:a0:64:ad:d8:d3:e5:f7:33:5a:0e:c0:fd:4e:a5:64:bd:cc:
c9:d6:08:3d:68:88:66:02:e1:ba:7d:a3:32:cb:a1:6e:d0:8d:
65:9b:df:45:ec:c8:28:d6:90:0f:3f:2e:18:6b:a6:77:e7:ec:
67:7d:41:62:76:16:69:2e:5f:bc:0b:9e:4b:32:6d:e9:92:a7:
02:7a:82:d1
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMjA5MTUw
MjM4MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUyRUZCQ0NBNDc0NDkx
OTk4OEM1Q0YwNkU5NzA3NzFEMUExQkM5RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQw5fDQxyewMFvVnmuJweXa0Q4FOuN+vfxmV6Chz/46yx5VopQ
cgMjHuORpyyw1xp70tX4E/OmL3jFRZQ4evwZ8nyINSDLPG7s5JnbmXnhmsfaxuQ+
Qwy1q5vFvbQf0/0IktVXTxOZ4F6qZbQtPsjphlT5Dw+ZbhZXDFRbt7AlKXqxHMYg
vthlnqzPxnkFGxgtWz0pYK+1AGebaeNExvnDJKD0nDYJqs/MH0647T1TjKM+5Jqq
0J4M4YJ4tECWloyv4Lg8gS89ctWNUimJQd2Y759CAbXfX80X8VfTxZafLOkAVlTI
brfGBEOHF7gNYiYle42PTScaLqDNKgmVbkS3AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQU4u+8ykdEkZmIxc8G6XB3HRobydMwHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCLzR1LTh5a2RFa1ptSXhjOEc2WEIzSFJv
YnlkTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAkAMeA//4d
ADANBgkqhkiG9w0BAQsFAAOCAQEAb3Zo2sTwJUGWtuB+GRwZ2Qnhn1j7Z4vZgmcN
QkTUQck3BZFQ4AiP0B9Zx0mJ4RmQnmoJrFNjEXQXublEZorH2pB79wrHQKo2t6qs
TCa2ZFaWt2mQyRyHLgOIAyIQ+fgk0R02obUI3eulcKAf8JgRytUm1He0MQNX0ccy
SuMQLZ2AltkzhHNe/1m5NulNGwsgbvZ8MZ4W1EeZWtm3T5zzZKQ9/aUQYpo46opX
yj/0zmxAqoQvnaBkrdjT5fczWg7A/U6lZL3MydYIPWiIZgLhun2jMsuhbtCNZZvf
RezIKNaQDz8uGGumd+fsZ31BYnYWaS5fvAueSzJt6ZKnAnqC0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org