Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kaqP7HpXlW0-x0wRgXjGtevzCIo.roa
File: kaqP7HpXlW0-x0wRgXjGtevzCIo.roa (raw, json)
Hash identifier: fwtrOu87DzyITSzvE2yXxNqdDm82X+dgjh2wIQK7nrc=
Subject key identifier: 91:AA:8F:EC:7A:57:95:6D:3E:C7:4C:11:81:78:C6:B5:EB:F3:08:8A
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 0C94
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kaqP7HpXlW0-x0wRgXjGtevzCIo.roa
Signing time: Mon 16 Nov 2020 06:45:48 +0000
ROA not before: Mon 16 Nov 2020 06:45:48 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18180
IP address blocks: 2404:178:29::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3220 (0xc94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Nov 16 06:45:48 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=91AA8FEC7A57956D3EC74C118178C6B5EBF3088A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:62:18:b7:96:63:33:bc:28:7c:9c:80:94:3a:
a6:7c:13:f0:c8:35:a1:77:dc:e7:f1:3b:45:ed:7b:
1b:81:25:54:df:1c:5d:37:3f:16:41:8e:d5:85:d9:
20:78:c2:ad:07:94:4b:e1:e8:7f:93:bb:08:b1:b3:
63:bf:fa:88:a4:ba:ae:b5:fe:ca:b9:50:6e:68:04:
44:9f:d9:c0:be:e6:b1:2d:f7:9c:a5:60:66:62:8b:
42:19:1c:52:8e:d0:46:b1:79:9d:10:66:48:94:58:
34:9b:92:3f:37:46:e0:fc:1a:6a:50:d9:a5:95:96:
59:21:66:3b:39:b3:b3:4d:ab:46:76:38:87:60:43:
45:f9:74:af:cc:18:f4:86:e7:f4:41:88:8f:b0:b1:
fa:f3:83:9d:f7:bc:bf:2b:da:d7:44:90:20:ad:0c:
15:25:aa:d2:61:e5:ab:69:6b:34:54:80:14:6c:90:
a0:be:fc:f5:79:2a:7c:19:a3:63:db:46:59:62:20:
99:f5:c1:49:2a:51:52:c5:8d:db:c2:36:17:c5:37:
e0:75:c6:e4:0d:2d:0a:52:af:f5:b8:8e:7a:ae:71:
52:8b:29:61:50:9e:c1:7e:71:cd:80:f8:4b:08:99:
5e:19:11:9b:7e:99:bd:b1:e8:9a:4a:10:f2:11:79:
b7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AA:8F:EC:7A:57:95:6D:3E:C7:4C:11:81:78:C6:B5:EB:F3:08:8A
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kaqP7HpXlW0-x0wRgXjGtevzCIo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:178:29::/48
Signature Algorithm: sha256WithRSAEncryption
86:5e:4f:41:88:21:b4:14:51:c7:a6:1c:e5:a5:67:a5:5a:ce:
c9:4c:5b:12:8d:c8:48:1b:6b:fa:76:82:96:a6:cd:c5:dd:61:
c4:6f:df:fe:26:6b:a5:f7:81:0d:86:48:7d:27:6f:6a:c5:4c:
62:da:2d:51:c5:9c:f0:06:e2:49:03:30:59:b4:d7:f3:c1:c1:
f1:ad:ca:c2:5f:a2:b0:78:9e:28:7d:0f:0e:c2:35:66:ae:9e:
44:a0:1c:d4:fb:b7:eb:8d:89:1d:3f:bd:db:87:b7:9f:86:5d:
02:5d:b3:48:45:e6:ee:6c:ed:bd:04:7a:b3:5e:1b:35:40:fd:
92:5b:e3:0f:db:87:b2:e4:4d:86:c7:24:aa:38:1e:96:66:04:
05:f0:3f:21:b4:fb:cf:36:6e:79:21:8d:b2:f5:4e:f1:30:62:
ca:c5:94:51:fe:2c:c1:8b:40:28:46:9d:62:a2:9b:2d:53:40:
9d:a5:7a:39:7f:52:79:a1:91:77:50:6b:c5:e0:dc:0a:b3:10:
cb:bf:97:ea:2f:95:3b:30:df:53:42:65:75:70:4d:28:cb:46:
b2:aa:bd:2e:d9:0d:e3:e7:9c:14:25:e2:88:3e:15:84:44:1a:
76:65:55:2c:36:58:2b:e1:22:cf:17:09:c6:06:54:c4:a3:f0:
8a:9f:d3:55
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDExMTYw
NjQ1NDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDkxQUE4RkVDN0E1Nzk1
NkQzRUM3NEMxMTgxNzhDNkI1RUJGMzA4OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpYhi3lmMzvCh8nICUOqZ8E/DINaF33OfxO0XtexuBJVTfHF03
PxZBjtWF2SB4wq0HlEvh6H+Tuwixs2O/+oikuq61/sq5UG5oBESf2cC+5rEt95yl
YGZii0IZHFKO0EaxeZ0QZkiUWDSbkj83RuD8GmpQ2aWVllkhZjs5s7NNq0Z2OIdg
Q0X5dK/MGPSG5/RBiI+wsfrzg533vL8r2tdEkCCtDBUlqtJh5atpazRUgBRskKC+
/PV5KnwZo2PbRlliIJn1wUkqUVLFjdvCNhfFN+B1xuQNLQpSr/W4jnqucVKLKWFQ
nsF+cc2A+EsImV4ZEZt+mb2x6JpKEPIRebcJAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUkaqP7HpXlW0+x0wRgXjGtevzCIowHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9rYXFQN0hwWGxXMC14MHdSZ1hq
R3RldnpDSW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQB
eAApMA0GCSqGSIb3DQEBCwUAA4IBAQCGXk9BiCG0FFHHphzlpWelWs7JTFsSjchI
G2v6doKWps3F3WHEb9/+Jmul94ENhkh9J29qxUxi2i1RxZzwBuJJAzBZtNfzwcHx
rcrCX6KweJ4ofQ8OwjVmrp5EoBzU+7frjYkdP73bh7efhl0CXbNIRebubO29BHqz
Xhs1QP2SW+MP24ey5E2GxySqOB6WZgQF8D8htPvPNm55IY2y9U7xMGLKxZRR/izB
i0AoRp1iopstU0CdpXo5f1J5oZF3UGvF4NwKsxDLv5fqL5U7MN9TQmV1cE0oy0ay
qr0u2Q3j55wUJeKIPhWERBp2ZVUsNlgr4SLPFwnGBlTEo/CKn9NV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org