Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/gbcX5Nge7N7WUagm4OFmOBQJ6Ow.roa
File: gbcX5Nge7N7WUagm4OFmOBQJ6Ow.roa (raw, json)
Hash identifier: ooIwjk0hcEhdy8QNRLpnMcNkn2+LvZ93jErw+jklMho=
Subject key identifier: 81:B7:17:E4:D8:1E:EC:DE:D6:51:A8:26:E0:E1:66:38:14:09:E8:EC
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1162
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/gbcX5Nge7N7WUagm4OFmOBQJ6Ow.roa
Signing time: Fri 07 Apr 2023 00:49:26 +0000
ROA not before: Fri 07 Apr 2023 00:49:26 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131602
IP address blocks: 220.229.66.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4450 (0x1162)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Apr 7 00:49:26 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=81B717E4D81EECDED651A826E0E166381409E8EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:28:76:ec:d0:8c:ac:6e:d7:fe:24:b4:55:a6:
b9:7c:14:82:cb:00:d5:11:50:14:d1:ef:65:80:2a:
7a:11:27:a7:9c:d8:0c:9a:63:e9:df:f5:fc:48:db:
ad:65:e1:05:a9:ca:d5:04:61:a5:cd:94:6a:73:ca:
76:4b:26:35:96:9b:e6:0b:e4:8f:80:0e:22:77:b0:
33:68:93:86:62:06:34:37:ba:4e:50:75:27:5e:f1:
f6:db:0c:84:67:9d:f0:93:e3:10:bc:04:d7:eb:b0:
dc:f1:24:5f:7e:51:c7:17:60:a1:60:57:6d:40:c7:
d8:2d:a7:54:0d:82:50:ea:87:17:b4:3b:90:33:37:
3f:e1:fa:f2:c1:9d:5e:6d:ce:1d:3d:48:c2:fc:bb:
d6:1a:74:d4:68:2f:d9:f6:d3:d8:e2:77:b8:91:2a:
88:a6:a0:21:24:1c:ee:84:52:9c:63:c2:3f:5a:ea:
73:32:2a:13:c4:a5:7d:c8:e1:25:47:6d:22:a2:3f:
2a:56:b0:f0:3d:4d:d6:05:5d:f3:1e:af:0b:41:be:
0a:0e:69:5d:a9:b1:01:6a:d3:11:f4:20:88:ef:03:
63:33:24:3f:00:4a:55:f1:bd:e4:08:df:02:f5:51:
b7:53:f8:fa:b0:43:9c:2e:f5:34:4e:cb:ef:99:78:
ec:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B7:17:E4:D8:1E:EC:DE:D6:51:A8:26:E0:E1:66:38:14:09:E8:EC
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/gbcX5Nge7N7WUagm4OFmOBQJ6Ow.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.66.0/23
Signature Algorithm: sha256WithRSAEncryption
58:81:33:39:44:dd:e3:74:3c:61:51:f7:02:b2:9d:2b:7e:c2:
5c:07:61:83:f4:82:f7:83:52:0e:e2:2c:25:2e:ee:cb:ef:36:
16:5d:ee:a3:84:fc:a9:3b:2b:e3:4b:8f:c6:dc:ce:35:0c:d3:
fe:ef:0f:ba:c4:65:50:1b:01:fb:01:77:dc:41:df:b1:50:34:
32:92:d5:24:ee:33:52:1f:17:66:8c:f0:6e:32:b1:3a:32:67:
fe:4d:70:e5:1a:09:89:29:b1:b1:9e:5a:fc:63:61:62:13:80:
93:79:84:72:5b:09:02:70:7d:45:6e:e2:31:72:65:08:a0:d1:
d2:76:5c:20:61:60:9e:4d:3c:f8:a4:04:a3:97:72:6f:54:42:
fb:d5:b4:20:2c:7d:11:7f:60:f0:3d:c2:0b:ed:16:3f:28:02:
19:e2:96:73:23:d9:1d:ed:c0:f4:1e:ba:ef:58:c0:8b:72:84:
4a:7f:16:fe:86:f9:02:59:3c:83:ce:26:f4:13:50:1a:ab:6f:
90:a4:8b:ba:1f:bb:53:57:8b:08:82:56:69:34:82:c6:50:54:
ec:3e:f4:8b:28:e4:33:be:ca:f0:03:5a:1d:7e:7d:f1:0e:75:
6b:70:1b:aa:6f:9f:e1:b0:eb:f3:63:0e:97:da:59:23:4e:b9:
ad:c6:ba:d4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA0MDcw
MDQ5MjZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDgxQjcxN0U0RDgxRUVD
REVENjUxQTgyNkUwRTE2NjM4MTQwOUU4RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0KHbs0Iysbtf+JLRVprl8FILLANURUBTR72WAKnoRJ6ec2Aya
Y+nf9fxI261l4QWpytUEYaXNlGpzynZLJjWWm+YL5I+ADiJ3sDNok4ZiBjQ3uk5Q
dSde8fbbDIRnnfCT4xC8BNfrsNzxJF9+UccXYKFgV21Ax9gtp1QNglDqhxe0O5Az
Nz/h+vLBnV5tzh09SML8u9YadNRoL9n209jid7iRKoimoCEkHO6EUpxjwj9a6nMy
KhPEpX3I4SVHbSKiPypWsPA9TdYFXfMerwtBvgoOaV2psQFq0xH0IIjvA2MzJD8A
SlXxveQI3wL1UbdT+PqwQ5wu9TROy++ZeOzLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUgbcX5Nge7N7WUagm4OFmOBQJ6OwwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvZ2JjWDVOZ2U3TjdXVWFnbTRPRm1P
QlFKNk93LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdzlQjAN
BgkqhkiG9w0BAQsFAAOCAQEAWIEzOUTd43Q8YVH3ArKdK37CXAdhg/SC94NSDuIs
JS7uy+82Fl3uo4T8qTsr40uPxtzONQzT/u8PusRlUBsB+wF33EHfsVA0MpLVJO4z
Uh8XZozwbjKxOjJn/k1w5RoJiSmxsZ5a/GNhYhOAk3mEclsJAnB9RW7iMXJlCKDR
0nZcIGFgnk08+KQEo5dyb1RC+9W0ICx9EX9g8D3CC+0WPygCGeKWcyPZHe3A9B66
71jAi3KESn8W/ob5Alk8g84m9BNQGqtvkKSLuh+7U1eLCIJWaTSCxlBU7D70iyjk
M77K8ANaHX598Q51a3Abqm+f4bDr82MOl9pZI065rca61A==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:18:38 2025 by rpki-client