Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/qckSj-IfQ9xA7NJdrxc7DAX0tqM.roa
File: qckSj-IfQ9xA7NJdrxc7DAX0tqM.roa (raw, json)
Hash identifier: 0rkU+wSTvhF+GsXH4M2sH1YJeo0c8KmU4SCF3/Yb4m4=
Subject key identifier: A9:C9:12:8F:E2:1F:43:DC:40:EC:D2:5D:AF:17:3B:0C:05:F4:B6:A3
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0CC3
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qckSj-IfQ9xA7NJdrxc7DAX0tqM.roa
Signing time: Sun 07 Feb 2021 11:45:02 +0000
ROA not before: Sun 07 Feb 2021 11:45:02 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 220.229.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3267 (0xcc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 11:45:02 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A9C9128FE21F43DC40ECD25DAF173B0C05F4B6A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:e4:de:21:b0:b6:27:0d:e4:47:78:a6:e4:
40:dc:ce:b0:02:8d:5c:ac:24:62:91:b2:6e:d7:9c:
52:79:95:e3:b9:46:63:d9:a6:d8:9c:1f:40:b9:56:
07:24:2c:4c:a9:91:c7:e7:06:cd:e3:c6:90:72:95:
86:5d:fd:6f:d5:88:5e:98:ef:c1:0b:e7:8e:5b:81:
37:c0:ec:f4:fe:df:f5:bd:d2:21:de:fd:b3:7a:c5:
71:85:e5:a8:83:ac:08:eb:4c:b7:3b:7b:1d:a7:7c:
d6:b5:ef:92:a1:50:09:bf:c6:71:67:0c:89:fd:de:
5e:99:bf:6b:65:01:7d:18:79:f6:60:bd:40:19:ef:
b6:4a:62:ae:0a:97:55:23:09:7c:de:26:03:47:c2:
4a:59:ad:1b:fd:92:a3:6e:28:f0:55:0c:7b:72:ac:
b2:e5:ac:5c:e3:ee:ce:f9:e5:45:4a:42:20:83:da:
87:90:d1:9b:dd:77:05:8d:0f:98:88:ee:45:4a:9a:
52:38:1f:51:55:53:90:2f:74:e1:18:3b:b2:0e:0b:
a5:39:3d:9e:14:d3:86:62:19:b9:7a:80:ed:af:79:
1a:2d:e1:d5:7a:3a:4b:b6:c7:db:91:72:de:ef:35:
92:1e:11:2c:d8:db:5c:16:d9:cb:1d:7a:ff:cb:dc:
18:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C9:12:8F:E2:1F:43:DC:40:EC:D2:5D:AF:17:3B:0C:05:F4:B6:A3
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qckSj-IfQ9xA7NJdrxc7DAX0tqM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.96.0/19
Signature Algorithm: sha256WithRSAEncryption
60:9e:57:f8:da:30:3f:16:8d:79:7d:d9:57:05:53:cb:21:4b:
42:0a:63:17:5d:4f:f6:77:7a:b6:3f:a0:76:4e:e7:48:fe:70:
9f:a2:f9:8d:89:7f:15:3b:e5:1c:9b:f6:38:16:99:cf:82:29:
4c:e9:a0:a5:fa:8d:b2:78:04:b9:17:13:d0:48:76:95:75:94:
01:90:09:c9:a9:a5:b9:39:89:ee:8a:30:c4:b0:b0:e6:41:d4:
bb:5d:e5:56:52:34:4d:7b:79:c0:1a:c6:ec:16:83:8c:8e:9b:
0a:cd:1e:83:59:93:1c:24:2b:10:bc:51:e0:9d:64:84:67:c5:
56:7c:30:69:79:71:4d:13:c8:2a:5a:14:55:c8:45:36:8b:03:
70:3d:d5:e7:82:2e:9a:8b:e3:d9:e6:d5:2e:55:8d:58:28:80:
00:03:04:25:73:68:c7:8b:a2:09:f7:35:2d:a3:33:f5:e3:9a:
1d:60:d2:ba:19:be:d8:81:12:d7:66:16:7f:76:3c:6b:4f:75:
d9:90:c9:37:62:a4:58:be:6e:e1:06:3a:d2:96:46:e2:6f:52:
70:2e:65:c1:74:2d:47:fe:c6:71:a6:64:38:8a:a2:19:b7:34:
bd:71:4b:65:4e:18:fe:cc:6a:ad:b3:ae:7f:3c:2d:e5:ce:46:
e8:d9:d5:03
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcx
MTQ1MDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEE5QzkxMjhGRTIxRjQz
REM0MEVDRDI1REFGMTczQjBDMDVGNEI2QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKAuTeIbC2Jw3kR3im5EDczrACjVysJGKRsm7XnFJ5leO5RmPZ
pticH0C5VgckLEypkcfnBs3jxpBylYZd/W/ViF6Y78EL545bgTfA7PT+3/W90iHe
/bN6xXGF5aiDrAjrTLc7ex2nfNa175KhUAm/xnFnDIn93l6Zv2tlAX0YefZgvUAZ
77ZKYq4Kl1UjCXzeJgNHwkpZrRv9kqNuKPBVDHtyrLLlrFzj7s755UVKQiCD2oeQ
0ZvddwWND5iI7kVKmlI4H1FVU5AvdOEYO7IOC6U5PZ4U04ZiGbl6gO2veRot4dV6
Oku2x9uRct7vNZIeESzY21wW2csdev/L3BjLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqckSj+IfQ9xA7NJdrxc7DAX0tqMwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcWNrU2otSWZROXhBN05KZHJ4YzdE
QVgwdHFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdzlYDAN
BgkqhkiG9w0BAQsFAAOCAQEAYJ5X+NowPxaNeX3ZVwVTyyFLQgpjF11P9nd6tj+g
dk7nSP5wn6L5jYl/FTvlHJv2OBaZz4IpTOmgpfqNsngEuRcT0Eh2lXWUAZAJyaml
uTmJ7oowxLCw5kHUu13lVlI0TXt5wBrG7BaDjI6bCs0eg1mTHCQrELxR4J1khGfF
VnwwaXlxTRPIKloUVchFNosDcD3V54Iumovj2ebVLlWNWCiAAAMEJXNox4uiCfc1
LaMz9eOaHWDSuhm+2IES12YWf3Y8a0912ZDJN2KkWL5u4QY60pZG4m9ScC5lwXQt
R/7GcaZkOIqiGbc0vXFLZU4Y/sxqrbOufzwt5c5G6NnVAw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:37:49 2025 by rpki-client