Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/JUT10zckluYa5HjFD0isx2DbH60.roa
File: JUT10zckluYa5HjFD0isx2DbH60.roa (raw, json)
Hash identifier: 4H9A02bRYdAM7F5E357ZB2kGnVBJ0mFDxjq2g8kFwQo=
Subject key identifier: 25:44:F5:D3:37:24:96:E6:1A:E4:78:C5:0F:48:AC:C7:60:DB:1F:AD
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10F6
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/JUT10zckluYa5HjFD0isx2DbH60.roa
Signing time: Wed 01 Feb 2023 10:29:17 +0000
ROA not before: Wed 01 Feb 2023 10:29:17 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 106.107.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4342 (0x10f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:17 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2544F5D3372496E61AE478C50F48ACC760DB1FAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fa:ee:27:02:58:a5:08:ba:b7:7e:ba:bd:03:
a7:0f:a0:99:8b:be:d1:c9:d7:ef:54:91:f4:8a:f1:
32:ed:a1:79:b9:6d:1c:43:f7:10:bb:3c:9a:a8:cd:
d0:12:3a:c2:ed:c3:66:b7:92:23:16:4d:d8:33:6f:
e7:21:a7:2a:35:4a:79:76:28:24:f1:a5:86:ba:e4:
43:44:a0:08:7a:51:1c:30:18:f5:90:ae:6b:0d:ed:
92:ee:a1:79:df:d8:39:27:c2:4f:49:dc:6f:fe:a3:
42:e4:3c:95:d5:f3:77:eb:ef:61:50:ec:9f:3f:a9:
c2:69:92:38:e8:fc:25:45:77:c8:8d:36:4d:23:e9:
28:22:c2:d2:af:86:f9:56:d9:9d:1a:25:46:1f:75:
bd:b2:93:11:de:cd:7f:d4:9c:16:c3:88:27:e8:84:
ef:99:f9:4b:ef:6d:00:b5:42:bf:89:82:b1:48:bc:
3a:ad:e8:ca:59:23:80:5a:3c:5f:bf:63:54:17:6b:
3d:e8:88:f1:ce:c7:44:8d:44:18:a1:f9:ab:fd:10:
27:eb:9c:c1:c5:ed:a7:96:91:62:e2:40:a2:bc:b6:
c1:6a:b8:be:98:4e:62:a5:b0:36:4a:e3:86:69:b8:
c7:7a:76:ea:7b:8a:b7:a6:6c:ca:40:9a:2d:37:48:
9f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:44:F5:D3:37:24:96:E6:1A:E4:78:C5:0F:48:AC:C7:60:DB:1F:AD
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/JUT10zckluYa5HjFD0isx2DbH60.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.107.176.0/20
Signature Algorithm: sha256WithRSAEncryption
3a:d6:35:1e:a4:ba:82:31:ae:18:89:42:f8:c1:79:6a:dd:78:
26:97:b1:e2:5b:1d:af:a1:92:cc:d0:93:00:49:3d:17:0e:d0:
ea:31:2e:d9:4f:61:e5:58:12:97:ea:a8:36:e5:c6:92:5f:7b:
b6:79:aa:96:0a:3f:33:f9:c6:04:40:88:af:40:50:61:06:a3:
ef:cb:73:ac:af:cc:c8:75:5b:6d:24:03:a5:f0:07:2c:8e:df:
9b:9b:00:cf:da:46:4e:9e:4e:f2:c0:6a:d4:a6:7b:a7:29:c0:
cc:c1:a8:7d:a8:63:16:5c:d5:0c:af:bf:fc:cd:0f:f3:5d:07:
01:fe:cf:8b:14:4d:c3:8f:ea:76:6f:ca:fe:1b:ba:65:8c:47:
aa:53:6b:11:97:df:a9:81:42:b2:56:d7:4a:34:1e:93:e6:16:
55:8b:76:65:50:58:d8:b5:33:04:92:ed:7f:8a:09:a9:f5:9b:
88:45:42:04:6c:fa:7d:4e:22:1c:63:d6:18:e9:e3:b4:19:26:
e3:1f:b3:5f:88:36:03:85:01:c2:ed:d2:3d:56:a0:d4:43:ef:
d6:db:58:39:5c:3a:38:46:44:0d:ef:af:9e:ae:3f:a9:8d:76:
d0:3b:f7:2d:19:f7:f4:0b:ef:57:6e:17:d4:63:cf:d7:d8:8d:
de:84:16:82
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEPYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDI1NDRGNUQzMzcyNDk2
RTYxQUU0NzhDNTBGNDhBQ0M3NjBEQjFGQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF+u4nAlilCLq3frq9A6cPoJmLvtHJ1+9UkfSK8TLtoXm5bRxD
9xC7PJqozdASOsLtw2a3kiMWTdgzb+chpyo1Snl2KCTxpYa65ENEoAh6URwwGPWQ
rmsN7ZLuoXnf2Dknwk9J3G/+o0LkPJXV83fr72FQ7J8/qcJpkjjo/CVFd8iNNk0j
6SgiwtKvhvlW2Z0aJUYfdb2ykxHezX/UnBbDiCfohO+Z+UvvbQC1Qr+JgrFIvDqt
6MpZI4BaPF+/Y1QXaz3oiPHOx0SNRBih+av9ECfrnMHF7aeWkWLiQKK8tsFquL6Y
TmKlsDZK44ZpuMd6dup7irembMpAmi03SJ8nAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUJUT10zckluYa5HjFD0isx2DbH60wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSlVUMTB6Y2tsdVlhNUhqRkQwaXN4
MkRiSDYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGprsDAN
BgkqhkiG9w0BAQsFAAOCAQEAOtY1HqS6gjGuGIlC+MF5at14Jpex4lsdr6GSzNCT
AEk9Fw7Q6jEu2U9h5VgSl+qoNuXGkl97tnmqlgo/M/nGBECIr0BQYQaj78tzrK/M
yHVbbSQDpfAHLI7fm5sAz9pGTp5O8sBq1KZ7pynAzMGofahjFlzVDK+//M0P810H
Af7PixRNw4/qdm/K/hu6ZYxHqlNrEZffqYFCslbXSjQek+YWVYt2ZVBY2LUzBJLt
f4oJqfWbiEVCBGz6fU4iHGPWGOnjtBkm4x+zX4g2A4UBwu3SPVag1EPv1ttYOVw6
OEZEDe+vnq4/qY120Dv3LRn39AvvV24X1GPP19iN3oQWgg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:20:08 2025 by rpki-client