Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/KwpuvmaJP6u6DEB9j_dkMZGXX2Q.roa
File: KwpuvmaJP6u6DEB9j_dkMZGXX2Q.roa (raw, json)
Hash identifier: LTsNhpewHr8yvGZSQWlCZuomLRlcuQh6L3iikROCEOQ=
Subject key identifier: 2B:0A:6E:BE:66:89:3F:AB:BA:0C:40:7D:8F:F7:64:31:91:97:5F:64
Certificate issuer: /CN=1D92BE0ACF9887B1A8192875CFE732238DE322A9
Certificate serial: 0BFE
Authority key identifier: 1D:92:BE:0A:CF:98:87:B1:A8:19:28:75:CF:E7:32:23:8D:E3:22:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/KwpuvmaJP6u6DEB9j_dkMZGXX2Q.roa
Signing time: Mon 26 Aug 2024 05:32:29 +0000
ROA not before: Mon 26 Aug 2024 05:32:29 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9916
IP address blocks: 2001:f18::/32 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3070 (0xbfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1D92BE0ACF9887B1A8192875CFE732238DE322A9
Validity
Not Before: Aug 26 05:32:29 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2B0A6EBE66893FABBA0C407D8FF7643191975F64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1a:24:67:e6:ef:2e:7e:5b:50:44:53:4e:fc:
12:6b:7a:71:4b:6a:55:c9:8d:f7:da:8e:98:ee:cb:
07:17:d1:ec:1b:79:fa:cb:85:60:69:d9:0f:e8:31:
dc:bf:9a:26:e5:39:f0:d6:73:5c:c1:2a:f1:ef:16:
1d:dd:ca:b0:ff:00:fd:bf:79:56:74:e7:58:cf:5e:
e8:8a:65:87:75:41:6f:4c:85:5e:4c:3a:3a:ba:f8:
e6:6d:f6:d6:59:63:87:5c:dd:f2:e4:95:4f:ea:b7:
4b:5f:76:aa:42:58:68:c0:b0:41:36:54:34:70:b9:
db:a7:0c:dd:e2:1f:c0:15:d5:6b:41:74:ba:9f:a3:
11:db:05:33:c6:a8:4b:98:64:02:29:f9:c1:84:44:
f3:d4:d9:90:3f:7f:27:59:16:3a:2a:05:99:20:f4:
58:72:62:5f:3c:eb:ee:02:26:eb:56:f4:b5:8a:8b:
87:68:a2:70:7c:c3:6a:22:28:c0:47:54:2b:c2:c1:
d1:e3:11:78:78:91:03:15:5a:a3:a6:e5:75:59:12:
92:1a:1f:bd:ec:9f:ff:46:ba:5d:c0:3f:c9:2d:cb:
60:41:17:9c:2f:66:73:19:6b:64:af:d0:a6:5e:7f:
18:c1:f4:ce:83:fb:24:ac:5d:e9:eb:e9:dd:3c:81:
c5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0A:6E:BE:66:89:3F:AB:BA:0C:40:7D:8F:F7:64:31:91:97:5F:64
X509v3 Authority Key Identifier:
keyid:1D:92:BE:0A:CF:98:87:B1:A8:19:28:75:CF:E7:32:23:8D:E3:22:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/KwpuvmaJP6u6DEB9j_dkMZGXX2Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:f18::/32
Signature Algorithm: sha256WithRSAEncryption
09:dd:fa:43:91:1b:3e:8b:78:b4:d1:c9:b8:68:a2:df:0d:69:
88:64:d9:6f:81:fa:b9:b9:d5:96:e0:0a:48:31:d1:94:60:8a:
3d:36:a4:fa:be:81:c4:48:32:98:88:20:b8:dc:02:cc:b0:6a:
84:ec:85:8c:6e:62:5b:a4:ee:59:11:26:8e:2d:12:07:1c:96:
36:41:dc:91:8e:66:18:36:41:9b:e1:68:6a:15:e7:23:4e:57:
17:15:71:26:d7:50:d4:d7:23:ac:d6:1e:8b:c3:06:ae:c1:cf:
4d:04:d2:e3:3a:41:7e:94:7f:87:a1:3a:2b:b8:cc:66:03:5f:
a0:77:92:99:79:8d:19:51:a8:2b:77:6a:7e:34:39:3d:5e:a4:
6c:5b:76:3c:fc:cb:6d:10:59:0c:52:25:ec:eb:be:2d:74:d9:
57:cc:6b:21:5e:ec:f1:04:83:8b:8d:ee:e4:2b:9c:07:1b:e7:
f3:84:d0:0d:df:d2:df:69:a9:61:1c:07:df:40:f3:fa:3c:5e:
50:4a:ad:d2:b7:d3:7a:63:83:72:b7:45:8a:dc:75:a0:ae:fa:
7a:23:d5:31:2a:08:5c:a4:a6:4e:49:a9:18:dc:5a:fc:1c:96:
3f:1a:79:4b:23:39:da:1b:d2:1a:4b:a8:82:c7:1b:0f:01:ab:
d5:60:72:3a
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICC/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUQ5
MkJFMEFDRjk4ODdCMUE4MTkyODc1Q0ZFNzMyMjM4REUzMjJBOTAeFw0yNDA4MjYw
NTMyMjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJCMEE2RUJFNjY4OTNG
QUJCQTBDNDA3RDhGRjc2NDMxOTE5NzVGNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChGiRn5u8ufltQRFNO/BJrenFLalXJjffajpjuywcX0ewbefrL
hWBp2Q/oMdy/miblOfDWc1zBKvHvFh3dyrD/AP2/eVZ051jPXuiKZYd1QW9MhV5M
Ojq6+OZt9tZZY4dc3fLklU/qt0tfdqpCWGjAsEE2VDRwudunDN3iH8AV1WtBdLqf
oxHbBTPGqEuYZAIp+cGERPPU2ZA/fydZFjoqBZkg9FhyYl886+4CJutW9LWKi4do
onB8w2oiKMBHVCvCwdHjEXh4kQMVWqOm5XVZEpIaH73sn/9Gul3AP8kty2BBF5wv
ZnMZa2Sv0KZefxjB9M6D+ySsXenr6d08gcX3AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUKwpuvmaJP6u6DEB9j/dkMZGXX2QwHwYDVR0jBBgwFoAUHZK+Cs+Yh7GoGSh1
z+cyI43jIqkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOQ1RV
L0haSy1Dcy1ZaDdHb0dTaDF6LWN5STQzaklxay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSFpLLUNzLVloN0dvR1NoMXotY3lJNDNqSXFrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOQ1RVL0t3cHV2bWFKUDZ1NkRFQjlq
X2RrTVpHWFgyUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAg
AQ8YMA0GCSqGSIb3DQEBCwUAA4IBAQAJ3fpDkRs+i3i00cm4aKLfDWmIZNlvgfq5
udWW4ApIMdGUYIo9NqT6voHESDKYiCC43ALMsGqE7IWMbmJbpO5ZESaOLRIHHJY2
QdyRjmYYNkGb4WhqFecjTlcXFXEm11DU1yOs1h6Lwwauwc9NBNLjOkF+lH+HoTor
uMxmA1+gd5KZeY0ZUagrd2p+NDk9XqRsW3Y8/MttEFkMUiXs674tdNlXzGshXuzx
BIOLje7kK5wHG+fzhNAN39LfaalhHAffQPP6PF5QSq3St9N6Y4Nyt0WK3HWgrvp6
I9UxKghcpKZOSakY3Fr8HJY/GnlLIznaG9IaS6iCxxsPAavVYHI6
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:33:54 2025 by rpki-client