Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TGM/XeKyUObENpXG59JzGhw2ICGj7lk.roa
File: XeKyUObENpXG59JzGhw2ICGj7lk.roa (raw, json)
Hash identifier: c6YNww5SCe4pY0PwnS4CJyqqBI7K+0KSjckrxYHvbf0=
Subject key identifier: 5D:E2:B2:50:E6:C4:36:95:C6:E7:D2:73:1A:1C:36:20:21:A3:EE:59
Certificate issuer: /CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Certificate serial: 09
Authority key identifier: 9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/XeKyUObENpXG59JzGhw2ICGj7lk.roa
Signing time: Fri 28 Jan 2022 03:53:33 +0000
ROA not before: Fri 28 Jan 2022 03:53:33 +0000
ROA not after: Sat 28 Jan 2023 03:36:51 +0000
asID: 18178
IP address blocks: 2400:5120::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Validity
Not Before: Jan 28 03:53:33 2022 GMT
Not After : Jan 28 03:36:51 2023 GMT
Subject: CN=5DE2B250E6C43695C6E7D2731A1C362021A3EE59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1a:8c:b0:5d:a4:2f:13:93:72:73:f1:9f:d0:
3d:99:ca:f5:1f:7f:31:39:0b:79:51:bd:25:37:c8:
5d:06:c4:09:0b:9f:08:94:f6:79:24:1f:b4:93:5c:
e9:cd:0f:ce:c3:be:32:a5:a6:a1:14:94:15:c6:45:
5c:47:a5:ea:04:69:c1:37:47:d4:ff:4e:20:cf:00:
a4:ff:af:08:ee:e9:54:33:0a:87:8a:38:8d:43:a9:
35:b0:dc:0b:4e:c7:2f:73:cc:60:3f:71:bf:90:1c:
6d:b5:d8:a2:2a:d6:10:6c:41:69:97:93:a9:db:5c:
be:dd:ee:2d:28:7f:9d:06:df:0a:95:39:a5:0f:dd:
c4:5c:21:58:8e:24:53:1f:8c:e5:6f:22:5d:db:e1:
20:96:97:37:ac:ac:db:38:7e:70:a7:49:48:f0:fa:
1b:de:95:c7:85:4c:15:d3:9d:ec:17:df:0b:f5:62:
dd:46:91:26:b0:69:75:4c:46:8e:f1:9b:13:46:bb:
20:47:c6:c9:63:f5:70:64:23:ed:0a:88:5b:69:82:
7d:70:44:a9:e5:67:a1:ba:dc:9d:9a:ae:56:ac:d0:
8e:66:7a:92:59:65:b1:45:03:6f:b7:fd:66:1f:5f:
2d:2d:46:63:dd:9c:29:53:9e:0b:ce:06:72:09:6d:
c0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E2:B2:50:E6:C4:36:95:C6:E7:D2:73:1A:1C:36:20:21:A3:EE:59
X509v3 Authority Key Identifier:
keyid:9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/XeKyUObENpXG59JzGhw2ICGj7lk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5120::/32
Signature Algorithm: sha256WithRSAEncryption
a5:8c:43:17:05:a9:eb:e9:af:cd:d7:b3:23:06:8e:4f:1a:4c:
c1:ea:23:88:2a:6e:f2:c7:20:84:c7:0b:39:e0:49:bb:02:cd:
bd:17:29:9e:92:2d:a1:e1:d8:dd:13:04:3a:01:b3:d6:c5:c7:
66:5f:eb:82:f4:dd:f6:07:52:b2:46:a5:1d:1f:dd:31:e0:b7:
