Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/H2WcQu_nE8d6oWH8Kvnouv8Y_LQ.roa
File: H2WcQu_nE8d6oWH8Kvnouv8Y_LQ.roa (raw, json)
Hash identifier: OortNVQsES8Ot/GxH8GZLteLxz8PTYehmBIApmD1/O4=
Subject key identifier: 1F:65:9C:42:EF:E7:13:C7:7A:A1:61:FC:2A:F9:E8:BA:FF:18:FC:B4
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0780
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/H2WcQu_nE8d6oWH8Kvnouv8Y_LQ.roa
Signing time: Tue 29 Sep 2020 10:06:56 +0000
ROA not before: Tue 29 Sep 2020 10:06:56 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131590
IP address blocks: 2400:c780:fffe:1d03::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1920 (0x780)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Sep 29 10:06:56 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1F659C42EFE713C77AA161FC2AF9E8BAFF18FCB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:39:e4:32:ce:7f:a1:99:8c:01:7e:6c:3c:69:
20:3e:c7:28:0a:bc:3c:9b:71:f7:e0:0d:b2:1c:e6:
c8:89:e0:74:d4:86:38:48:24:97:a4:c1:75:8a:a6:
a0:33:e9:e8:c7:c6:41:70:01:ef:9b:b7:a3:31:1f:
7c:b7:5f:9c:e7:37:6e:07:3e:c4:d9:7a:8f:cc:41:
06:ae:2d:7a:d0:0d:c1:51:b5:17:1a:b7:cb:35:09:
49:48:10:dd:0c:21:21:90:33:df:1d:85:2d:98:5f:
f7:b1:65:3e:ca:1e:8e:1b:7a:04:fa:07:e7:47:10:
fc:e2:8a:05:50:bd:60:f5:fb:4d:bb:c4:ad:2d:91:
62:b5:1d:a0:f4:13:80:6a:0e:8a:93:8a:80:70:29:
63:96:0c:4c:d6:da:8e:23:96:d0:89:fc:d2:50:5a:
63:3a:47:fd:a1:90:40:54:f4:8e:36:e9:ef:dc:88:
3d:3f:57:42:4d:88:eb:b3:0f:60:f0:f4:63:87:0b:
e6:4f:32:60:dc:4a:da:9f:14:4f:ea:c9:46:a0:2b:
0c:d4:65:c2:68:91:d8:8a:95:87:c7:07:0b:d7:4d:
43:35:93:dc:77:91:50:c8:ea:bb:b1:65:17:b2:d1:
e5:83:88:d8:46:34:ff:c5:5b:63:69:1d:29:ba:49:
67:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:65:9C:42:EF:E7:13:C7:7A:A1:61:FC:2A:F9:E8:BA:FF:18:FC:B4
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/H2WcQu_nE8d6oWH8Kvnouv8Y_LQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:c780:fffe:1d03::/64
Signature Algorithm: sha256WithRSAEncryption
aa:fd:75:b8:e4:91:8a:c0:76:6a:54:81:9a:37:24:f6:50:7c:
64:b0:89:9e:43:a4:ce:5a:4f:df:1b:b4:34:f9:e6:90:98:8c:
ba:ef:58:55:0a:84:e7:46:75:4a:f4:f8:bd:37:3e:11:30:ae:
16:b7:cb:2c:22:3d:4d:b0:82:65:77:a5:32:e7:75:ea:62:79:
b1:18:b0:35:e5:f7:01:85:cf:4c:d9:a0:8d:c9:ad:1f:04:2a:
21:3c:72:e8:df:20:04:9a:71:e2:c2:16:75:f9:24:fc:4b:a1:
47:08:82:ec:d5:82:4f:f5:6a:49:ac:2d:0a:2e:69:03:5c:92:
46:b8:6c:f6:9b:b5:a4:5a:05:40:e6:e8:8e:c2:50:4a:b9:a4:
58:66:f2:66:30:6c:5d:53:a1:96:d8:08:52:0d:f3:65:cd:14:
2d:a4:31:34:54:ac:44:5f:c8:57:5d:a0:9b:01:14:5f:e7:d7:
41:16:be:9f:44:81:27:72:be:a5:1e:19:df:71:58:42:9e:4f:
d5:e7:fd:b7:6d:71:4d:79:88:28:77:2b:8b:c0:78:e8:5e:29:
29:ba:75:83:f9:c4:9d:3e:4b:c6:1d:f0:8a:48:56:aa:7d:85:
73:c2:c3:a3:40:b9:ef:1d:ac:b0:11:1d:ec:7c:e1:fe:74:d1:
56:c7:19:c9
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICB4AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMDA5Mjkx
MDA2NTZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFGNjU5QzQyRUZFNzEz
Qzc3QUExNjFGQzJBRjlFOEJBRkYxOEZDQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1OeQyzn+hmYwBfmw8aSA+xygKvDybcffgDbIc5siJ4HTUhjhI
JJekwXWKpqAz6ejHxkFwAe+bt6MxH3y3X5znN24HPsTZeo/MQQauLXrQDcFRtRca
t8s1CUlIEN0MISGQM98dhS2YX/exZT7KHo4begT6B+dHEPziigVQvWD1+027xK0t
kWK1HaD0E4BqDoqTioBwKWOWDEzW2o4jltCJ/NJQWmM6R/2hkEBU9I426e/ciD0/
V0JNiOuzD2Dw9GOHC+ZPMmDcStqfFE/qyUagKwzUZcJokdiKlYfHBwvXTUM1k9x3
kVDI6ruxZRey0eWDiNhGNP/FW2NpHSm6SWf/AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUH2WcQu/nE8d6oWH8Kvnouv8Y/LQwHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL0gyV2NRdV9uRThkNm9XSDhLdm5vdXY4
WV9MUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAkAMeA//4d
AzANBgkqhkiG9w0BAQsFAAOCAQEAqv11uOSRisB2alSBmjck9lB8ZLCJnkOkzlpP
3xu0NPnmkJiMuu9YVQqE50Z1SvT4vTc+ETCuFrfLLCI9TbCCZXelMud16mJ5sRiw
NeX3AYXPTNmgjcmtHwQqITxy6N8gBJpx4sIWdfkk/EuhRwiC7NWCT/VqSawtCi5p
A1ySRrhs9pu1pFoFQObojsJQSrmkWGbyZjBsXVOhltgIUg3zZc0ULaQxNFSsRF/I
V12gmwEUX+fXQRa+n0SBJ3K+pR4Z33FYQp5P1ef9t21xTXmIKHcri8B46F4pKbp1
g/nEnT5Lxh3wikhWqn2Fc8LDo0C57x2ssBEd7Hzh/nTRVscZyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org