Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/NGCfSAfX8ox6-qpxElrUPgj4XRM.roa
File: NGCfSAfX8ox6-qpxElrUPgj4XRM.roa (raw, json)
Hash identifier: sORDTE3jMft65C3oXgae5wxQPep1leQm46nxiKm8PE8=
Subject key identifier: 34:60:9F:48:07:D7:F2:8C:7A:FA:AA:71:12:5A:D4:3E:08:F8:5D:13
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0DA7
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NGCfSAfX8ox6-qpxElrUPgj4XRM.roa
Signing time: Fri 01 Sep 2023 09:24:22 +0000
ROA not before: Fri 01 Sep 2023 09:24:22 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 4780
IP address blocks: 192.72.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3495 (0xda7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Sep 1 09:24:22 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=34609F4807D7F28C7AFAAA71125AD43E08F85D13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c4:31:13:c9:68:17:48:e8:38:ea:2b:65:9b:
af:bf:cc:9e:8f:b5:ad:18:f4:88:bf:08:09:51:6d:
ad:5d:0d:42:87:d8:bf:bb:d7:7e:07:82:5c:ba:17:
54:ed:67:98:9c:e0:75:94:8a:86:ab:8e:c3:6c:6e:
fc:b3:7d:22:ac:d1:59:bc:d2:20:0a:a9:fe:8b:30:
1e:83:9d:33:e8:5c:42:c2:70:23:4e:ef:23:ee:78:
5c:55:17:18:e0:d8:12:14:2a:8d:cc:ef:1d:66:d6:
da:60:07:4a:30:58:01:ce:4c:28:28:56:49:a9:32:
e5:70:76:1b:90:73:64:bd:5a:0e:86:98:1d:b8:42:
13:76:c8:d6:c6:e9:f4:02:28:f6:74:97:a0:99:f2:
47:6f:cf:85:d0:0d:71:b4:e8:66:c4:b6:5a:b4:c3:
ad:09:a0:f6:c7:07:8d:61:cc:22:94:47:4c:ce:22:
f2:49:e9:ef:bf:81:85:7c:6b:7b:c5:11:74:0b:73:
c9:42:cb:4e:4b:2e:38:48:1e:d1:61:ec:ec:a9:ca:
9f:c1:13:ab:27:09:4f:37:24:74:40:61:03:03:b7:
ce:33:64:15:3a:5f:ea:f6:8c:77:8b:8a:79:73:69:
43:77:03:8d:ef:8c:e6:1c:1c:31:ed:3d:a1:87:28:
a5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:60:9F:48:07:D7:F2:8C:7A:FA:AA:71:12:5A:D4:3E:08:F8:5D:13
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NGCfSAfX8ox6-qpxElrUPgj4XRM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.16.0/20
Signature Algorithm: sha256WithRSAEncryption
95:8b:9d:06:9e:7d:a3:22:8c:0b:bc:cb:ad:f8:03:74:44:c1:
7a:3a:cb:4f:e4:bb:8e:39:72:41:e2:0f:99:08:65:cd:15:53:
f9:98:74:1e:47:41:81:c2:93:d9:54:c2:cb:b8:1b:b5:55:49:
69:21:d7:11:aa:e2:67:23:81:14:f8:21:c6:43:ce:a5:3f:db:
09:f0:8c:9f:57:d7:f4:42:0b:1d:26:46:2a:47:da:37:52:f4:
37:e5:3f:75:57:0e:37:34:fa:fb:ae:8b:28:f3:bd:1a:4b:52:
47:43:d2:4f:39:e5:58:2b:a1:0f:8d:c5:8b:8e:ad:97:c8:b1:
5e:23:14:d8:4a:7a:8d:88:19:4a:d3:73:a2:d8:85:d1:88:bd:
0a:d4:17:e6:97:18:7e:bb:f7:42:51:d4:f5:d2:04:9e:41:cd:
bc:ff:9e:3e:e0:85:45:f0:94:90:0c:1f:80:12:52:4d:8d:72:
61:56:90:b5:e8:96:47:bf:da:3d:a5:5f:72:d4:71:43:c8:26:
87:bc:61:b6:55:a2:2b:1d:e3:e1:bd:62:c3:9b:6a:a4:0e:51:
3f:fd:13:97:a7:70:5e:2d:40:61:91:22:c0:b5:30:cc:05:70:
bf:15:ff:24:3e:ba:a9:2b:09:56:b0:d2:98:0d:bb:fb:59:1c:
72:e8:38:94
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzA5MDEw
OTI0MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM0NjA5RjQ4MDdEN0Yy
OEM3QUZBQUE3MTEyNUFENDNFMDhGODVEMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlxDETyWgXSOg46itlm6+/zJ6Pta0Y9Ii/CAlRba1dDUKH2L+7
134Hgly6F1TtZ5ic4HWUioarjsNsbvyzfSKs0Vm80iAKqf6LMB6DnTPoXELCcCNO
7yPueFxVFxjg2BIUKo3M7x1m1tpgB0owWAHOTCgoVkmpMuVwdhuQc2S9Wg6GmB24
QhN2yNbG6fQCKPZ0l6CZ8kdvz4XQDXG06GbEtlq0w60JoPbHB41hzCKUR0zOIvJJ
6e+/gYV8a3vFEXQLc8lCy05LLjhIHtFh7Oypyp/BE6snCU83JHRAYQMDt84zZBU6
X+r2jHeLinlzaUN3A43vjOYcHDHtPaGHKKVfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNGCfSAfX8ox6+qpxElrUPgj4XRMwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTkdDZlNBZlg4b3g2LXFweEVsclVQ
Z2o0WFJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMBIEDAN
BgkqhkiG9w0BAQsFAAOCAQEAlYudBp59oyKMC7zLrfgDdETBejrLT+S7jjlyQeIP
mQhlzRVT+Zh0HkdBgcKT2VTCy7gbtVVJaSHXEariZyOBFPghxkPOpT/bCfCMn1fX
9EILHSZGKkfaN1L0N+U/dVcONzT6+66LKPO9GktSR0PSTznlWCuhD43Fi46tl8ix
XiMU2Ep6jYgZStNzotiF0Yi9CtQX5pcYfrv3QlHU9dIEnkHNvP+ePuCFRfCUkAwf
gBJSTY1yYVaQteiWR7/aPaVfctRxQ8gmh7xhtlWiKx3j4b1iw5tqpA5RP/0Tl6dw
Xi1AYZEiwLUwzAVwvxX/JD66qSsJVrDSmA27+1kccug4lA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:17:06 2025 by rpki-client