Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/po2fn2-JjKhaeWBVCtyyz9y4S50.roa
File: po2fn2-JjKhaeWBVCtyyz9y4S50.roa (raw, json)
Hash identifier: RYA/Q8OQrGMXEX+96kwWIhIwbnCMnUmR1rfUlp8oprs=
Subject key identifier: A6:8D:9F:9F:6F:89:8C:A8:5A:79:60:55:0A:DC:B2:CF:DC:B8:4B:9D
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CD7
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/po2fn2-JjKhaeWBVCtyyz9y4S50.roa
Signing time: Wed 01 Feb 2023 10:28:32 +0000
ROA not before: Wed 01 Feb 2023 10:28:32 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 192.72.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3287 (0xcd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:32 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=A68D9F9F6F898CA85A7960550ADCB2CFDCB84B9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c6:18:8f:71:ab:03:a7:5b:ec:8d:76:8f:e4:
1a:a3:23:e5:86:a1:13:84:95:64:a6:c3:e1:cc:4e:
18:3e:90:35:c5:5b:db:26:5f:cc:23:9f:77:3f:5b:
f1:89:da:1b:69:9e:a0:7c:5d:f6:96:5e:4b:d0:46:
76:2a:5d:a9:0b:08:9e:3b:c5:13:c7:b0:a6:80:34:
11:d7:fa:ab:6c:f6:d3:4a:05:d9:8c:ec:85:e0:24:
be:f6:7e:58:47:ed:e8:10:3a:12:73:0e:5a:6f:bf:
af:08:21:b5:3e:91:41:ca:84:3c:c4:75:c4:7b:a2:
d1:93:bf:81:0b:5e:0d:ba:c2:9a:c8:0e:80:57:5c:
1c:77:fb:68:90:cc:00:da:c2:91:6d:ce:a5:71:cd:
1f:99:d2:97:d9:7a:9c:0c:2b:dd:7b:18:0b:d4:ae:
49:3f:83:cd:4e:f9:5b:8e:6a:e0:73:e7:00:f1:8d:
50:f1:d4:9e:cf:6e:d8:2b:44:ed:e5:ae:ac:d9:51:
6d:31:01:62:1d:0f:e9:2b:e2:c5:a6:97:d1:00:84:
ce:5b:ab:96:43:bc:38:42:63:0b:70:c3:0b:e5:2e:
37:7e:f3:e5:d3:59:a9:93:ec:13:4f:44:aa:7e:f5:
96:aa:24:8d:21:65:82:a0:6a:a5:78:8e:f2:88:dc:
7e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8D:9F:9F:6F:89:8C:A8:5A:79:60:55:0A:DC:B2:CF:DC:B8:4B:9D
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/po2fn2-JjKhaeWBVCtyyz9y4S50.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.240.0/21
Signature Algorithm: sha256WithRSAEncryption
63:b3:ab:92:ac:f5:38:51:2b:77:4f:7c:00:e1:47:92:75:7c:
a8:bb:c3:de:bc:23:1f:6e:b5:74:8f:e1:ee:87:8e:8d:bc:74:
92:ae:61:61:4a:ba:71:2a:55:2f:66:8d:49:f7:4d:a3:c3:b9:
c0:ae:ac:9e:22:e5:42:b3:76:46:c8:39:40:ca:cf:5b:62:fa:
40:71:0e:e7:4e:6e:63:23:e4:fe:f4:b6:b8:2d:22:71:6b:a8:
ce:51:d4:83:11:4b:0a:88:92:60:03:94:5e:c3:3e:df:ba:84:
52:91:bc:2e:b4:3f:ed:22:78:2c:f8:c4:27:35:a7:1f:31:ed:
07:ee:fe:4d:41:ba:fa:f3:4c:2c:16:8a:99:18:7a:12:8e:e5:
76:ca:a1:ba:a7:48:0f:6a:a2:35:b9:fe:f2:7f:21:4f:31:71:
fb:9b:14:cf:ff:b5:37:46:0b:4b:10:c4:26:0e:32:0c:22:7b:
d3:b2:de:1c:c9:65:ae:d4:c4:c9:ba:f7:e1:99:3f:4a:4e:d1:
02:44:41:4f:d2:88:b8:dd:bd:c4:47:46:f7:fb:f0:ca:e0:c6:
1a:d2:cb:84:aa:f6:a5:b9:8e:33:78:bd:5d:25:bd:c7:5a:64:
51:5c:8e:d0:36:bd:5f:de:fc:34:5b:df:7b:5d:84:e0:7d:51:
97:bb:35:1a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4MzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEE2OEQ5RjlGNkY4OThD
QTg1QTc5NjA1NTBBRENCMkNGRENCODRCOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHxhiPcasDp1vsjXaP5BqjI+WGoROElWSmw+HMThg+kDXFW9sm
X8wjn3c/W/GJ2htpnqB8XfaWXkvQRnYqXakLCJ47xRPHsKaANBHX+qts9tNKBdmM
7IXgJL72flhH7egQOhJzDlpvv68IIbU+kUHKhDzEdcR7otGTv4ELXg26wprIDoBX
XBx3+2iQzADawpFtzqVxzR+Z0pfZepwMK917GAvUrkk/g81O+VuOauBz5wDxjVDx
1J7PbtgrRO3lrqzZUW0xAWIdD+kr4sWml9EAhM5bq5ZDvDhCYwtwwwvlLjd+8+XT
WamT7BNPRKp+9ZaqJI0hZYKgaqV4jvKI3H4JAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUpo2fn2+JjKhaeWBVCtyyz9y4S50wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcG8yZm4yLUpqS2hhZVdCVkN0eXl6
OXk0UzUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BI8DAN
BgkqhkiG9w0BAQsFAAOCAQEAY7Orkqz1OFErd098AOFHknV8qLvD3rwjH261dI/h
7oeOjbx0kq5hYUq6cSpVL2aNSfdNo8O5wK6sniLlQrN2Rsg5QMrPW2L6QHEO505u
YyPk/vS2uC0icWuozlHUgxFLCoiSYAOUXsM+37qEUpG8LrQ/7SJ4LPjEJzWnHzHt
B+7+TUG6+vNMLBaKmRh6Eo7ldsqhuqdID2qiNbn+8n8hTzFx+5sUz/+1N0YLSxDE
Jg4yDCJ707LeHMllrtTEybr34Zk/Sk7RAkRBT9KIuN29xEdG9/vwyuDGGtLLhKr2
pbmOM3i9XSW9x1pkUVyO0Da9X978NFvfe12E4H1Rl7s1Gg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:36:21 2025 by rpki-client