97:da:b6:6f:63:08:59:c8:a9:38:a7:e6:8a:d4:01:6b:16:cd:
f4:1d:23:19:ce:b9:4b:fb:68:89:a1:a5:69:e6:a8:72:8d:7d:
64:2b:df:e2:83:72:8e:bf:78:5a:4b:70:48:dc:9c:dd:70:d6:
e5:33:e8:f9:f9:e9:cb:f5:b3:df:d1:8d:32:4b:e0:c7:89:f4:
3b:14:71:fb:cc:82:f1:f6:a9:32:a4:e1:14:ad:7f:5e:44:31:
6c:a3:f7:a1:72:29:5a:b4:ac:10:b8:1e:46:15:73:71:f5:16:
b9:1d:c9:5e:bb:5d:3b:17:5e:ca:09:8e:4b:33:49:c5:b0:82:
e0:68:bb:78:6a:fb:75:f3:c0:cf:bd:db:2e:db:52:52:5d:11:
9d:c2:20:5e:da:10:1a:af:0d:d6:a0:0e:f1:e2:7d:f0:6e:98:
75:cd:bc:0a:b4:7f:41:98:e4:9f:85:88:d6:66:24:46:c4:04:
53:99:dd:9f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5QjYw
Njk2RDY4NzczQUUyRTUzMkYwQ0Q1RDEwRkRDMEM4MjczRUE1MB4XDTIyMDEyODAz
NTMzM1oXDTIzMDEyODAzMzY1MVowMzExMC8GA1UEAxMoNURFMkIyNTBFNkM0MzY5
NUM2RTdEMjczMUExQzM2MjAyMUEzRUU1OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM8ajLBdpC8Tk3Jz8Z/QPZnK9R9/MTkLeVG9JTfIXQbECQufCJT2
eSQftJNc6c0PzsO+MqWmoRSUFcZFXEel6gRpwTdH1P9OIM8ApP+vCO7pVDMKh4o4
jUOpNbDcC07HL3PMYD9xv5AcbbXYoirWEGxBaZeTqdtcvt3uLSh/nQbfCpU5pQ/d
xFwhWI4kUx+M5W8iXdvhIJaXN6ys2zh+cKdJSPD6G96Vx4VMFdOd7BffC/Vi3UaR
JrBpdUxGjvGbE0a7IEfGyWP1cGQj7QqIW2mCfXBEqeVnobrcnZquVqzQjmZ6klll
sUUDb7f9Zh9fLS1GY92cKVOeC84GcgltwM8CAwEAAaOCAekwggHlMB0GA1UdDgQW
BBRd4rJQ5sQ2lcbn0nMaHDYgIaPuWTAfBgNVHSMEGDAWgBSbYGltaHc64uUy8M1d
EP3AyCc+pTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkGA1UdHwRSMFAwTqBM
oEqGSHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UR00vbTJC
cGJXaDNPdUxsTXZETlhSRDl3TWduUHFVLmNybDBgBggrBgEFBQcBAQRUMFIwUAYI
KwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9t
MkJwYldoM091TGxNdkROWFJEOXdNZ25QcVUuY2VyMA4GA1UdDwEB/wQEAwIHgDCB
mQYIKwYBBQUHAQsEgYwwgYkwVAYIKwYBBQUHMAuGSHJzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS9UR00vWGVLeVVPYkVOcFhHNTlKekdodzJJQ0dq
N2xrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAv
bm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQAUSAwDQYJ
KoZIhvcNAQELBQADggEBAKWMQxcFqevpr83XsyMGjk8aTMHqI4gqbvLHIITHCzng
SbsCzb0XKZ6SLaHh2N0TBDoBs9bFx2Zf64L03fYHUrJGpR0f3THgt5fatm9jCFnI
qTin5orUAWsWzfQdIxnOuUv7aImhpWnmqHKNfWQr3+KDco6/eFpLcEjcnN1w1uUz
6Pn56cv1s9/RjTJL4MeJ9DsUcfvMgvH2qTKk4RStf15EMWyj96FyKVq0rBC4HkYV
c3H1FrkdyV67XTsXXsoJjkszScWwguBou3hq+3XzwM+92y7bUlJdEZ3CIF7aEBqv
DdagDvHiffBumHXNvAq0f0GY5J+FiNZmJEbEBFOZ3Z8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org