Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/nh6DC0NeisjHV36VBlK-3uQmh5M.roa
File: nh6DC0NeisjHV36VBlK-3uQmh5M.roa (raw, json)
Hash identifier: hFfq0WZXNTrphNPDtLq0Y3lITp8RkwliFPPTHjFBw+s=
Subject key identifier: 9E:1E:83:0B:43:5E:8A:C8:C7:57:7E:95:06:52:BE:DE:E4:26:87:93
Certificate issuer: /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial: 06EF
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/nh6DC0NeisjHV36VBlK-3uQmh5M.roa
Signing time: Wed 29 Sep 2021 02:53:46 +0000
ROA not before: Wed 29 Sep 2021 02:53:46 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 141173
IP address blocks: 2405:a640:1173::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1775 (0x6ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Validity
Not Before: Sep 29 02:53:46 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9E1E830B435E8AC8C7577E950652BEDEE4268793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:43:38:7a:0e:2f:41:e2:0b:b0:e3:1e:eb:fe:
23:b3:fb:cf:a0:d8:08:12:11:f8:e2:7f:20:0b:5b:
9c:15:9e:2e:8d:35:35:b3:ae:83:77:a5:65:a5:c6:
2e:48:34:32:91:10:5e:ae:e9:06:e2:91:ef:eb:eb:
0c:5e:65:0b:7e:87:d1:66:11:27:f1:ba:fb:07:a8:
84:fc:2d:ac:4e:65:90:81:f9:90:23:86:32:32:eb:
a4:78:56:9b:4f:00:3d:b4:60:a9:d1:8f:9c:9c:4d:
d3:49:7d:5e:f0:fb:29:af:b6:c4:a1:9b:10:8b:21:
f7:6d:70:1e:77:07:ac:ac:7a:69:ed:28:00:dd:1e:
27:71:0f:dc:0a:5f:10:a7:07:12:f9:f7:af:b3:c4:
09:ee:f4:fe:e6:43:df:9e:f8:3f:3e:3a:82:a1:b7:
42:12:33:f8:7f:91:2a:86:3f:67:f1:59:b1:9d:4c:
eb:b4:a1:43:c3:75:9f:e2:30:24:67:59:06:36:7c:
ae:8b:75:75:34:3e:2d:29:b3:d9:c6:16:bd:1f:57:
ff:15:fe:b5:7f:a0:3f:33:dd:82:4b:2c:72:ef:22:
f9:04:5c:fe:e7:cf:59:15:f2:68:63:9f:fe:fa:94:
bc:87:f4:0a:af:d4:54:e3:77:a8:da:f0:59:ff:89:
58:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1E:83:0B:43:5E:8A:C8:C7:57:7E:95:06:52:BE:DE:E4:26:87:93
X509v3 Authority Key Identifier:
keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/nh6DC0NeisjHV36VBlK-3uQmh5M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:a640:1173::/48
Signature Algorithm: sha256WithRSAEncryption
b2:2c:7a:ee:1e:ef:a2:f4:bc:86:68:96:8b:41:24:d5:ed:4e:
ae:bf:f5:d4:30:2c:31:93:53:ed:66:37:0a:90:b1:1c:84:4c:
ed:b7:37:07:7f:fa:67:5e:83:69:0c:ee:c9:45:f3:81:7f:52:
25:c4:a8:3b:9a:b9:69:34:23:cd:5d:85:3a:3a:15:3a:99:a1:
28:f7:1f:3d:df:1e:04:87:11:47:ef:1d:04:4d:9f:2e:15:b4:
ff:1a:ad:c6:a2:3e:a3:a1:62:52:50:d7:29:b2:70:09:e1:e6:
d0:3f:7b:4f:7e:93:ca:8c:6c:81:70:ca:ca:8c:e0:e1:13:c7:
4c:b3:38:84:b4:3e:66:5d:a8:bf:e2:0d:0a:19:f1:63:8c:26:
8b:74:01:21:53:f8:ee:ae:19:2a:87:39:12:32:9a:e6:59:48:
01:33:fe:44:1a:fd:6b:bc:27:c2:84:c9:19:4d:e1:6f:c5:9d:
8f:eb:d6:22:7e:89:dc:5c:ce:a3:bf:e0:fd:8e:2e:f3:44:5f:
1a:42:e3:48:83:68:8a:26:86:6e:d7:c6:19:bf:ce:26:e5:ff:
47:41:7b:26:32:c9:60:fa:10:0b:7e:67:01:71:6c:9a:ee:27:
4f:fd:9d:d3:92:db:10:47:7c:a4:6e:38:35:cf:fb:f4:2b:9f:
d2:d3:f0:b0
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMTA5Mjkw
MjUzNDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlFMUU4MzBCNDM1RThB
QzhDNzU3N0U5NTA2NTJCRURFRTQyNjg3OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfQzh6Di9B4guw4x7r/iOz+8+g2AgSEfjifyALW5wVni6NNTWz
roN3pWWlxi5INDKREF6u6Qbike/r6wxeZQt+h9FmESfxuvsHqIT8LaxOZZCB+ZAj
hjIy66R4VptPAD20YKnRj5ycTdNJfV7w+ymvtsShmxCLIfdtcB53B6ysemntKADd
HidxD9wKXxCnBxL596+zxAnu9P7mQ9+e+D8+OoKht0ISM/h/kSqGP2fxWbGdTOu0
oUPDdZ/iMCRnWQY2fK6LdXU0Pi0ps9nGFr0fV/8V/rV/oD8z3YJLLHLvIvkEXP7n
z1kV8mhjn/76lLyH9Aqv1FTjd6ja8Fn/iVj7AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUnh6DC0NeisjHV36VBlK+3uQmh5MwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvbmg2REMwTmVpc2pIVjM2VkJsSy0z
dVFtaDVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEAsix67h7vovS8hmiWi0Ek1e1Orr/11DAsMZNT
7WY3CpCxHIRM7bc3B3/6Z16DaQzuyUXzgX9SJcSoO5q5aTQjzV2FOjoVOpmhKPcf
Pd8eBIcRR+8dBE2fLhW0/xqtxqI+o6FiUlDXKbJwCeHm0D97T36TyoxsgXDKyozg
4RPHTLM4hLQ+Zl2ov+INChnxY4wmi3QBIVP47q4ZKoc5EjKa5llIATP+RBr9a7wn
woTJGU3hb8Wdj+vWIn6J3FzOo7/g/Y4u80RfGkLjSINoiiaGbtfGGb/OJuX/R0F7
JjLJYPoQC35nAXFsmu4nT/2d05LbEEd8pG44Nc/79Cuf0tPwsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org