Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/QDu-HJqPXhoCSYWaH5RHVuAYitM.roa
File: QDu-HJqPXhoCSYWaH5RHVuAYitM.roa (raw, json)
Hash identifier: d/J9pyOvsAy16jetrTRr7k8hr0vIZbJhQhzRm5C3Xag=
Subject key identifier: 40:3B:BE:1C:9A:8F:5E:1A:02:49:85:9A:1F:94:47:56:E0:18:8A:D3
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 0FC6
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/QDu-HJqPXhoCSYWaH5RHVuAYitM.roa
Signing time: Fri 20 May 2022 14:42:07 +0000
ROA not before: Fri 20 May 2022 14:42:07 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18180
IP address blocks: 2001:dc1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4038 (0xfc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: May 20 14:42:07 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=403BBE1C9A8F5E1A0249859A1F944756E0188AD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:48:e7:2c:4a:c2:43:f9:00:23:06:34:07:b7:
d7:70:30:d1:64:4e:b7:f9:08:26:5b:6d:a0:18:24:
0f:5b:39:3e:2d:9b:bb:bb:f1:25:cf:d2:8c:e2:bc:
80:ae:82:74:da:75:75:db:32:2e:fe:50:af:22:5d:
ee:5c:92:e0:2c:81:ca:87:07:3a:71:95:cd:4d:39:
81:32:45:53:29:25:c6:0b:b1:e1:96:80:fd:d0:a4:
a7:00:38:cf:5e:14:1f:17:59:e1:7c:86:ea:e2:fb:
f4:08:02:8a:a3:8f:77:49:a1:82:8f:8c:70:96:51:
1e:5f:cd:4a:d4:b3:88:c3:d9:8b:a6:3c:65:c6:85:
5e:56:e1:8b:06:f1:3e:aa:5b:7c:a3:97:3d:1a:b4:
42:e9:ee:25:92:5b:ed:88:07:1d:ff:fd:76:a8:6a:
3d:7e:4a:db:4b:28:9c:c6:52:00:df:5b:16:af:b4:
8d:da:ab:e7:0e:5e:c7:60:76:aa:79:43:4e:1d:01:
af:11:5f:37:56:76:ec:99:e8:7b:1d:44:8b:1e:b4:
ce:b7:82:e4:c3:60:d6:9c:6d:7d:36:5e:1f:7e:51:
eb:69:5c:44:79:2e:c4:bc:d9:91:b6:eb:8e:31:64:
f2:87:30:3e:93:d6:4b:84:27:88:bc:45:55:33:1a:
b2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3B:BE:1C:9A:8F:5E:1A:02:49:85:9A:1F:94:47:56:E0:18:8A:D3
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/QDu-HJqPXhoCSYWaH5RHVuAYitM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:dc1::/32
Signature Algorithm: sha256WithRSAEncryption
27:b6:d4:c9:10:d9:31:b1:5b:7d:05:2e:e4:71:ee:44:e0:22:
1e:91:b8:2d:b5:01:0a:2a:90:5a:37:22:07:28:96:35:78:b6:
13:d3:84:41:a0:02:a5:c4:c0:60:ba:68:bb:41:78:73:d5:ff:
ef:07:53:73:8a:bf:34:55:e8:8f:11:62:ca:a3:6d:84:ae:e8:
ce:f7:86:29:bc:d6:25:c4:95:52:46:6b:f9:87:9e:8e:1c:34:
49:29:35:92:2f:29:c4:b6:fa:2f:21:d7:0c:f0:f3:2a:5d:53:
6e:f2:b0:2a:47:a0:89:96:59:f7:33:1e:aa:22:09:4a:52:45:
fe:f2:e0:22:f2:5a:8e:a7:96:7d:b4:0b:c2:7a:52:ab:8a:2c:
b8:19:aa:79:d9:3a:9f:57:4c:1e:8b:28:d9:f6:8b:4c:09:94:
8d:56:ea:27:44:84:18:84:11:5d:b6:91:95:75:62:cf:42:cd:
ba:9a:5a:69:87:7a:13:ac:73:ba:a9:20:7a:f1:c2:58:7d:54:
48:88:83:01:0c:14:ed:f2:01:31:e2:35:ea:1d:5a:e5:cc:7f:
66:bb:d5:1b:ba:88:d5:2d:60:85:ab:53:f2:3f:9d:7c:e7:21:
49:87:b2:f2:14:fb:5a:6b:99:3b:e3:fe:c9:87:d9:ee:37:ce:
a4:f5:3c:32
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICD8YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMjA1MjAx
NDQyMDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQwM0JCRTFDOUE4RjVF
MUEwMjQ5ODU5QTFGOTQ0NzU2RTAxODhBRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnSOcsSsJD+QAjBjQHt9dwMNFkTrf5CCZbbaAYJA9bOT4tm7u7
8SXP0ozivICugnTadXXbMi7+UK8iXe5ckuAsgcqHBzpxlc1NOYEyRVMpJcYLseGW
gP3QpKcAOM9eFB8XWeF8huri+/QIAoqjj3dJoYKPjHCWUR5fzUrUs4jD2YumPGXG
hV5W4YsG8T6qW3yjlz0atELp7iWSW+2IBx3//Xaoaj1+SttLKJzGUgDfWxavtI3a
q+cOXsdgdqp5Q04dAa8RXzdWduyZ6HsdRIsetM63guTDYNacbX02Xh9+UetpXER5
LsS82ZG2644xZPKHMD6T1kuEJ4i8RVUzGrLxAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUQDu+HJqPXhoCSYWaH5RHVuAYitMwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9RRHUtSEpxUFhob0NTWVdhSDVS
SFZ1QVlpdE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAEN
wTANBgkqhkiG9w0BAQsFAAOCAQEAJ7bUyRDZMbFbfQUu5HHuROAiHpG4LbUBCiqQ
WjciByiWNXi2E9OEQaACpcTAYLpou0F4c9X/7wdTc4q/NFXojxFiyqNthK7ozveG
KbzWJcSVUkZr+Yeejhw0SSk1ki8pxLb6LyHXDPDzKl1TbvKwKkegiZZZ9zMeqiIJ
SlJF/vLgIvJajqeWfbQLwnpSq4osuBmqedk6n1dMHoso2faLTAmUjVbqJ0SEGIQR
XbaRlXViz0LNuppaaYd6E6xzuqkgevHCWH1USIiDAQwU7fIBMeI16h1a5cx/ZrvV
G7qI1S1ghatT8j+dfOchSYey8hT7WmuZO+P+yYfZ7jfOpPU8Mg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org