Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TINP/rwxHUdSlmNfk5qphXFOF8JPYMqk.roa
File: rwxHUdSlmNfk5qphXFOF8JPYMqk.roa (raw, json)
Hash identifier: g8ArRYzyf6zwJsfayLj60AgveKTbBPWwaFP77roJ3yw=
Subject key identifier: AF:0C:47:51:D4:A5:98:D7:E4:E6:AA:61:5C:53:85:F0:93:D8:32:A9
Certificate issuer: /CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
Certificate serial: 0BAA
Authority key identifier: E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/rwxHUdSlmNfk5qphXFOF8JPYMqk.roa
Signing time: Fri 01 Sep 2023 10:01:10 +0000
ROA not before: Fri 01 Sep 2023 10:01:10 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18049
IP address blocks: 2403:5200::/32 maxlen: 96
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2986 (0xbaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
Validity
Not Before: Sep 1 10:01:10 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=AF0C4751D4A598D7E4E6AA615C5385F093D832A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3c:7d:ae:4b:fa:a2:c2:a6:d7:2f:d2:5c:ab:
49:ac:60:79:aa:48:89:9e:99:8d:e6:9b:a5:10:e6:
a0:cc:0f:5c:ac:ff:5e:f3:1b:5b:4a:fd:2a:4a:f0:
32:e5:7f:6a:ba:21:8f:00:a2:a9:61:52:02:4a:c8:
05:15:a5:1c:e9:0e:f0:fa:6b:cd:67:df:c7:16:60:
3b:4d:8b:d3:a5:dc:ba:46:0c:be:e4:28:d8:e9:2e:
91:ba:4a:dc:f5:87:5a:62:d4:e3:51:77:63:85:61:
7b:14:50:0d:49:a4:31:bf:d6:37:3a:19:fc:9a:a7:
4b:ea:88:43:cb:a6:69:7e:25:cf:42:e3:6d:bd:92:
85:74:26:0e:19:d0:ad:fa:cc:97:b9:4b:31:8e:a0:
38:ad:47:a4:c1:5e:0c:27:42:7a:99:62:e0:48:31:
2d:c2:33:17:96:12:36:e3:c2:3a:56:ad:d6:3e:00:
eb:60:b2:1d:77:a3:94:aa:fc:09:2a:20:cf:51:b2:
f2:e2:46:39:6d:a1:11:c2:c4:82:3e:29:75:9f:24:
85:45:7a:6a:32:f5:c5:01:3b:db:26:17:c8:00:b4:
39:35:fb:8a:f8:a0:89:ec:7a:93:ba:1e:44:14:ed:
02:f0:63:9f:1c:cf:34:0a:e2:52:81:74:55:d8:8f:
b0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0C:47:51:D4:A5:98:D7:E4:E6:AA:61:5C:53:85:F0:93:D8:32:A9
X509v3 Authority Key Identifier:
keyid:E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/4CWCsCflcDjqAKPoSE1V3uouGio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/rwxHUdSlmNfk5qphXFOF8JPYMqk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:5200::/32
Signature Algorithm: sha256WithRSAEncryption
1f:e1:e2:65:54:bb:18:c1:52:fb:0c:62:f4:04:0f:db:c5:e8:
4d:97:86:99:04:92:05:20:48:d7:0e:28:70:b7:94:17:ab:11:
33:72:8f:02:e7:9e:3d:e9:57:0c:0d:1a:c4:88:37:55:8e:5d:
47:41:4d:96:0a:9d:b4:c0:eb:7c:55:31:80:a7:a2:3d:9c:1f:
a3:68:c5:f6:c0:0a:4a:cc:c4:67:ae:c0:c5:d0:be:c6:d7:32:
ca:53:50:de:a2:ab:c3:00:51:74:f6:04:91:18:4a:98:7b:2b:
01:d5:6c:3d:52:5a:6d:00:7b:67:2a:cc:b6:68:18:e6:40:cd:
32:e1:b1:07:de:86:e7:68:31:5c:cf:9f:92:bf:2e:99:70:a3:
97:e2:8b:52:57:d0:86:4a:dd:0a:69:d0:70:ea:15:b1:84:3b:
53:17:ee:f4:b6:1e:5d:df:3b:fa:bd:01:85:cc:a2:57:e2:e7:
11:b2:2f:ce:f8:a0:98:a8:f7:c0:66:b9:78:90:9d:15:b2:c5:
62:cc:07:f6:b8:1a:d1:48:01:0a:a0:ac:b4:38:ca:68:da:7e:
22:2b:46:9d:d6:9c:02:37:90:d0:41:82:ae:4f:1f:a3:b8:b7:
a7:3e:62:37:01:00:5a:e0:2a:49:6f:f1:5d:42:22:6d:6b:db:
ea:a1:46:c3
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICC6owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTAy
NTgyQjAyN0U1NzAzOEVBMDBBM0U4NDg0RDU1REVFQTJFMUEyQTAeFw0yMzA5MDEx
MDAxMTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFGMEM0NzUxRDRBNTk4
RDdFNEU2QUE2MTVDNTM4NUYwOTNEODMyQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfPH2uS/qiwqbXL9Jcq0msYHmqSImemY3mm6UQ5qDMD1ys/17z
G1tK/SpK8DLlf2q6IY8AoqlhUgJKyAUVpRzpDvD6a81n38cWYDtNi9Ol3LpGDL7k
KNjpLpG6Stz1h1pi1ONRd2OFYXsUUA1JpDG/1jc6Gfyap0vqiEPLpml+Jc9C4229
koV0Jg4Z0K36zJe5SzGOoDitR6TBXgwnQnqZYuBIMS3CMxeWEjbjwjpWrdY+AOtg
sh13o5Sq/AkqIM9RsvLiRjltoRHCxII+KXWfJIVFemoy9cUBO9smF8gAtDk1+4r4
oInsepO6HkQU7QLwY58czzQK4lKBdFXYj7B1AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUrwxHUdSlmNfk5qphXFOF8JPYMqkwHwYDVR0jBBgwFoAU4CWCsCflcDjqAKPo
SE1V3uouGiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElOUC80
Q1dDc0NmbGNEanFBS1BvU0UxVjN1b3VHaW8uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzRDV0NzQ2ZsY0RqcUFLUG9TRTFWM3VvdUdpby5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJTlAvcnd4SFVkU2xtTmZrNXFwaFhGT0Y4
SlBZTXFrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDUgAw
DQYJKoZIhvcNAQELBQADggEBAB/h4mVUuxjBUvsMYvQED9vF6E2XhpkEkgUgSNcO
KHC3lBerETNyjwLnnj3pVwwNGsSIN1WOXUdBTZYKnbTA63xVMYCnoj2cH6NoxfbA
CkrMxGeuwMXQvsbXMspTUN6iq8MAUXT2BJEYSph7KwHVbD1SWm0Ae2cqzLZoGOZA
zTLhsQfehudoMVzPn5K/Lplwo5fii1JX0IZK3Qpp0HDqFbGEO1MX7vS2Hl3fO/q9
AYXMolfi5xGyL874oJio98BmuXiQnRWyxWLMB/a4GtFIAQqgrLQ4ymjafiIrRp3W
nAI3kNBBgq5PH6O4t6c+YjcBAFrgKklv8V1CIm1r2+qhRsM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:43 2025 by rpki-client