Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/gaAduYLDrAo3lgxS5cyUmXFdPU8.roa
File: gaAduYLDrAo3lgxS5cyUmXFdPU8.roa (raw, json)
Hash identifier: mdju9N/kP85WnYX6YnCzyKDY8dcRBzqEKbFtuPiUIMk=
Subject key identifier: 81:A0:1D:B9:82:C3:AC:0A:37:96:0C:52:E5:CC:94:99:71:5D:3D:4F
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10F4
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/gaAduYLDrAo3lgxS5cyUmXFdPU8.roa
Signing time: Wed 01 Feb 2023 10:29:16 +0000
ROA not before: Wed 01 Feb 2023 10:29:16 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 106.105.0.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4340 (0x10f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:16 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=81A01DB982C3AC0A37960C52E5CC9499715D3D4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:00:80:ba:df:47:2a:59:bc:f1:ae:1d:1d:29:
76:b3:ec:ab:d9:43:ef:20:89:ab:b4:5a:87:94:e2:
bd:39:99:e3:c7:7b:8b:19:5d:4f:cc:c9:b4:27:c6:
81:0f:51:f1:12:0a:dc:40:cb:88:bf:78:7b:4f:5a:
96:c1:42:d6:01:7a:99:53:3c:e2:4a:f2:14:a3:80:
8c:26:d0:3d:b9:74:60:79:55:13:dd:d0:52:36:2e:
83:c3:51:f5:67:ad:e7:7a:c3:8b:e3:ec:5f:db:39:
51:20:84:38:b7:43:a4:d8:8d:cc:25:01:8d:b3:99:
b6:f8:9b:0a:2c:c1:5c:95:b2:57:39:fd:63:58:0c:
e5:ab:ec:82:f5:d3:23:65:1d:c3:de:72:a1:80:2a:
fb:d8:03:59:5c:80:c5:1d:3e:b8:37:a3:4b:72:97:
d3:99:df:22:32:70:d3:7c:a3:4f:03:44:0b:73:34:
9b:fa:3d:3e:4c:b6:f3:f8:54:80:59:79:d2:60:4f:
d2:10:8a:ce:7c:37:a4:77:86:a5:7a:0f:1d:06:f9:
42:6a:90:c7:bf:a2:da:39:46:a3:ad:67:bc:42:ac:
98:ac:1c:d5:4b:f5:8c:0d:1b:fe:3e:dc:23:56:c2:
59:4d:00:85:8d:59:ca:c2:75:d9:f2:3a:5d:33:e4:
09:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A0:1D:B9:82:C3:AC:0A:37:96:0C:52:E5:CC:94:99:71:5D:3D:4F
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/gaAduYLDrAo3lgxS5cyUmXFdPU8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.0.0/21
Signature Algorithm: sha256WithRSAEncryption
48:0f:0e:2c:2d:51:fc:a1:2a:51:04:c7:3a:38:0b:2d:3b:7f:
54:c0:c1:d5:52:75:75:cf:11:a6:13:3c:bf:2d:be:99:f3:09:
a8:08:66:fd:59:55:19:5d:59:1a:56:f2:15:70:11:97:85:9f:
a6:21:b1:36:e9:0a:70:72:3f:cb:8e:dd:30:5b:d7:4f:5f:16:
e4:53:53:68:f6:35:68:3f:b2:16:2b:22:f9:75:76:59:2f:88:
72:8e:5f:ca:90:ee:f4:18:bb:07:b0:cd:b2:a9:47:d3:6f:bf:
ec:9d:be:0b:c3:63:71:23:c6:9c:b0:92:f5:08:28:f7:bc:54:
83:3a:70:25:d1:77:49:16:5b:30:01:b5:6d:96:88:d7:ec:f7:
e5:e9:15:e1:65:e6:53:18:66:d6:81:3d:89:aa:46:4e:5f:4a:
2f:96:6b:e5:f8:06:08:bd:43:4c:8e:53:a6:50:cc:4b:2a:03:
a7:81:ae:3b:cf:15:54:25:4a:64:6f:01:86:c6:cd:b9:30:0b:
8b:1e:3b:e5:9a:de:44:f6:1d:0a:20:14:da:ff:b5:d5:f4:1e:
1e:78:5e:05:d6:f4:d4:15:15:bb:1d:61:d0:a5:81:b9:7f:c6:
9e:3c:8b:2f:9d:6c:1a:72:03:56:31:c8:13:0a:db:35:53:bf:
04:13:e8:c2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEPQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDgxQTAxREI5ODJDM0FD
MEEzNzk2MEM1MkU1Q0M5NDk5NzE1RDNENEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5AIC630cqWbzxrh0dKXaz7KvZQ+8giau0WoeU4r05mePHe4sZ
XU/MybQnxoEPUfESCtxAy4i/eHtPWpbBQtYBeplTPOJK8hSjgIwm0D25dGB5VRPd
0FI2LoPDUfVnred6w4vj7F/bOVEghDi3Q6TYjcwlAY2zmbb4mwoswVyVslc5/WNY
DOWr7IL10yNlHcPecqGAKvvYA1lcgMUdPrg3o0tyl9OZ3yIycNN8o08DRAtzNJv6
PT5MtvP4VIBZedJgT9IQis58N6R3hqV6Dx0G+UJqkMe/oto5RqOtZ7xCrJisHNVL
9YwNG/4+3CNWwllNAIWNWcrCddnyOl0z5AlRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUgaAduYLDrAo3lgxS5cyUmXFdPU8wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvZ2FBZHVZTERyQW8zbGd4UzVjeVVt
WEZkUFU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2ppADAN
BgkqhkiG9w0BAQsFAAOCAQEASA8OLC1R/KEqUQTHOjgLLTt/VMDB1VJ1dc8RphM8
vy2+mfMJqAhm/VlVGV1ZGlbyFXARl4WfpiGxNukKcHI/y47dMFvXT18W5FNTaPY1
aD+yFisi+XV2WS+Ico5fypDu9Bi7B7DNsqlH02+/7J2+C8NjcSPGnLCS9Qgo97xU
gzpwJdF3SRZbMAG1bZaI1+z35ekV4WXmUxhm1oE9iapGTl9KL5Zr5fgGCL1DTI5T
plDMSyoDp4GuO88VVCVKZG8BhsbNuTALix475ZreRPYdCiAU2v+11fQeHnheBdb0
1BUVux1h0KWBuX/GnjyLL51sGnIDVjHIEwrbNVO/BBPowg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:33:32 2025 by rpki-client