Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/gkeFoa0IIxNzGrcaTVav3RMFD2k.roa
File: gkeFoa0IIxNzGrcaTVav3RMFD2k.roa (raw, json)
Hash identifier: vrvc+MrzyeVxIipeKvgP74Cz8oscSFojPfStheNX8jk=
Subject key identifier: 82:47:85:A1:AD:08:23:13:73:1A:B7:1A:4D:56:AF:DD:13:05:0F:69
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0784
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/gkeFoa0IIxNzGrcaTVav3RMFD2k.roa
Signing time: Tue 29 Sep 2020 10:06:57 +0000
ROA not before: Tue 29 Sep 2020 10:06:57 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131590
IP address blocks: 2400:c780:fffe:1d00::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1924 (0x784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Sep 29 10:06:57 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=824785A1AD082313731AB71A4D56AFDD13050F69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:13:be:d6:89:e1:90:89:41:b6:fb:aa:43:a5:
c5:60:10:08:d1:26:28:a6:71:1f:05:aa:17:2f:9b:
3a:7c:6f:55:05:a2:c8:68:13:8f:8e:39:00:07:b6:
67:40:88:1b:45:99:76:c7:84:19:f0:7e:fe:d4:54:
a1:dd:df:3c:6e:c6:fe:6e:56:2d:a6:c3:61:38:af:
c0:d0:be:8e:62:53:90:0c:92:9a:ec:1c:e1:00:1a:
fb:a9:19:bc:3f:10:2f:46:7f:ac:ce:22:b1:cc:f1:
da:10:1f:22:c0:9d:94:e3:1c:89:96:e1:5b:de:d6:
65:96:aa:06:e8:35:a8:a7:ed:9b:56:77:7a:09:62:
a6:0a:a9:c2:18:5d:51:d6:16:fe:56:ec:4c:3c:53:
56:33:3d:21:68:27:cc:70:9a:47:14:e1:b9:62:f8:
81:b8:8e:8e:92:9a:b3:0c:a5:c8:62:ed:5f:fa:d0:
ef:08:10:5d:23:22:91:49:ab:41:56:27:5b:1a:d3:
82:61:60:ff:f1:ff:7f:9c:18:83:9f:11:ce:4f:0f:
76:07:3d:a2:11:cf:28:45:2c:bd:af:cd:bb:67:1b:
f0:37:98:a2:64:74:e8:75:09:aa:26:58:ca:4c:1b:
a3:cc:80:d4:18:29:59:e0:e4:13:d1:77:57:35:b1:
29:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:47:85:A1:AD:08:23:13:73:1A:B7:1A:4D:56:AF:DD:13:05:0F:69
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/gkeFoa0IIxNzGrcaTVav3RMFD2k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:c780:fffe:1d00::/64
Signature Algorithm: sha256WithRSAEncryption
82:6c:5b:7d:d7:ab:fd:47:e7:2f:ca:ec:4b:f3:59:c8:18:a1:
23:6c:bb:b3:e9:16:73:40:0e:30:d0:67:9b:a3:cb:43:73:c2:
26:5d:30:fe:d9:04:1e:d9:5c:5f:45:6e:6e:66:3f:d1:79:8b:
1d:be:47:e0:89:15:1c:43:bf:7f:25:53:d9:42:39:05:e1:8a:
0f:39:3a:44:fd:f2:c8:d4:b3:39:6d:79:7c:9a:56:45:1d:44:
cc:20:6c:77:68:a4:33:2d:8b:97:51:8e:58:9c:ed:02:53:3f:
e5:5f:c5:1a:ac:aa:a5:d6:99:a8:29:35:f8:52:22:57:e8:2c:
4d:87:3d:d6:05:51:29:e8:fb:25:5a:5a:da:0e:54:af:df:31:
8d:7f:00:4b:80:ee:44:8f:6a:91:85:ee:02:6b:a0:91:6b:d9:
45:c2:0c:34:76:55:70:ad:07:28:37:f3:2e:d0:5f:f6:dc:67:
d7:9a:64:d7:aa:1d:1e:3e:ee:20:2f:3e:79:e6:59:12:cb:fc:
af:6a:20:18:40:99:97:70:85:01:bd:bc:15:4f:89:16:10:e7:
03:75:25:ab:f8:82:3a:71:42:12:14:19:b3:99:60:6a:d9:bb:
af:00:59:25:0d:87:e3:6e:b5:94:ba:a3:74:2e:f5:01:13:32:
1f:32:b4:e8
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICB4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMDA5Mjkx
MDA2NTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDgyNDc4NUExQUQwODIz
MTM3MzFBQjcxQTRENTZBRkREMTMwNTBGNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZE77WieGQiUG2+6pDpcVgEAjRJiimcR8Fqhcvmzp8b1UFosho
E4+OOQAHtmdAiBtFmXbHhBnwfv7UVKHd3zxuxv5uVi2mw2E4r8DQvo5iU5AMkprs
HOEAGvupGbw/EC9Gf6zOIrHM8doQHyLAnZTjHImW4Vve1mWWqgboNain7ZtWd3oJ
YqYKqcIYXVHWFv5W7Ew8U1YzPSFoJ8xwmkcU4bli+IG4jo6SmrMMpchi7V/60O8I
EF0jIpFJq0FWJ1sa04JhYP/x/3+cGIOfEc5PD3YHPaIRzyhFLL2vzbtnG/A3mKJk
dOh1CaomWMpMG6PMgNQYKVng5BPRd1c1sSkFAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUgkeFoa0IIxNzGrcaTVav3RMFD2kwHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL2drZUZvYTBJSXhOekdyY2FUVmF2M1JN
RkQyay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAkAMeA//4d
ADANBgkqhkiG9w0BAQsFAAOCAQEAgmxbfder/UfnL8rsS/NZyBihI2y7s+kWc0AO
MNBnm6PLQ3PCJl0w/tkEHtlcX0VubmY/0XmLHb5H4IkVHEO/fyVT2UI5BeGKDzk6
RP3yyNSzOW15fJpWRR1EzCBsd2ikMy2Ll1GOWJztAlM/5V/FGqyqpdaZqCk1+FIi
V+gsTYc91gVRKej7JVpa2g5Ur98xjX8AS4DuRI9qkYXuAmugkWvZRcIMNHZVcK0H
KDfzLtBf9txn15pk16odHj7uIC8+eeZZEsv8r2ogGECZl3CFAb28FU+JFhDnA3Ul
q/iCOnFCEhQZs5lgatm7rwBZJQ2H4261lLqjdC71ARMyHzK06A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:06 2023 by rpki-client on console-ams.rpki-client.org