Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TGM/vPU8V1H_qYSzlMoaHxS5SZNhLuo.roa
File: vPU8V1H_qYSzlMoaHxS5SZNhLuo.roa (raw, json)
Hash identifier: qirlN+x7caFr1FIs8W2O6SA74ZxGWCnVDNwr0tuJ1Ks=
Subject key identifier: BC:F5:3C:57:51:FF:A9:84:B3:94:CA:1A:1F:14:B9:49:93:61:2E:EA
Certificate issuer: /CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Certificate serial: F5
Authority key identifier: 9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/vPU8V1H_qYSzlMoaHxS5SZNhLuo.roa
Signing time: Sat 14 Jan 2023 03:39:22 +0000
ROA not before: Sat 14 Jan 2023 03:39:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18178
IP address blocks: 2400:5120::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245 (0xf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Validity
Not Before: Jan 14 03:39:22 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=BCF53C5751FFA984B394CA1A1F14B94993612EEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:41:b7:83:fe:17:19:9f:d9:62:ff:e2:ec:47:
d6:85:40:6f:3b:2b:04:e4:49:05:db:c1:bc:59:a4:
ae:ef:f8:22:e5:4e:72:14:2f:d9:38:a8:92:fc:aa:
60:f9:84:b8:09:9c:bd:7b:26:03:4b:df:ec:36:04:
40:ed:4a:8c:61:20:55:9a:2e:29:3f:5f:c3:87:ab:
b9:1f:8a:a5:69:76:08:70:ce:32:38:67:f6:8a:31:
d9:b5:d1:c4:f6:ff:d2:95:a8:c2:e0:43:74:62:d6:
57:6c:34:05:ec:ba:13:98:f9:9d:91:c2:b8:54:06:
57:ec:84:a6:2d:e4:f1:97:81:81:06:94:b6:26:e5:
fc:bd:a9:27:f2:7e:6d:2e:30:51:5e:28:4f:96:00:
bf:a7:43:ed:68:ec:5d:b1:de:8c:b8:85:ab:85:03:
c7:b1:79:b8:ca:f1:91:5e:83:cb:ee:ff:cf:64:c9:
86:9c:97:da:7f:55:60:c0:a8:c8:ea:07:d0:4f:7c:
e2:2f:0c:41:c0:22:ee:b3:00:36:6f:6c:97:13:ac:
b1:85:04:01:93:9e:4d:88:96:8e:59:c3:47:1b:53:
7d:58:b1:73:9c:ce:3d:f0:4f:b1:25:e9:9b:28:f0:
94:8b:f0:6b:44:83:fa:c1:ac:0e:e5:b9:ff:ab:6e:
f7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F5:3C:57:51:FF:A9:84:B3:94:CA:1A:1F:14:B9:49:93:61:2E:EA
X509v3 Authority Key Identifier:
keyid:9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/vPU8V1H_qYSzlMoaHxS5SZNhLuo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5120::/32
Signature Algorithm: sha256WithRSAEncryption
2c:ce:d8:e1:0d:6c:ae:53:2f:18:07:e5:1a:22:7a:49:73:45:
20:87:e8:1f:d1:3b:ac:b0:73:e8:85:d4:39:09:37:46:19:d7:
66:94:d7:99:f6:8f:24:e9:5b:08:10:e3:82:3a:30:7e:58:fb:
4e:68:f8:70:0a:66:33:7e:23:f4:3d:70:6f:1c:b7:ef:f4:33:
35:1a:d5:85:8b:b4:7a:dd:da:6b:a6:fc:e8:89:0c:2d:84:b1:
4b:55:82:50:7e:fa:6b:3b:3b:49:dd:7e:9d:d5:f9:74:30:41:
f8:4c:4d:cc:d5:22:5b:b2:2a:d7:07:86:f8:48:c8:02:72:ea:
af:8e:c6:ab:40:60:44:db:4d:f2:61:a0:a5:74:70:b3:43:1d:
8a:5e:c4:da:83:fe:0e:92:a2:c4:7e:1f:1c:29:21:48:0e:16:
8f:85:3f:c0:79:0e:b9:3f:6d:ab:ae:41:d5:a5:0a:66:da:86:
8e:60:f7:9c:53:0a:fa:af:c2:50:7b:12:76:e6:03:d9:6e:93:
63:c8:2b:b8:b2:1d:1c:62:11:18:ad:14:aa:b6:23:d2:39:56:
35:9e:a9:58:6f:8d:c7:49:52:b1:b6:86:a5:08:b2:c9:c8:ce:
3b:3e:d3:17:c2:36:84:b5:0c:b3:2b:99:ff:b2:35:69:4d:25:
bf:f7:2e:25
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI2
MDY5NkQ2ODc3M0FFMkU1MzJGMENENUQxMEZEQzBDODI3M0VBNTAeFw0yMzAxMTQw
MzM5MjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJDRjUzQzU3NTFGRkE5
ODRCMzk0Q0ExQTFGMTRCOTQ5OTM2MTJFRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuQbeD/hcZn9li/+LsR9aFQG87KwTkSQXbwbxZpK7v+CLlTnIU
L9k4qJL8qmD5hLgJnL17JgNL3+w2BEDtSoxhIFWaLik/X8OHq7kfiqVpdghwzjI4
Z/aKMdm10cT2/9KVqMLgQ3Ri1ldsNAXsuhOY+Z2RwrhUBlfshKYt5PGXgYEGlLYm
5fy9qSfyfm0uMFFeKE+WAL+nQ+1o7F2x3oy4hauFA8exebjK8ZFeg8vu/89kyYac
l9p/VWDAqMjqB9BPfOIvDEHAIu6zADZvbJcTrLGFBAGTnk2Ilo5Zw0cbU31YsXOc
zj3wT7El6Zso8JSL8GtEg/rBrA7luf+rbvc/AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUvPU8V1H/qYSzlMoaHxS5SZNhLuowHwYDVR0jBBgwFoAUm2BpbWh3OuLlMvDN
XRD9wMgnPqUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL20y
QnBiV2gzT3VMbE12RE5YUkQ5d01nblBxVS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bTJCcGJXaDNPdUxsTXZETlhSRDl3TWduUHFVLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL3ZQVThWMUhfcVlTemxNb2FIeFM1U1pO
aEx1by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAFEgMA0G
CSqGSIb3DQEBCwUAA4IBAQAsztjhDWyuUy8YB+UaInpJc0Ugh+gf0TussHPohdQ5
CTdGGddmlNeZ9o8k6VsIEOOCOjB+WPtOaPhwCmYzfiP0PXBvHLfv9DM1GtWFi7R6
3dprpvzoiQwthLFLVYJQfvprOztJ3X6d1fl0MEH4TE3M1SJbsirXB4b4SMgCcuqv
jsarQGBE203yYaCldHCzQx2KXsTag/4OkqLEfh8cKSFIDhaPhT/AeQ65P22rrkHV
pQpm2oaOYPecUwr6r8JQexJ25gPZbpNjyCu4sh0cYhEYrRSqtiPSOVY1nqlYb43H
SVKxtoalCLLJyM47PtMXwjaEtQyzK5n/sjVpTSW/9y4l
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:22 2024 by rpki-client on console-ams.rpki-client.org