Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/oN00H6IEnkDlK0l69iXiqNd44uM.roa
File: oN00H6IEnkDlK0l69iXiqNd44uM.roa (raw, json)
Hash identifier: twLEOByrG5jpTaEnaYxJ3odwCPM2CFBBydQqnTJ7MnI=
Subject key identifier: A0:DD:34:1F:A2:04:9E:40:E5:2B:49:7A:F6:25:E2:A8:D7:78:E2:E3
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0976
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/oN00H6IEnkDlK0l69iXiqNd44uM.roa
Signing time: Wed 29 Sep 2021 02:38:20 +0000
ROA not before: Wed 29 Sep 2021 02:38:20 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131590
IP address blocks: 2400:c780:fffe:1d67::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2422 (0x976)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Sep 29 02:38:20 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A0DD341FA2049E40E52B497AF625E2A8D778E2E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:cc:89:d2:ef:e7:e0:a0:b3:84:88:9f:3f:5d:
e6:4f:4b:20:af:2b:26:67:45:47:6c:88:d2:c3:cc:
95:ce:41:b6:de:d6:90:cb:a1:54:7b:56:bb:f9:8a:
4e:91:d2:ee:a1:6b:2f:26:f0:a8:8d:e7:5f:4f:30:
8b:e7:54:fb:d0:57:54:41:94:f6:c9:ad:fb:31:3f:
dd:fb:54:ae:de:8a:53:e3:c5:d9:ba:29:b7:46:81:
ee:da:52:9f:12:ad:c6:4e:e4:ae:1a:8b:0b:bb:56:
96:54:b8:e8:6c:28:41:c3:52:1d:43:db:70:1e:ef:
1f:75:1b:75:1d:fc:a5:04:1d:d9:7e:7b:20:5a:ca:
34:64:ca:f5:b3:a5:52:53:35:2f:46:c0:d4:bf:bb:
0c:54:38:7f:a2:e0:68:48:db:47:17:35:41:d9:d9:
29:cb:f5:4c:72:08:0b:49:e6:49:0d:9b:4d:70:bc:
c3:4d:64:be:a5:1e:8e:40:d2:51:bc:67:b6:08:a9:
1c:a8:44:08:a2:1d:a7:eb:3d:c3:71:a9:6c:20:27:
af:e8:93:ad:de:2c:9a:52:ec:02:39:31:14:76:3b:
5a:ff:c1:75:de:b8:1a:1d:45:4a:94:a7:76:03:d9:
6a:c1:31:52:e4:d0:7d:f8:bf:df:2e:cd:34:11:43:
bb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DD:34:1F:A2:04:9E:40:E5:2B:49:7A:F6:25:E2:A8:D7:78:E2:E3
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/oN00H6IEnkDlK0l69iXiqNd44uM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:c780:fffe:1d67::/64
Signature Algorithm: sha256WithRSAEncryption
d1:fa:d7:17:79:78:66:85:7b:dc:d3:ab:11:04:a8:96:21:6a:
63:56:33:ef:fe:90:46:5a:d1:a5:8c:e4:e3:bf:a8:e3:bc:e5:
aa:18:7c:7f:10:88:9b:d5:11:ed:5d:67:8f:d5:1a:c8:eb:d6:
3b:86:ec:ce:d1:9e:d6:2c:64:95:91:18:ce:75:7d:ba:ec:bb:
7c:18:72:a2:d9:b3:67:65:33:09:37:dc:bb:85:41:14:20:dc:
49:68:8c:1f:ac:8e:7a:0f:a9:e3:1f:0a:6d:aa:ee:bd:86:76:
e2:38:c1:d1:fe:7b:ed:e6:f6:30:48:c1:86:af:8f:61:ce:ee:
ec:7a:41:eb:0f:1d:2e:b7:e1:2d:b0:d2:fc:e1:76:c9:bf:29:
9c:31:60:9f:2e:9e:00:e9:9f:42:b8:5f:da:61:8f:06:6c:de:
10:86:6c:d3:68:b6:6b:02:fc:b9:cf:96:93:52:45:80:b0:5f:
61:ba:8e:ac:a3:f7:27:46:7d:17:21:e5:46:ae:08:27:8b:7d:
a2:fd:10:fd:44:ae:6b:c3:1a:dc:82:a6:f6:b0:f3:c4:ea:e8:
a5:da:60:54:fa:99:00:ce:d7:44:6f:41:96:de:f0:8c:97:19:
e6:71:59:1c:eb:fe:1a:14:bd:5b:f9:27:45:96:08:93:72:ce:
38:45:19:8f
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMTA5Mjkw
MjM4MjBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEwREQzNDFGQTIwNDlF
NDBFNTJCNDk3QUY2MjVFMkE4RDc3OEUyRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlzInS7+fgoLOEiJ8/XeZPSyCvKyZnRUdsiNLDzJXOQbbe1pDL
oVR7Vrv5ik6R0u6hay8m8KiN519PMIvnVPvQV1RBlPbJrfsxP937VK7eilPjxdm6
KbdGge7aUp8SrcZO5K4aiwu7VpZUuOhsKEHDUh1D23Ae7x91G3Ud/KUEHdl+eyBa
yjRkyvWzpVJTNS9GwNS/uwxUOH+i4GhI20cXNUHZ2SnL9UxyCAtJ5kkNm01wvMNN
ZL6lHo5A0lG8Z7YIqRyoRAiiHafrPcNxqWwgJ6/ok63eLJpS7AI5MRR2O1r/wXXe
uBodRUqUp3YD2WrBMVLk0H34v98uzTQRQ7sBAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUoN00H6IEnkDlK0l69iXiqNd44uMwHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL29OMDBINklFbmtEbEswbDY5aVhpcU5k
NDR1TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAkAMeA//4d
ZzANBgkqhkiG9w0BAQsFAAOCAQEA0frXF3l4ZoV73NOrEQSoliFqY1Yz7/6QRlrR
pYzk47+o47zlqhh8fxCIm9UR7V1nj9UayOvWO4bsztGe1ixklZEYznV9uuy7fBhy
otmzZ2UzCTfcu4VBFCDcSWiMH6yOeg+p4x8KbaruvYZ24jjB0f577eb2MEjBhq+P
Yc7u7HpB6w8dLrfhLbDS/OF2yb8pnDFgny6eAOmfQrhf2mGPBmzeEIZs02i2awL8
uc+Wk1JFgLBfYbqOrKP3J0Z9FyHlRq4IJ4t9ov0Q/USua8Ma3IKm9rDzxOropdpg
VPqZAM7XRG9Blt7wjJcZ5nFZHOv+GhS9W/knRZYIk3LOOEUZjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org