Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/X6kO0-53KVPpxLdV2RFWT0NvUqY.roa
File: X6kO0-53KVPpxLdV2RFWT0NvUqY.roa (raw, json)
Hash identifier: qEPqUfOK0T7esvM031SiEkTW3r9+fdt0XrZ532yyZhE=
Subject key identifier: 5F:A9:0E:D3:EE:77:29:53:E9:C4:B7:55:D9:11:56:4F:43:6F:52:A6
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0C0F
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/X6kO0-53KVPpxLdV2RFWT0NvUqY.roa
Signing time: Sun 07 Feb 2021 06:49:15 +0000
ROA not before: Sun 07 Feb 2021 06:49:15 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 220.228.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3087 (0xc0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 06:49:15 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=5FA90ED3EE772953E9C4B755D911564F436F52A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:14:81:08:a4:24:35:ab:59:8a:93:d5:43:f5:
29:e4:78:f1:51:68:82:97:0b:1c:1d:fd:f9:1a:62:
63:c5:8e:e9:58:9a:9a:37:21:64:00:54:64:b2:e8:
d0:39:f1:fe:68:69:ce:90:b7:ed:84:87:4a:a7:e6:
81:ee:12:8e:f2:1c:fa:39:e4:91:04:01:33:f5:42:
a5:31:85:58:91:a7:16:7c:56:ae:d0:8d:18:48:6b:
86:a1:01:d8:03:a7:b0:ed:2a:9c:12:6c:92:60:65:
b4:1b:d9:95:2e:61:c6:33:0b:24:29:33:b9:f9:ac:
27:8b:3b:0c:bc:21:9e:99:d1:7a:4a:45:c0:55:68:
c4:1e:34:f6:38:ef:c7:e0:9b:44:11:5b:97:a5:11:
ab:36:15:ea:5e:04:bc:81:a4:c6:d6:cb:1b:17:82:
77:d7:b9:a0:20:2f:91:9e:36:b9:70:8b:9a:88:5c:
e0:0a:56:13:f8:f8:31:9c:9e:bb:ac:86:f0:5e:9e:
79:5a:23:59:9e:f9:29:24:70:7a:c1:33:cb:c3:f5:
0c:27:45:d0:b7:e4:16:ff:c9:b5:5b:c0:af:c7:13:
c4:ef:19:72:2a:83:83:33:9f:a9:14:04:4b:37:46:
6f:ad:33:92:e4:34:19:86:d7:bc:8f:a2:57:b2:d0:
73:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A9:0E:D3:EE:77:29:53:E9:C4:B7:55:D9:11:56:4F:43:6F:52:A6
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/X6kO0-53KVPpxLdV2RFWT0NvUqY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.228.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:21:d2:44:9d:9d:64:b2:04:6d:77:ee:1a:46:b9:9c:ef:77:
e0:f8:4e:58:52:ba:fa:5b:f6:57:ae:5a:f9:4e:f8:fe:ba:14:
d5:bc:59:df:9b:12:f5:ca:a0:f6:7f:6f:5d:0e:cd:8c:6a:ed:
fb:84:80:76:dd:c1:14:67:53:1c:fe:ea:e5:74:7e:f0:5f:a1:
7a:4b:ce:ba:0a:83:3b:f9:ab:bd:ba:1f:fd:19:2e:35:0b:88:
5e:61:33:aa:b5:e1:37:16:a5:5c:3e:b1:ae:c6:56:bb:2b:cd:
95:0c:36:d8:28:8c:3e:3b:c0:47:00:11:6f:84:21:ca:28:69:
df:31:41:27:b8:03:3e:a0:cd:4e:1e:6c:93:e3:b9:09:62:ca:
b9:2e:e7:d1:ee:48:45:3f:1f:bb:84:a7:59:7b:20:04:d4:74:
02:47:31:84:2f:db:1f:7e:17:4f:88:00:72:91:d1:ff:66:fc:
02:8f:e8:fb:ee:2c:89:b7:84:49:65:a9:04:53:69:e4:33:cb:
47:1c:00:f6:a8:96:44:a7:f2:22:8f:bc:2b:77:a2:09:6a:d7:
2c:0c:9e:03:f4:e5:92:b2:5f:52:33:24:39:e6:3f:8b:37:11:
32:1e:41:b9:8e:2c:fc:a5:c9:7d:3e:1b:bb:75:69:e1:07:42:
9c:1d:db:eb
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDA8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcw
NjQ5MTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDVGQTkwRUQzRUU3NzI5
NTNFOUM0Qjc1NUQ5MTE1NjRGNDM2RjUyQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+FIEIpCQ1q1mKk9VD9SnkePFRaIKXCxwd/fkaYmPFjulYmpo3
IWQAVGSy6NA58f5oac6Qt+2Eh0qn5oHuEo7yHPo55JEEATP1QqUxhViRpxZ8Vq7Q
jRhIa4ahAdgDp7DtKpwSbJJgZbQb2ZUuYcYzCyQpM7n5rCeLOwy8IZ6Z0XpKRcBV
aMQeNPY478fgm0QRW5elEas2FepeBLyBpMbWyxsXgnfXuaAgL5GeNrlwi5qIXOAK
VhP4+DGcnrushvBennlaI1me+SkkcHrBM8vD9QwnRdC35Bb/ybVbwK/HE8TvGXIq
g4Mzn6kUBEs3Rm+tM5LkNBmG17yPoley0HNHAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUX6kO0+53KVPpxLdV2RFWT0NvUqYwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWDZrTzAtNTNLVlBweExkVjJSRldU
ME52VXFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANzkMA0G
CSqGSIb3DQEBCwUAA4IBAQAyIdJEnZ1ksgRtd+4aRrmc73fg+E5YUrr6W/ZXrlr5
Tvj+uhTVvFnfmxL1yqD2f29dDs2Mau37hIB23cEUZ1Mc/urldH7wX6F6S866CoM7
+au9uh/9GS41C4heYTOqteE3FqVcPrGuxla7K82VDDbYKIw+O8BHABFvhCHKKGnf
MUEnuAM+oM1OHmyT47kJYsq5LufR7khFPx+7hKdZeyAE1HQCRzGEL9sffhdPiABy
kdH/ZvwCj+j77iyJt4RJZakEU2nkM8tHHAD2qJZEp/Iij7wrd6IJatcsDJ4D9OWS
sl9SMyQ55j+LNxEyHkG5jiz8pcl9Phu7dWnhB0KcHdvr
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:36:19 2025 by rpki-client