Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/W41AHeqpvIpawWlDSGuau8MgLZc.roa
File: W41AHeqpvIpawWlDSGuau8MgLZc.roa (raw, json)
Hash identifier: L8B7YYzHMxd03I6DCMq/8z5PT5NJcNrPFi5Y6y00c5c=
Subject key identifier: 5B:8D:40:1D:EA:A9:BC:8A:5A:C1:69:43:48:6B:9A:BB:C3:20:2D:97
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 104C
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/W41AHeqpvIpawWlDSGuau8MgLZc.roa
Signing time: Thu 15 Sep 2022 02:37:13 +0000
ROA not before: Thu 15 Sep 2022 02:37:13 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131621
IP address blocks: 2001:de4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4172 (0x104c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Sep 15 02:37:13 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5B8D401DEAA9BC8A5AC16943486B9ABBC3202D97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:17:f0:15:66:17:f7:66:7d:46:09:65:2a:02:
42:31:26:32:cd:ec:de:b8:a4:00:0d:ac:84:31:ed:
7d:35:fb:bb:79:62:23:1a:59:dc:f4:58:ac:46:c9:
c3:77:71:e0:f0:c7:73:16:41:b7:20:1a:82:6a:1b:
32:3b:06:8f:2b:c3:27:35:52:4e:c6:8f:9a:50:c6:
d2:56:78:cb:91:f6:82:92:99:e6:df:58:42:a5:d9:
0e:5a:da:bd:2f:33:50:06:56:51:40:a4:db:a4:cb:
cc:cd:81:c8:17:69:d1:72:58:c5:c1:3d:d4:87:e0:
0d:02:72:1e:95:d1:b1:e7:80:03:06:b5:a0:3c:a5:
97:50:55:25:13:49:9c:f9:09:11:a8:a2:75:9b:06:
f7:2d:6e:3c:f1:6b:45:f7:40:bc:58:e6:86:aa:dd:
31:88:9d:54:5d:73:0f:da:b6:53:79:1c:f5:15:f7:
ae:30:40:52:c8:9a:af:68:79:20:24:6f:d4:15:95:
bc:6b:5e:a8:ff:24:c6:71:44:ed:04:af:e0:d7:88:
16:7b:e0:24:0a:85:b1:da:53:2f:b1:47:fb:a6:3d:
d3:84:75:e8:0b:33:75:68:80:f2:bb:e0:e6:03:09:
34:c5:c5:1a:51:68:df:b0:14:3a:8a:2b:ce:e7:a7:
28:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:8D:40:1D:EA:A9:BC:8A:5A:C1:69:43:48:6B:9A:BB:C3:20:2D:97
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/W41AHeqpvIpawWlDSGuau8MgLZc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:de4::/48
Signature Algorithm: sha256WithRSAEncryption
31:13:11:f9:54:7c:83:3e:7a:df:a3:95:7b:bb:7c:ab:37:58:
9f:a0:96:a4:2d:a2:d0:d4:4a:2a:2c:d1:d7:ce:24:bf:57:0a:
4c:b6:53:53:7e:19:56:0c:70:16:b9:5a:ab:9b:e9:45:ae:4a:
e8:00:7c:ed:4a:77:a8:38:8e:cf:45:0a:d4:5e:37:b0:64:63:
65:7e:b5:4c:7e:44:2a:35:cd:59:3b:59:9b:9c:69:37:aa:92:
88:11:cc:50:7d:5c:26:a9:5b:7a:3f:f7:d9:41:23:8c:bf:59:
4e:fc:c5:da:81:91:38:60:22:04:96:1d:70:b8:24:98:7d:e0:
df:9e:8f:ef:2e:6f:3b:c1:00:fc:91:40:f4:b9:94:62:60:d0:
84:ee:65:1f:f9:90:bb:8b:39:e5:30:30:6d:92:9f:12:22:38:
cb:82:d5:b6:c2:a8:04:0b:c4:36:cc:37:45:7a:e8:03:21:9d:
19:60:40:05:75:04:9e:68:88:b3:98:07:80:d5:16:03:9b:90:
39:b2:43:19:b3:f1:1b:87:7e:ce:98:a1:4b:31:c2:55:e6:d2:
a6:66:b3:c3:68:70:25:60:7c:3e:b5:18:c7:7c:ea:53:ad:cb:
cf:81:44:58:a0:5a:f2:b5:49:21:7f:fb:a3:7f:6a:4d:04:3a:
22:03:f9:49
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICEEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMjA5MTUw
MjM3MTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVCOEQ0MDFERUFBOUJD
OEE1QUMxNjk0MzQ4NkI5QUJCQzMyMDJEOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKF/AVZhf3Zn1GCWUqAkIxJjLN7N64pAANrIQx7X01+7t5YiMa
Wdz0WKxGycN3ceDwx3MWQbcgGoJqGzI7Bo8rwyc1Uk7Gj5pQxtJWeMuR9oKSmebf
WEKl2Q5a2r0vM1AGVlFApNuky8zNgcgXadFyWMXBPdSH4A0Cch6V0bHngAMGtaA8
pZdQVSUTSZz5CRGoonWbBvctbjzxa0X3QLxY5oaq3TGInVRdcw/atlN5HPUV964w
QFLImq9oeSAkb9QVlbxrXqj/JMZxRO0Er+DXiBZ74CQKhbHaUy+xR/umPdOEdegL
M3VogPK74OYDCTTFxRpRaN+wFDqKK87npyjdAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUW41AHeqpvIpawWlDSGuau8MgLZcwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9XNDFBSGVxcHZJcGF3V2xEU0d1
YXU4TWdMWmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
5AAAMA0GCSqGSIb3DQEBCwUAA4IBAQAxExH5VHyDPnrfo5V7u3yrN1ifoJakLaLQ
1EoqLNHXziS/VwpMtlNTfhlWDHAWuVqrm+lFrkroAHztSneoOI7PRQrUXjewZGNl
frVMfkQqNc1ZO1mbnGk3qpKIEcxQfVwmqVt6P/fZQSOMv1lO/MXagZE4YCIElh1w
uCSYfeDfno/vLm87wQD8kUD0uZRiYNCE7mUf+ZC7iznlMDBtkp8SIjjLgtW2wqgE
C8Q2zDdFeugDIZ0ZYEAFdQSeaIizmAeA1RYDm5A5skMZs/Ebh37OmKFLMcJV5tKm
ZrPDaHAlYHw+tRjHfOpTrcvPgURYoFrytUkhf/ujf2pNBDoiA/lJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org