Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/HrgOmxldQuJOgW89-TL2R5RqV7s.roa
File: HrgOmxldQuJOgW89-TL2R5RqV7s.roa (raw, json)
Hash identifier: 4vFljPXmLk5xXdoSdHT//ngKLYw4WDTXq3BjTff970M=
Subject key identifier: 1E:B8:0E:9B:19:5D:42:E2:4E:81:6F:3D:F9:32:F6:47:94:6A:57:BB
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 111C
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HrgOmxldQuJOgW89-TL2R5RqV7s.roa
Signing time: Wed 01 Feb 2023 10:29:28 +0000
ROA not before: Wed 01 Feb 2023 10:29:28 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 220.228.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4380 (0x111c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:28 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1EB80E9B195D42E24E816F3DF932F647946A57BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:83:cd:1a:5c:3d:ab:e0:ea:36:e3:d1:da:de:
b7:51:1b:a3:7f:5f:b7:55:a6:1f:c8:2f:77:50:6a:
cd:3e:50:2e:ec:76:32:d8:e3:ea:dc:f4:0b:91:c0:
7e:0a:09:ca:4a:f1:b4:47:35:8d:5e:4b:1f:48:32:
72:05:a9:81:58:66:6e:b9:21:4e:4f:82:35:c2:cf:
f2:ed:ab:a8:b7:01:dc:56:fe:cd:35:9d:d4:3b:b8:
8f:03:2b:91:a0:80:d7:b8:21:3a:0f:96:17:23:48:
64:67:b1:6e:d6:b7:71:c9:11:0d:c4:36:df:41:a9:
da:44:8f:d0:1d:1d:cb:1c:7d:e5:d0:36:0c:f4:55:
f8:18:1f:c4:e1:a0:35:1f:87:5b:53:e7:81:d6:2d:
d5:b0:e4:36:8e:15:3f:7b:6d:e0:16:be:27:ce:5d:
96:08:3b:7e:81:e3:58:bc:e9:5e:ad:61:a5:26:05:
63:8a:98:f3:86:0f:cb:32:6c:45:f5:13:32:cf:ff:
61:f0:e3:d5:40:0a:28:8a:13:bd:e7:84:20:14:f1:
fb:63:2f:9f:5d:41:f9:d4:11:ac:1e:e1:5e:17:46:
d6:79:f6:7f:4f:66:9c:63:7b:6d:0a:6d:8a:ad:dd:
8a:64:aa:ee:a1:e0:25:0d:65:c8:24:21:aa:86:01:
ca:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B8:0E:9B:19:5D:42:E2:4E:81:6F:3D:F9:32:F6:47:94:6A:57:BB
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HrgOmxldQuJOgW89-TL2R5RqV7s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.228.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:c3:c1:26:d5:7c:25:91:43:a9:a8:11:07:bf:db:75:5f:98:
0e:18:fa:f5:09:69:c4:d5:6c:45:19:dc:b3:8b:d9:a1:16:5b:
20:1a:bf:0a:91:96:09:7b:46:47:e4:19:b5:c7:ac:ce:22:c4:
97:6a:8b:c0:7b:65:67:31:e0:35:c9:94:12:a7:c2:f2:31:87:
b6:73:37:61:7d:49:98:2c:23:ad:12:8d:b6:bb:65:a7:8d:f7:
88:eb:ad:15:50:1d:8f:6e:27:65:8c:91:08:5c:ac:39:cc:ad:
81:ac:10:70:66:60:f9:6b:8f:93:c9:45:c4:e4:be:05:a7:27:
00:f3:80:08:8b:66:de:cf:cb:e4:51:eb:6f:71:5a:b6:59:b2:
5d:e5:fb:ee:75:6a:6c:4c:73:0c:73:c1:8c:02:ff:b4:a6:29:
54:1e:93:54:16:b6:3d:3b:94:c3:fe:09:3a:31:c7:f4:ad:6e:
c6:e1:bd:70:fe:b4:6b:54:08:7f:bd:72:a6:89:f9:97:7b:7e:
72:4d:34:31:f1:7b:f3:64:09:6d:48:74:b9:49:8e:42:1c:e4:
c8:fa:b7:b1:92:e9:f1:e2:e7:5a:96:fc:24:19:44:6b:1a:25:
db:0b:50:3d:b3:91:5c:58:1b:6c:2b:a4:d9:15:3b:21:05:91:
b6:7f:3f:a3
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICERwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFFQjgwRTlCMTk1RDQy
RTI0RTgxNkYzREY5MzJGNjQ3OTQ2QTU3QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCog80aXD2r4Oo249Ha3rdRG6N/X7dVph/IL3dQas0+UC7sdjLY
4+rc9AuRwH4KCcpK8bRHNY1eSx9IMnIFqYFYZm65IU5PgjXCz/Ltq6i3AdxW/s01
ndQ7uI8DK5GggNe4IToPlhcjSGRnsW7Wt3HJEQ3ENt9BqdpEj9AdHcscfeXQNgz0
VfgYH8ThoDUfh1tT54HWLdWw5DaOFT97beAWvifOXZYIO36B41i86V6tYaUmBWOK
mPOGD8sybEX1EzLP/2Hw49VACiiKE73nhCAU8ftjL59dQfnUEawe4V4XRtZ59n9P
Zpxje20KbYqt3Ypkqu6h4CUNZcgkIaqGAcohAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUHrgOmxldQuJOgW89+TL2R5RqV7swHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSHJnT214bGRRdUpPZ1c4OS1UTDJS
NVJxVjdzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANzkMA0G
CSqGSIb3DQEBCwUAA4IBAQARw8Em1XwlkUOpqBEHv9t1X5gOGPr1CWnE1WxFGdyz
i9mhFlsgGr8KkZYJe0ZH5Bm1x6zOIsSXaovAe2VnMeA1yZQSp8LyMYe2czdhfUmY
LCOtEo22u2WnjfeI660VUB2PbidljJEIXKw5zK2BrBBwZmD5a4+TyUXE5L4FpycA
84AIi2bez8vkUetvcVq2WbJd5fvudWpsTHMMc8GMAv+0pilUHpNUFrY9O5TD/gk6
Mcf0rW7G4b1w/rRrVAh/vXKmifmXe35yTTQx8XvzZAltSHS5SY5CHOTI+rexkunx
4udalvwkGURrGiXbC1A9s5FcWBtsK6TZFTshBZG2fz+j
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:22:58 2025 by rpki-client