Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/NZHj7EjIt0cvOj287olrWjMnR34.roa
File: NZHj7EjIt0cvOj287olrWjMnR34.roa (raw, json)
Hash identifier: kgndFvdbXKAN8QDTQxamYGW/QMS8eCB5lEvk9mQRDVg=
Subject key identifier: 35:91:E3:EC:48:C8:B7:47:2F:3A:3D:BC:EE:89:6B:5A:33:27:47:7E
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1166
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NZHj7EjIt0cvOj287olrWjMnR34.roa
Signing time: Fri 07 Apr 2023 00:51:15 +0000
ROA not before: Fri 07 Apr 2023 00:51:15 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131602
IP address blocks: 60.245.96.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4454 (0x1166)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Apr 7 00:51:15 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3591E3EC48C8B7472F3A3DBCEE896B5A3327477E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:f0:39:75:b9:31:0c:27:a5:fa:6f:8f:76:
87:87:77:a9:61:c0:52:bd:42:1f:a5:8b:cb:61:05:
ff:f3:bb:d0:9e:be:47:ae:d8:4e:3c:a0:c8:52:6b:
94:cd:8e:d5:e5:95:b2:ad:30:3d:3b:9a:f6:9d:49:
de:fb:e5:7a:d1:a0:74:33:97:85:e0:57:b0:d0:24:
df:cb:6d:d7:73:79:57:9f:b3:6c:14:79:4f:ec:b1:
ba:e4:57:2f:fa:8a:1f:f7:17:05:54:b9:0a:76:4e:
cb:b7:13:2a:2c:c2:f2:d6:70:90:4c:bb:d2:af:0d:
cb:e7:9c:a8:e1:af:31:6f:05:e6:84:1c:cd:ce:74:
5d:da:c0:86:e0:fd:b7:1e:32:53:c0:df:b6:6f:e3:
15:b4:96:68:62:e6:ff:88:3d:63:7e:e1:e3:19:eb:
31:56:73:0e:0e:82:f3:7f:30:4e:5f:75:76:91:ab:
78:8d:25:89:e2:67:0e:25:2b:5a:30:bd:ee:48:eb:
f2:73:36:97:7e:7c:5a:cf:94:ea:80:e1:74:61:ad:
36:1b:f9:95:50:51:9a:d7:9f:46:ff:72:23:f5:4c:
fc:33:14:03:49:dd:7c:ea:4e:c7:78:50:32:cf:e2:
58:6f:cc:a5:83:8a:82:e2:3c:53:1b:72:1d:0f:bc:
ac:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:91:E3:EC:48:C8:B7:47:2F:3A:3D:BC:EE:89:6B:5A:33:27:47:7E
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NZHj7EjIt0cvOj287olrWjMnR34.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.245.96.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:9a:fb:c5:24:e4:9f:cf:59:e8:69:28:e5:4a:0d:95:2d:97:
b8:9f:d3:2a:64:e4:12:50:50:8a:1e:e8:91:3b:bf:ca:d6:e4:
1c:75:97:26:97:36:bb:fe:70:89:d9:23:cc:84:04:d3:41:78:
0b:6a:d8:83:fe:c0:6e:3d:ba:ba:d1:9e:8d:15:54:cb:cf:b1:
5f:97:51:e8:94:ad:98:04:ff:94:cf:1b:ec:0d:0a:00:d8:f3:
e1:e1:8f:e7:94:ac:b4:73:61:cd:6e:70:ed:38:a9:2d:91:b4:
4b:e9:cd:fa:1c:67:3f:81:5e:e5:1f:f5:05:4e:11:06:c7:6a:
1c:bb:85:87:16:3c:0a:f6:82:e7:c6:02:c9:cb:68:d9:9c:a3:
6d:81:61:cb:28:28:12:68:b4:3f:91:3d:06:08:9d:3b:e9:15:
94:bd:c5:34:42:d1:23:cb:4d:89:a4:1a:69:3f:e8:c3:19:29:
15:3f:bc:b4:a7:1c:2e:85:3e:0f:c6:8e:dc:3b:be:16:f7:3d:
09:4a:6a:85:db:ff:c9:d9:23:87:a5:57:b9:3a:06:5d:75:8c:
fd:76:06:72:4b:98:d0:93:19:36:f8:ae:8d:85:7b:90:91:29:
4e:12:f5:62:92:79:8f:8b:db:8f:2a:d6:c9:07:f5:1e:8a:8c:
4d:96:8b:78
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA0MDcw
MDUxMTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM1OTFFM0VDNDhDOEI3
NDcyRjNBM0RCQ0VFODk2QjVBMzMyNzQ3N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvH/A5dbkxDCel+m+PdoeHd6lhwFK9Qh+li8thBf/zu9Cevkeu
2E48oMhSa5TNjtXllbKtMD07mvadSd775XrRoHQzl4XgV7DQJN/LbddzeVefs2wU
eU/ssbrkVy/6ih/3FwVUuQp2Tsu3EyoswvLWcJBMu9KvDcvnnKjhrzFvBeaEHM3O
dF3awIbg/bceMlPA37Zv4xW0lmhi5v+IPWN+4eMZ6zFWcw4OgvN/ME5fdXaRq3iN
JYniZw4lK1owve5I6/JzNpd+fFrPlOqA4XRhrTYb+ZVQUZrXn0b/ciP1TPwzFANJ
3XzqTsd4UDLP4lhvzKWDioLiPFMbch0PvKxfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNZHj7EjIt0cvOj287olrWjMnR34wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTlpIajdFakl0MGN2T2oyODdvbHJX
ak1uUjM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBDz1YDAN
BgkqhkiG9w0BAQsFAAOCAQEAf5r7xSTkn89Z6Gko5UoNlS2XuJ/TKmTkElBQih7o
kTu/ytbkHHWXJpc2u/5widkjzIQE00F4C2rYg/7Abj26utGejRVUy8+xX5dR6JSt
mAT/lM8b7A0KANjz4eGP55SstHNhzW5w7TipLZG0S+nN+hxnP4Fe5R/1BU4RBsdq
HLuFhxY8CvaC58YCycto2ZyjbYFhyygoEmi0P5E9BgidO+kVlL3FNELRI8tNiaQa
aT/owxkpFT+8tKccLoU+D8aO3Du+Fvc9CUpqhdv/ydkjh6VXuToGXXWM/XYGckuY
0JMZNviujYV7kJEpThL1YpJ5j4vbjyrWyQf1HoqMTZaLeA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:36:18 2025 by rpki-client