Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/1-aBBfDE8up6ZxkR3vlCX2Ou7GQ.roa
File: 1-aBBfDE8up6ZxkR3vlCX2Ou7GQ.roa (raw, json)
Hash identifier: dTUYlqe5rxe29rvMaj47fnd8wWIi3VYj+ACKcVcqDOk=
Subject key identifier: D7:E6:81:05:F0:C4:F2:EA:7A:67:19:11:DE:F9:42:5F:63:AE:EC:64
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CE6
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/1-aBBfDE8up6ZxkR3vlCX2Ou7GQ.roa
Signing time: Wed 01 Feb 2023 10:29:17 +0000
ROA not before: Wed 01 Feb 2023 10:29:17 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 192.72.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3302 (0xce6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:29:17 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D7E68105F0C4F2EA7A671911DEF9425F63AEEC64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c3:67:dd:6a:c5:eb:b0:ca:ea:ec:b8:81:b4:
0f:eb:c1:e3:b9:f0:bd:11:64:5f:dd:ff:79:d9:29:
53:69:45:93:d7:57:a8:70:34:d1:81:b0:cf:d5:14:
fa:f6:71:1f:e3:f0:ce:04:07:5c:d2:d5:54:95:e9:
1d:9f:cb:8a:93:48:0a:b1:8b:e8:7e:89:97:48:fc:
39:dc:fd:09:ec:3c:85:97:bf:81:b9:27:4d:f6:6c:
67:a3:ee:55:7e:b7:1c:c1:9d:b9:90:10:32:29:bd:
07:14:df:52:7c:67:6e:f6:36:32:ed:6b:1b:32:77:
9e:0f:fa:91:88:09:dc:b7:f1:cd:12:ed:cc:9f:d2:
f4:4a:37:53:d9:71:85:fc:19:a3:33:59:08:8f:e9:
68:d9:34:eb:04:10:a8:47:20:78:26:87:cc:6e:4e:
39:e5:b1:33:04:e7:56:7d:f5:07:79:7c:ab:13:85:
b3:af:d0:55:68:71:c2:5a:61:0a:dd:36:18:06:24:
95:7a:14:c5:fa:b8:c0:17:dd:15:ec:bc:73:60:5c:
34:21:e3:50:9d:03:bb:b2:ea:27:92:33:79:ff:c7:
57:14:3c:b4:5b:a9:98:80:e1:39:b9:77:7f:a5:38:
bb:0e:f9:96:0e:85:fa:2b:55:e9:3e:fb:fb:48:42:
45:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E6:81:05:F0:C4:F2:EA:7A:67:19:11:DE:F9:42:5F:63:AE:EC:64
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/1-aBBfDE8up6ZxkR3vlCX2Ou7GQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.3.0/24
Signature Algorithm: sha256WithRSAEncryption
39:9f:73:16:09:56:ee:b5:63:3c:4a:0b:f2:3d:e6:88:c0:df:
40:82:5c:dd:e0:cf:53:a0:82:87:f0:eb:dc:62:44:ae:72:a4:
e9:cc:ee:15:9f:fe:d3:fe:bd:6d:6f:6f:12:56:ae:a0:f8:92:
d4:2d:7a:fa:59:27:63:38:d4:47:0d:6b:6c:e2:f5:7b:e8:9c:
7f:a2:a3:25:9e:48:cc:6a:14:7f:86:c7:07:ae:4c:01:af:a2:
d0:6b:ff:7e:89:09:da:61:e9:bc:a2:85:1b:d0:10:e8:b1:de:
ad:99:6e:ba:8c:28:36:78:e7:05:c8:78:f8:1c:02:fc:65:29:
78:36:aa:f6:9d:57:31:df:87:4e:d0:20:a4:11:a9:9a:aa:39:
d7:90:62:ad:11:a8:ea:eb:a6:11:d9:d2:8c:8d:2b:10:71:c8:
a3:ae:02:24:3d:b2:5d:9c:e2:f4:d6:b6:dd:14:73:d7:79:d2:
11:55:44:06:76:26:c8:37:9b:cc:6f:ad:39:c7:b8:ed:3b:7a:
16:3b:f2:2c:7b:d6:6e:8b:a1:0b:4e:c9:cf:15:1e:eb:ef:70:
08:8f:9b:ad:69:03:27:31:82:98:a4:41:d7:50:b1:ad:15:84:
b4:b9:a1:f8:96:b2:dc:d8:38:9c:98:a2:3e:21:e8:4a:e2:1b:
14:bf:9b:bc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI5MTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ3RTY4MTA1RjBDNEYy
RUE3QTY3MTkxMURFRjk0MjVGNjNBRUVDNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLw2fdasXrsMrq7LiBtA/rweO58L0RZF/d/3nZKVNpRZPXV6hw
NNGBsM/VFPr2cR/j8M4EB1zS1VSV6R2fy4qTSAqxi+h+iZdI/Dnc/QnsPIWXv4G5
J032bGej7lV+txzBnbmQEDIpvQcU31J8Z272NjLtaxsyd54P+pGICdy38c0S7cyf
0vRKN1PZcYX8GaMzWQiP6WjZNOsEEKhHIHgmh8xuTjnlsTME51Z99Qd5fKsThbOv
0FVoccJaYQrdNhgGJJV6FMX6uMAX3RXsvHNgXDQh41CdA7uy6ieSM3n/x1cUPLRb
qZiA4Tm5d3+lOLsO+ZYOhforVek++/tIQkUZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU1+aBBfDE8up6ZxkR3vlCX2Ou7GQwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMS1hQkJmREU4dXA2WnhrUjN2bENY
Mk91N0dRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBIAzAN
BgkqhkiG9w0BAQsFAAOCAQEAOZ9zFglW7rVjPEoL8j3miMDfQIJc3eDPU6CCh/Dr
3GJErnKk6czuFZ/+0/69bW9vElauoPiS1C16+lknYzjURw1rbOL1e+icf6KjJZ5I
zGoUf4bHB65MAa+i0Gv/fokJ2mHpvKKFG9AQ6LHerZluuowoNnjnBch4+BwC/GUp
eDaq9p1XMd+HTtAgpBGpmqo515BirRGo6uumEdnSjI0rEHHIo64CJD2yXZzi9Na2
3RRz13nSEVVEBnYmyDebzG+tOce47Tt6FjvyLHvWbouhC07JzxUe6+9wCI+brWkD
JzGCmKRB11CxrRWEtLmh+Jay3Ng4nJiiPiHoSuIbFL+bvA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 16:52:56 2025 by rpki-client