Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/CCX1D1q24cvP0wDYSiM4OMBpiBE.roa
File: CCX1D1q24cvP0wDYSiM4OMBpiBE.roa (raw, json)
Hash identifier: DXkJ0+GoshOsUzKR2LycxPAGxDz7RASfnIN+/mmWyQ4=
Subject key identifier: 08:25:F5:0F:5A:B6:E1:CB:CF:D3:00:D8:4A:23:38:38:C0:69:88:11
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1107
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CCX1D1q24cvP0wDYSiM4OMBpiBE.roa
Signing time: Wed 01 Feb 2023 10:29:23 +0000
ROA not before: Wed 01 Feb 2023 10:29:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 175.180.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4359 (0x1107)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:23 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0825F50F5AB6E1CBCFD300D84A233838C0698811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:be:d9:98:0a:7e:ce:96:31:bb:b7:b0:c0:64:
ee:e6:51:81:3a:45:e3:8b:04:72:8d:e0:b5:53:4f:
84:8c:81:d9:94:c2:87:6a:39:3a:47:6c:40:90:f1:
95:fe:21:50:b5:09:3e:7b:20:93:b9:90:8f:f2:39:
bc:f5:60:b0:2a:00:94:1b:3c:c7:90:5b:7a:c4:d5:
f6:aa:58:1e:f6:8e:32:af:53:82:92:9f:72:8b:14:
73:bd:83:bd:11:78:cc:3d:7c:04:cb:37:1b:12:b7:
75:ab:50:77:fc:41:aa:1f:0b:b5:06:5a:8a:c2:47:
4e:f7:3e:ff:68:61:72:68:c4:b5:d4:61:57:5d:67:
60:a8:d4:2b:b9:58:6e:75:6a:fc:16:7e:16:55:2f:
75:87:75:3f:2a:c3:f9:a8:7d:ed:55:35:94:bd:3f:
17:1d:fb:db:9f:5a:7f:d6:88:e8:09:b5:d7:36:4e:
70:9a:ab:e4:2b:bf:34:5b:cf:7d:27:c1:bb:b4:1a:
df:85:04:dc:71:2d:8a:15:66:27:50:58:31:c7:4e:
7d:ff:4b:42:14:d1:0c:5c:c6:ca:e6:d5:4d:17:11:
5d:87:a7:37:27:fb:a0:78:93:b5:f5:fd:5b:43:a1:
80:04:81:4b:b6:c7:e1:81:f5:6c:f0:3d:d7:3f:f8:
d0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:25:F5:0F:5A:B6:E1:CB:CF:D3:00:D8:4A:23:38:38:C0:69:88:11
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CCX1D1q24cvP0wDYSiM4OMBpiBE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
175.180.0.0/14
Signature Algorithm: sha256WithRSAEncryption
bf:93:a6:f7:ad:f9:e5:f9:10:fc:67:86:9c:33:79:7a:20:6f:
16:01:17:e1:62:c8:6a:12:fa:14:1e:46:03:46:3d:94:9c:19:
44:56:e4:1e:34:16:6c:01:04:2f:ff:3e:c5:38:60:ee:a7:85:
d9:ad:22:95:a2:be:97:07:3c:38:3a:ec:3e:5d:e3:94:9c:14:
a9:c7:6d:a4:be:14:6a:75:3b:87:7a:76:0a:3b:2e:35:87:3d:
63:5d:a4:29:5d:98:e6:0d:b4:11:9c:60:4c:16:e9:de:52:6d:
12:37:ec:98:a7:f3:92:2f:e1:b5:25:3f:b8:6d:1d:2c:ef:60:
26:4a:d0:32:21:ea:86:9b:bd:ca:3f:c9:5d:96:a1:87:56:39:
63:a9:2b:76:0c:51:88:b4:8e:30:2a:4e:f9:62:50:72:d0:11:
84:4e:22:72:69:4f:68:44:3a:8c:df:98:42:6e:9a:71:75:81:
96:52:f8:75:7c:17:4a:e7:32:c8:4f:db:ea:d8:44:1f:98:3b:
16:de:f4:52:5e:0c:bc:9b:ad:1c:b6:2d:70:7d:37:62:fc:58:
26:45:48:98:e4:47:c7:c7:5c:0e:4d:d6:1c:c8:d3:ab:e7:40:
1b:a0:9d:25:31:07:73:e3:fd:93:34:d0:53:9b:f7:a4:95:1e:
8e:03:c0:0f
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEQcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA4MjVGNTBGNUFCNkUx
Q0JDRkQzMDBEODRBMjMzODM4QzA2OTg4MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7vtmYCn7OljG7t7DAZO7mUYE6ReOLBHKN4LVTT4SMgdmUwodq
OTpHbECQ8ZX+IVC1CT57IJO5kI/yObz1YLAqAJQbPMeQW3rE1faqWB72jjKvU4KS
n3KLFHO9g70ReMw9fATLNxsSt3WrUHf8QaofC7UGWorCR073Pv9oYXJoxLXUYVdd
Z2Co1Cu5WG51avwWfhZVL3WHdT8qw/mofe1VNZS9Pxcd+9ufWn/WiOgJtdc2TnCa
q+QrvzRbz30nwbu0Gt+FBNxxLYoVZidQWDHHTn3/S0IU0Qxcxsrm1U0XEV2Hpzcn
+6B4k7X1/VtDoYAEgUu2x+GB9WzwPdc/+NAJAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUCCX1D1q24cvP0wDYSiM4OMBpiBEwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQ0NYMUQxcTI0Y3ZQMHdEWVNpTTRP
TUJwaUJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAq+0MA0G
CSqGSIb3DQEBCwUAA4IBAQC/k6b3rfnl+RD8Z4acM3l6IG8WARfhYshqEvoUHkYD
Rj2UnBlEVuQeNBZsAQQv/z7FOGDup4XZrSKVor6XBzw4Ouw+XeOUnBSpx22kvhRq
dTuHenYKOy41hz1jXaQpXZjmDbQRnGBMFuneUm0SN+yYp/OSL+G1JT+4bR0s72Am
StAyIeqGm73KP8ldlqGHVjljqSt2DFGItI4wKk75YlBy0BGETiJyaU9oRDqM35hC
bppxdYGWUvh1fBdK5zLIT9vq2EQfmDsW3vRSXgy8m60cti1wfTdi/FgmRUiY5EfH
x1wOTdYcyNOr50AboJ0lMQdz4/2TNNBTm/eklR6OA8AP
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:33:32 2025 by rpki-client