Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/q1NN5PHYVPHYlKH2Ci21EswAcWs.roa
File: q1NN5PHYVPHYlKH2Ci21EswAcWs.roa (raw, json)
Hash identifier: Q3UXY0T0DnzxwMiARlytF8ME4l0hSSfKxfzHkYf2uhg=
Subject key identifier: AB:53:4D:E4:F1:D8:54:F1:D8:94:A1:F6:0A:2D:B5:12:CC:00:71:6B
Certificate issuer: /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial: 07DC
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/q1NN5PHYVPHYlKH2Ci21EswAcWs.roa
Signing time: Thu 15 Sep 2022 02:34:48 +0000
ROA not before: Thu 15 Sep 2022 02:34:48 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 141173
IP address blocks: 2405:a640:1173::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2012 (0x7dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Validity
Not Before: Sep 15 02:34:48 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=AB534DE4F1D854F1D894A1F60A2DB512CC00716B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4a:86:e2:d2:c8:a7:ad:b9:f9:35:6a:a2:b3:
9a:69:6d:a2:27:c8:72:6e:da:b5:a9:9e:97:77:16:
ee:9c:ff:98:7b:b6:87:8f:d2:12:6b:f3:37:c6:a2:
be:7a:99:00:10:e0:72:60:97:04:af:f6:f7:bf:b5:
b7:13:07:3b:4b:53:2b:97:0e:75:c3:b6:f4:a9:1f:
3f:40:96:5c:dc:bc:d8:85:14:32:56:6e:61:91:ac:
fe:d8:3a:ab:b7:cb:d9:ec:ad:66:6a:4a:2b:85:d5:
f7:ad:c9:da:aa:9d:d1:66:3a:cf:a9:f6:af:90:12:
b1:c0:87:fe:f3:bb:80:3d:96:a9:32:2a:0c:15:e9:
b1:e5:40:64:eb:6b:34:6a:5d:ae:3e:ff:20:be:e6:
c4:04:1d:c1:61:85:21:61:ea:7b:2e:4a:8b:a4:07:
0a:38:bf:32:a3:55:42:29:75:f0:2a:11:d7:f4:03:
dd:b0:2d:0a:3a:4f:8d:c3:6b:f4:9f:cc:8a:25:7c:
d1:8d:f0:9b:5f:8a:94:ec:57:67:70:c5:35:93:27:
f2:2c:e3:f5:ac:76:9f:88:c6:e5:e9:0e:d5:a7:03:
58:7b:10:a7:e7:97:a8:35:e1:fc:f1:12:58:aa:cf:
55:c8:c7:b0:fb:3e:7d:0e:72:77:d4:6a:d7:f3:e7:
67:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:53:4D:E4:F1:D8:54:F1:D8:94:A1:F6:0A:2D:B5:12:CC:00:71:6B
X509v3 Authority Key Identifier:
keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/q1NN5PHYVPHYlKH2Ci21EswAcWs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:a640:1173::/48
Signature Algorithm: sha256WithRSAEncryption
61:5a:e1:36:04:8e:08:7f:bc:a3:94:87:19:66:e8:de:71:4e:
ae:2e:61:48:21:18:0c:ff:03:ab:dc:86:a8:1f:86:12:9b:2b:
5e:cc:57:34:8f:6d:ea:d2:ce:04:ae:a2:36:47:a7:65:c8:88:
88:ce:62:1e:2b:f1:ae:32:a9:90:b4:12:68:40:34:ae:51:fa:
11:e8:60:3d:27:b6:b5:99:6a:e6:56:b1:ee:8c:d1:d9:8b:54:
ba:8a:37:fd:0b:8b:58:1b:a5:cb:50:97:3f:2d:b8:f8:12:e2:
bb:55:32:33:1d:35:17:ae:37:42:1c:31:f9:bf:f9:12:34:d2:
da:2a:b3:d0:31:5e:df:6a:fb:12:ee:28:8c:15:e9:ab:d2:bd:
8b:1e:39:c5:85:49:c9:37:37:74:6f:41:21:82:cb:7a:ff:7d:
d7:b7:da:92:e6:03:9c:16:cf:38:5c:e1:da:47:fd:72:5a:b0:
10:3a:08:1d:cb:8d:af:3a:e4:92:8a:82:87:dd:c3:bc:af:72:
09:95:dd:e1:e6:cf:ee:88:6d:73:93:60:6a:01:53:e4:00:ca:
a6:c4:23:52:eb:79:94:2c:44:fb:af:7f:ce:2a:ac:18:74:5e:
b3:03:e8:e6:c5:a4:43:ee:02:c7:92:9c:57:f6:2f:39:ed:a6:
af:86:fe:3f
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICB9wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMjA5MTUw
MjM0NDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFCNTM0REU0RjFEODU0
RjFEODk0QTFGNjBBMkRCNTEyQ0MwMDcxNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLSobi0sinrbn5NWqis5ppbaInyHJu2rWpnpd3Fu6c/5h7toeP
0hJr8zfGor56mQAQ4HJglwSv9ve/tbcTBztLUyuXDnXDtvSpHz9AllzcvNiFFDJW
bmGRrP7YOqu3y9nsrWZqSiuF1fetydqqndFmOs+p9q+QErHAh/7zu4A9lqkyKgwV
6bHlQGTrazRqXa4+/yC+5sQEHcFhhSFh6nsuSoukBwo4vzKjVUIpdfAqEdf0A92w
LQo6T43Da/SfzIolfNGN8JtfipTsV2dwxTWTJ/Is4/Wsdp+IxuXpDtWnA1h7EKfn
l6g14fzxEliqz1XIx7D7Pn0OcnfUatfz52cfAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUq1NN5PHYVPHYlKH2Ci21EswAcWswHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvcTFOTjVQSFlWUEhZbEtIMkNpMjFF
c3dBY1dzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEAYVrhNgSOCH+8o5SHGWbo3nFOri5hSCEYDP8D
q9yGqB+GEpsrXsxXNI9t6tLOBK6iNkenZciIiM5iHivxrjKpkLQSaEA0rlH6Eehg
PSe2tZlq5lax7ozR2YtUuoo3/QuLWBuly1CXPy24+BLiu1UyMx01F643Qhwx+b/5
EjTS2iqz0DFe32r7Eu4ojBXpq9K9ix45xYVJyTc3dG9BIYLLev9917fakuYDnBbP
OFzh2kf9clqwEDoIHcuNrzrkkoqCh93DvK9yCZXd4ebP7ohtc5NgagFT5ADKpsQj
Uut5lCxE+69/ziqsGHReswPo5sWkQ+4Cx5KcV/YvOe2mr4b+Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org