Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/ZjYnUHcKPKao072szqxH9GjnPBs.roa
File: ZjYnUHcKPKao072szqxH9GjnPBs.roa (raw, json)
Hash identifier: iRfyfYHZd293fyJUkdAnbrWP+SapovPL6YKVL4+0X3Y=
Subject key identifier: 66:36:27:50:77:0A:3C:A6:A8:D3:BD:AC:CE:AC:47:F4:68:E7:3C:1B
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10DE
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/ZjYnUHcKPKao072szqxH9GjnPBs.roa
Signing time: Wed 01 Feb 2023 10:29:08 +0000
ROA not before: Wed 01 Feb 2023 10:29:08 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 122.147.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4318 (0x10de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:08 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=66362750770A3CA6A8D3BDACCEAC47F468E73C1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b6:0d:31:4d:5e:c7:79:cc:66:d6:1e:48:26:
be:8d:ca:17:37:57:dd:da:3e:2b:6d:b6:57:95:5e:
8c:9c:ce:96:9f:aa:e1:bf:5c:e0:0e:5b:af:bd:be:
1b:fc:03:bc:de:cd:ea:e5:20:b1:a0:f3:70:9f:11:
f6:1c:1e:96:7d:85:78:8d:4b:74:40:ac:52:ef:98:
ad:b1:e5:5a:32:78:0f:27:aa:ff:1b:0a:a0:31:cb:
98:f9:8f:7e:3d:4b:f0:f4:e5:f4:29:8d:ce:4b:d8:
d6:54:d0:92:4e:db:8d:04:78:b9:02:d3:b9:cd:bd:
f8:03:77:6a:0f:61:99:e5:af:45:3c:9f:48:f1:df:
6b:e3:37:c0:4d:bd:66:45:50:80:89:fe:53:a1:c0:
45:8d:1d:c1:88:9c:e6:f4:fc:95:53:b5:09:8b:1c:
d3:08:4d:4e:cb:86:f3:08:61:4b:9c:5e:b6:e6:90:
c1:e3:bc:aa:dc:33:db:56:51:67:45:f8:a1:88:46:
39:ef:df:5b:36:0f:00:04:9e:56:e6:9a:7c:42:45:
32:38:74:cd:17:a8:82:02:bc:a7:08:87:ae:aa:f4:
43:3a:6e:ad:f4:c5:93:1f:21:0c:9d:08:de:86:47:
93:a3:78:88:eb:f2:b7:4c:93:71:94:c6:75:5a:38:
b8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:36:27:50:77:0A:3C:A6:A8:D3:BD:AC:CE:AC:47:F4:68:E7:3C:1B
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/ZjYnUHcKPKao072szqxH9GjnPBs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9e:b0:05:6c:ad:5c:9c:c0:f3:6f:53:5c:de:f1:ec:48:bd:d3:
38:2b:29:5c:19:3f:73:cc:69:0f:bc:24:e7:cf:f6:ff:c9:fa:
66:fc:0d:de:02:04:1f:49:d2:4b:14:4d:ce:a6:f4:4a:0a:4c:
1a:18:cb:a5:96:e8:30:8b:f4:eb:15:26:db:67:8e:05:f9:3d:
3c:78:ed:ad:a3:d2:1a:1c:52:13:a7:97:9e:04:65:3c:2f:33:
12:fc:9a:01:2c:67:ae:cd:f6:e8:2f:e9:5c:50:ad:38:35:ef:
fa:50:ac:72:af:6a:86:13:1a:9b:51:62:d2:95:0b:22:15:dc:
c2:ab:64:2b:c9:5c:72:6a:06:7c:9a:38:c8:d3:67:3d:7b:ce:
b4:65:61:92:20:96:d8:51:69:4b:9e:44:9d:a2:e4:cd:dc:c3:
56:b4:36:fa:49:f4:37:5f:b8:f8:b1:86:00:23:43:6a:c7:f5:
16:1f:f0:47:68:3f:a4:3b:7d:94:72:b1:4d:97:5f:40:c8:42:
59:13:39:fc:29:bb:8e:a2:1e:98:81:8c:28:6d:b6:7a:e0:09:
eb:c6:20:41:18:2b:84:dc:63:80:46:cc:e7:4d:3a:7f:93:a7:
09:5b:33:25:56:38:08:2b:d6:3f:20:3e:9d:aa:72:bc:0b:51:
79:e4:14:7b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY2MzYyNzUwNzcwQTND
QTZBOEQzQkRBQ0NFQUM0N0Y0NjhFNzNDMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOtg0xTV7Hecxm1h5IJr6Nyhc3V93aPitttleVXoyczpafquG/
XOAOW6+9vhv8A7zezerlILGg83CfEfYcHpZ9hXiNS3RArFLvmK2x5VoyeA8nqv8b
CqAxy5j5j349S/D05fQpjc5L2NZU0JJO240EeLkC07nNvfgDd2oPYZnlr0U8n0jx
32vjN8BNvWZFUICJ/lOhwEWNHcGInOb0/JVTtQmLHNMITU7LhvMIYUucXrbmkMHj
vKrcM9tWUWdF+KGIRjnv31s2DwAEnlbmmnxCRTI4dM0XqIICvKcIh66q9EM6bq30
xZMfIQydCN6GR5OjeIjr8rdMk3GUxnVaOLhzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZjYnUHcKPKao072szqxH9GjnPBswHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWmpZblVIY0tQS2FvMDcyc3pxeEg5
R2puUEJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3qTgDAN
BgkqhkiG9w0BAQsFAAOCAQEAnrAFbK1cnMDzb1Nc3vHsSL3TOCspXBk/c8xpD7wk
58/2/8n6ZvwN3gIEH0nSSxRNzqb0SgpMGhjLpZboMIv06xUm22eOBfk9PHjtraPS
GhxSE6eXngRlPC8zEvyaASxnrs326C/pXFCtODXv+lCscq9qhhMam1Fi0pULIhXc
wqtkK8lccmoGfJo4yNNnPXvOtGVhkiCW2FFpS55EnaLkzdzDVrQ2+kn0N1+4+LGG
ACNDasf1Fh/wR2g/pDt9lHKxTZdfQMhCWRM5/Cm7jqIemIGMKG22euAJ68YgQRgr
hNxjgEbM5006f5OnCVszJVY4CCvWPyA+napyvAtReeQUew==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:37:45 2025 by rpki-client