Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/HYWgPVE8BYwzC-MbuBeCHGJTD08.roa
File: HYWgPVE8BYwzC-MbuBeCHGJTD08.roa (raw, json)
Hash identifier: 9Yn9B3UsyMPFDVya8aoyURJR5hcmrw97qNXYMzrrgfo=
Subject key identifier: 1D:85:A0:3D:51:3C:05:8C:33:0B:E3:1B:B8:17:82:1C:62:53:0F:4F
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 137A
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HYWgPVE8BYwzC-MbuBeCHGJTD08.roa
Signing time: Fri 01 Sep 2023 09:25:00 +0000
ROA not before: Fri 01 Sep 2023 09:25:00 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131602
IP address blocks: 123.205.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4986 (0x137a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 1 09:25:00 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1D85A03D513C058C330BE31BB817821C62530F4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:28:a6:ac:14:f0:e7:68:55:a9:df:c9:c9:98:
ad:50:96:3c:80:47:c0:3c:c0:53:c2:6c:e4:46:0f:
aa:be:bb:62:c7:ef:4a:cd:e5:9e:87:42:36:54:54:
0a:a8:32:fa:b6:b3:22:62:97:1b:53:9c:c4:91:e1:
27:54:ed:97:e7:0c:64:f0:76:f6:80:82:14:f0:f4:
a6:70:36:fe:35:5a:b5:34:9b:2d:db:4c:8f:fb:68:
69:7b:c3:7e:15:37:3d:66:1f:b5:3f:8b:7b:db:f9:
da:8b:93:f7:e0:aa:91:74:f8:99:25:87:df:5b:32:
03:24:5f:84:22:b8:f0:fc:a2:6f:f5:12:e2:13:15:
16:cf:b4:93:c0:d9:76:05:d3:32:79:df:35:91:23:
64:67:d6:5e:f4:7b:fd:52:1e:8c:19:73:dc:16:64:
38:5c:e9:c1:16:6a:44:09:ef:72:6a:76:4e:4f:62:
70:f4:98:99:12:8b:69:2e:44:05:27:b5:88:2d:cd:
a6:7b:16:a0:30:46:37:81:ba:8a:2c:f2:d4:38:e4:
8c:0f:8e:1b:11:4f:63:82:9d:d9:0d:0d:a4:03:a0:
08:ef:98:b7:65:1a:2a:61:ea:28:b2:7f:84:ba:ec:
ca:95:c2:2a:4c:39:e6:b0:97:49:64:ab:88:fe:24:
17:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:85:A0:3D:51:3C:05:8C:33:0B:E3:1B:B8:17:82:1C:62:53:0F:4F
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HYWgPVE8BYwzC-MbuBeCHGJTD08.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.205.176.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:e7:b1:a3:28:de:e1:23:2d:90:a9:ac:ac:88:a2:fe:b0:3d:
8b:88:d7:a9:c1:04:8f:bf:6c:79:de:45:17:1c:cf:19:cb:20:
c4:38:cf:42:63:2a:4a:f7:d4:15:a8:10:ab:a0:05:0d:ab:79:
af:32:f7:5f:e3:fe:e9:7b:4d:75:eb:28:95:b8:13:a8:3e:6a:
1d:0a:ff:46:45:6d:b1:08:55:50:0c:bf:a3:45:83:6c:dc:53:
fd:e2:01:2c:61:6a:4f:de:09:71:3a:d1:48:4c:a2:27:9d:ff:
8e:f6:f3:da:c2:59:c9:0d:bd:16:8c:6e:0f:64:84:97:bc:76:
6c:31:3a:2c:56:ba:bc:11:8c:b8:3f:15:f3:9f:d9:ab:cb:24:
ff:ff:9f:9a:18:48:30:50:0b:f9:56:bb:4b:14:fe:c1:0e:d5:
07:b0:a7:f3:c8:26:d4:28:7c:e9:10:5a:76:03:44:66:a1:5f:
9e:74:b3:15:1d:24:a0:13:44:8c:d0:35:b0:4d:0d:42:a4:35:
89:8b:ec:11:b3:f3:9c:73:75:7d:e9:71:7a:4c:e2:12:cd:e0:
29:8b:19:bc:73:eb:55:b7:de:48:b3:01:88:c4:56:d5:c2:55:
60:90:7e:24:90:54:0b:8a:25:33:20:e9:3b:c6:0e:0d:e0:d4:
da:5d:64:f9
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICE3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA5MDEw
OTI1MDBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFEODVBMDNENTEzQzA1
OEMzMzBCRTMxQkI4MTc4MjFDNjI1MzBGNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBKKasFPDnaFWp38nJmK1QljyAR8A8wFPCbORGD6q+u2LH70rN
5Z6HQjZUVAqoMvq2syJilxtTnMSR4SdU7ZfnDGTwdvaAghTw9KZwNv41WrU0my3b
TI/7aGl7w34VNz1mH7U/i3vb+dqLk/fgqpF0+Jklh99bMgMkX4QiuPD8om/1EuIT
FRbPtJPA2XYF0zJ53zWRI2Rn1l70e/1SHowZc9wWZDhc6cEWakQJ73Jqdk5PYnD0
mJkSi2kuRAUntYgtzaZ7FqAwRjeBuoos8tQ45IwPjhsRT2OCndkNDaQDoAjvmLdl
Giph6iiyf4S67MqVwipMOeawl0lkq4j+JBc5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHYWgPVE8BYwzC+MbuBeCHGJTD08wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSFlXZ1BWRThCWXd6Qy1NYnVCZUNI
R0pURDA4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHvNsDAN
BgkqhkiG9w0BAQsFAAOCAQEAC+exoyje4SMtkKmsrIii/rA9i4jXqcEEj79sed5F
FxzPGcsgxDjPQmMqSvfUFagQq6AFDat5rzL3X+P+6XtNdesolbgTqD5qHQr/RkVt
sQhVUAy/o0WDbNxT/eIBLGFqT94JcTrRSEyiJ53/jvbz2sJZyQ29FoxuD2SEl7x2
bDE6LFa6vBGMuD8V85/Zq8sk//+fmhhIMFAL+Va7SxT+wQ7VB7Cn88gm1Ch86RBa
dgNEZqFfnnSzFR0koBNEjNA1sE0NQqQ1iYvsEbPznHN1felxekziEs3gKYsZvHPr
VbfeSLMBiMRW1cJVYJB+JJBUC4olMyDpO8YODeDU2l1k+Q==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:17:09 2025 by rpki-client