Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/samMqu3A8BFDC5Z_BX8YpGPLddQ.roa
File: samMqu3A8BFDC5Z_BX8YpGPLddQ.roa (raw, json)
Hash identifier: uC+NNdG0xxVYI8Lzk1jbsx9NOoSc8I+WtK75Mfz4iNs=
Subject key identifier: B1:A9:8C:AA:ED:C0:F0:11:43:0B:96:7F:05:7F:18:A4:63:CB:75:D4
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1063
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/samMqu3A8BFDC5Z_BX8YpGPLddQ.roa
Signing time: Wed 01 Feb 2023 10:28:30 +0000
ROA not before: Wed 01 Feb 2023 10:28:30 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 220.228.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4195 (0x1063)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:30 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=B1A98CAAEDC0F011430B967F057F18A463CB75D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:27:dc:d0:5c:8a:f0:8c:5b:57:6a:7a:d6:ec:
7d:b5:90:94:ac:98:b1:49:c0:9b:55:1c:2a:bc:3c:
b6:0a:7b:2a:6f:a3:76:28:ed:98:9b:b8:a6:90:74:
5f:8c:83:d3:a7:4f:25:3f:d5:1e:a8:3b:8e:e7:9e:
2a:d6:b2:6c:23:ae:3e:3b:0d:67:1c:d4:65:8f:7b:
2a:38:cf:a0:3b:3f:54:32:26:f7:81:24:05:68:dd:
50:b7:51:f0:3d:80:38:4a:29:75:49:75:cd:48:36:
cb:66:bc:c0:39:3b:08:7e:21:69:8e:e7:cb:d0:2d:
56:a0:6f:c4:d0:f6:99:82:0e:1c:22:ef:3d:2b:c2:
3a:36:67:b0:46:1d:c7:c8:c6:14:3a:9c:db:21:c4:
59:8a:a8:53:e7:a4:80:5b:36:83:b6:9f:c1:cb:46:
ac:74:93:42:20:08:53:e6:16:c8:93:fd:56:ab:46:
f8:bd:25:a8:8d:e8:ce:e6:c4:c1:dc:59:ab:6e:9b:
60:73:88:ac:79:ee:13:df:22:1f:85:70:95:03:12:
82:27:dd:db:d4:e0:2f:cf:d1:06:9a:12:24:7f:58:
95:1f:86:b7:7b:db:57:15:96:6b:79:67:7d:34:f1:
09:40:72:94:bd:3a:68:79:b9:2a:40:d2:dd:f1:13:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A9:8C:AA:ED:C0:F0:11:43:0B:96:7F:05:7F:18:A4:63:CB:75:D4
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/samMqu3A8BFDC5Z_BX8YpGPLddQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4e:7c:d0:ae:88:23:d9:58:5c:d3:f2:f4:c9:df:b0:83:71:e1:
f4:19:75:b4:aa:32:42:96:f4:55:f2:39:e4:b7:25:e5:b0:57:
ca:5f:00:3f:53:bb:08:7d:c5:a0:77:31:08:dc:71:80:6e:74:
a4:a4:6a:44:fd:e9:54:da:10:b9:9f:25:2c:34:f0:c8:d3:18:
03:4a:fc:c7:a7:01:27:43:86:f0:bd:e8:fb:22:ee:22:ee:1a:
f9:88:5a:77:a1:cd:45:aa:dd:cc:a5:64:76:ec:3c:e8:8d:4e:
36:8d:d8:2c:71:02:b6:59:e4:6c:4a:70:64:0f:82:7a:fe:81:
e2:5f:99:fd:1c:f9:83:a6:a2:50:c3:64:26:be:9d:30:a0:d0:
03:fa:88:2e:24:7f:ab:7a:07:4f:e9:28:2e:68:f3:3d:9f:74:
35:12:10:cf:e8:36:ef:00:89:eb:73:6e:24:c9:7f:7e:3b:f2:
c1:db:33:43:da:75:52:cc:cf:20:3b:76:d2:79:d8:c3:f0:5a:
a9:f7:41:50:57:2c:7c:36:89:85:cd:a4:79:a7:a9:15:94:50:
b4:91:09:ed:e2:0d:54:c1:fc:64:e9:72:f2:c9:c8:97:61:93:
3d:4a:a5:05:1f:3c:c9:6b:1c:58:f4:d9:a3:13:09:5d:78:e6:
36:c8:6b:a7
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEGMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4MzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEIxQTk4Q0FBRURDMEYw
MTE0MzBCOTY3RjA1N0YxOEE0NjNDQjc1RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEJ9zQXIrwjFtXanrW7H21kJSsmLFJwJtVHCq8PLYKeypvo3Yo
7ZibuKaQdF+Mg9OnTyU/1R6oO47nnirWsmwjrj47DWcc1GWPeyo4z6A7P1QyJveB
JAVo3VC3UfA9gDhKKXVJdc1INstmvMA5Owh+IWmO58vQLVagb8TQ9pmCDhwi7z0r
wjo2Z7BGHcfIxhQ6nNshxFmKqFPnpIBbNoO2n8HLRqx0k0IgCFPmFsiT/VarRvi9
JaiN6M7mxMHcWatum2BziKx57hPfIh+FcJUDEoIn3dvU4C/P0QaaEiR/WJUfhrd7
21cVlmt5Z3008QlAcpS9Omh5uSpA0t3xE8N3AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUsamMqu3A8BFDC5Z/BX8YpGPLddQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvc2FtTXF1M0E4QkZEQzVaX0JYOFlw
R1BMZGRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAdzkMA0G
CSqGSIb3DQEBCwUAA4IBAQBOfNCuiCPZWFzT8vTJ37CDceH0GXW0qjJClvRV8jnk
tyXlsFfKXwA/U7sIfcWgdzEI3HGAbnSkpGpE/elU2hC5nyUsNPDI0xgDSvzHpwEn
Q4bwvej7Iu4i7hr5iFp3oc1Fqt3MpWR27DzojU42jdgscQK2WeRsSnBkD4J6/oHi
X5n9HPmDpqJQw2Qmvp0woNAD+oguJH+regdP6SguaPM9n3Q1EhDP6DbvAInrc24k
yX9+O/LB2zND2nVSzM8gO3bSedjD8Fqp90FQVyx8NomFzaR5p6kVlFC0kQnt4g1U
wfxk6XLyyciXYZM9SqUFHzzJaxxY9NmjEwldeOY2yGun
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:18:33 2025 by rpki-client