Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/hJitPQQuodEyes-_eqrqRXXKjZ0.roa
File: hJitPQQuodEyes-_eqrqRXXKjZ0.roa (raw, json)
Hash identifier: +/Q9Oes3dSftlaMGO+wadu/uM7p8jU+IWrxoYePW4lA=
Subject key identifier: 84:98:AD:3D:04:2E:A1:D1:32:7A:CF:BF:7A:AA:EA:45:75:CA:8D:9D
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0974
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/hJitPQQuodEyes-_eqrqRXXKjZ0.roa
Signing time: Wed 29 Sep 2021 02:38:19 +0000
ROA not before: Wed 29 Sep 2021 02:38:19 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131590
IP address blocks: 2400:c780:fffe:1d64::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2420 (0x974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Sep 29 02:38:19 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=8498AD3D042EA1D1327ACFBF7AAAEA4575CA8D9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4c:e4:6b:f4:d5:2c:59:d6:48:6e:91:2a:2b:
52:eb:55:b6:37:7d:49:37:70:fd:d6:3f:70:59:36:
dd:7b:71:3a:79:6c:84:8b:dd:43:73:e9:1f:1a:ad:
55:19:ba:f2:f4:c2:bc:28:96:74:99:a0:50:69:cb:
9c:61:1b:e4:90:6d:e2:70:bc:ae:01:e9:74:0c:ad:
4e:20:df:b6:76:6c:d6:d1:c4:ba:92:5c:5b:a8:58:
b6:07:41:03:7b:2b:b2:12:19:db:a8:73:01:48:0a:
5c:25:3f:f5:71:2c:80:00:0f:44:41:f8:27:b2:d9:
6b:37:27:ff:de:9a:c2:0b:dc:b2:a3:b0:4b:65:ce:
69:88:05:da:ca:17:1c:f1:8f:cc:ef:f8:e9:5c:ec:
47:5f:21:63:45:69:f0:3e:7f:4b:ac:3e:f9:02:22:
d6:06:14:5f:02:9f:d6:d0:39:54:91:e1:0c:75:1f:
52:36:61:d1:06:2e:04:c1:ef:33:fb:77:cc:37:8a:
6d:22:14:51:26:38:4b:e9:80:be:8b:3f:b5:f6:8b:
f0:19:77:81:93:1b:5e:ae:b2:56:eb:f2:25:bc:b8:
84:94:f5:b3:f0:3d:37:ef:1a:4a:cb:95:67:9a:3a:
2e:36:b9:0c:15:a6:8a:c4:87:08:d7:12:ee:6c:b9:
fa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:98:AD:3D:04:2E:A1:D1:32:7A:CF:BF:7A:AA:EA:45:75:CA:8D:9D
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/hJitPQQuodEyes-_eqrqRXXKjZ0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:c780:fffe:1d64::/64
Signature Algorithm: sha256WithRSAEncryption
bf:ad:5a:ee:26:95:15:93:04:20:c2:30:25:fb:44:80:60:a0:
ba:e6:ce:2e:18:a5:ca:96:f5:d0:ac:ce:ed:dd:86:2c:52:0d:
10:7b:e2:cd:17:45:5a:a8:16:d0:ff:e2:35:0b:64:bf:aa:6f:
c6:09:b9:73:1e:d8:74:af:ee:3e:be:2e:7b:c1:77:be:b5:56:
61:39:23:ac:a9:b7:b5:56:eb:4e:72:d9:27:26:14:e4:9c:af:
71:f0:80:9d:97:01:3b:ae:0c:64:15:ec:84:11:f7:74:80:d9:
89:06:c1:84:34:31:8e:59:8a:6d:09:40:88:11:30:89:dc:bb:
8b:e0:b9:c6:1a:b7:05:13:56:7c:28:bf:0b:00:47:cb:97:37:
fe:1b:9e:50:85:ca:ea:aa:58:c5:55:df:58:ba:53:30:fa:55:
e2:da:36:f2:5c:16:65:ca:36:dd:20:64:d5:28:e7:22:02:61:
23:5f:88:a9:2b:81:0f:a0:09:c2:57:18:25:b5:52:f3:f3:c9:
73:20:ff:3c:83:90:a3:44:d8:76:64:6a:a0:22:fb:84:df:2e:
8a:e0:53:11:7c:08:57:0a:f9:a3:26:47:9a:34:f0:f8:29:46:
ba:b8:fc:d6:b0:86:4b:ae:29:e6:41:9f:46:9d:97:4a:ca:fd:
62:42:50:0b
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMTA5Mjkw
MjM4MTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg0OThBRDNEMDQyRUEx
RDEzMjdBQ0ZCRjdBQUFFQTQ1NzVDQThEOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeTORr9NUsWdZIbpEqK1LrVbY3fUk3cP3WP3BZNt17cTp5bISL
3UNz6R8arVUZuvL0wrwolnSZoFBpy5xhG+SQbeJwvK4B6XQMrU4g37Z2bNbRxLqS
XFuoWLYHQQN7K7ISGduocwFIClwlP/VxLIAAD0RB+Cey2Ws3J//emsIL3LKjsEtl
zmmIBdrKFxzxj8zv+Olc7EdfIWNFafA+f0usPvkCItYGFF8Cn9bQOVSR4Qx1H1I2
YdEGLgTB7zP7d8w3im0iFFEmOEvpgL6LP7X2i/AZd4GTG16uslbr8iW8uISU9bPw
PTfvGkrLlWeaOi42uQwVporEhwjXEu5sufqlAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUhJitPQQuodEyes+/eqrqRXXKjZ0wHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL2hKaXRQUVF1b2RFeWVzLV9lcXJxUlhY
S2paMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAkAMeA//4d
ZDANBgkqhkiG9w0BAQsFAAOCAQEAv61a7iaVFZMEIMIwJftEgGCguubOLhilypb1
0KzO7d2GLFINEHvizRdFWqgW0P/iNQtkv6pvxgm5cx7YdK/uPr4ue8F3vrVWYTkj
rKm3tVbrTnLZJyYU5JyvcfCAnZcBO64MZBXshBH3dIDZiQbBhDQxjlmKbQlAiBEw
idy7i+C5xhq3BRNWfCi/CwBHy5c3/hueUIXK6qpYxVXfWLpTMPpV4to28lwWZco2
3SBk1SjnIgJhI1+IqSuBD6AJwlcYJbVS8/PJcyD/PIOQo0TYdmRqoCL7hN8uiuBT
EXwIVwr5oyZHmjTw+ClGurj81rCGS64p5kGfRp2XSsr9YkJQCw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:06 2023 by rpki-client on console-ams.rpki-client.org