Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/xHEmcg5QTPGu0CvQPnQaFUapgac.roa
File: xHEmcg5QTPGu0CvQPnQaFUapgac.roa (raw, json)
Hash identifier: CQdlRCbS9ypOr58jS1bhdKuv34fRiIefJtm14ODhEGQ=
Subject key identifier: C4:71:26:72:0E:50:4C:F1:AE:D0:2B:D0:3E:74:1A:15:46:A9:81:A7
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 12EB
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xHEmcg5QTPGu0CvQPnQaFUapgac.roa
Signing time: Fri 01 Sep 2023 09:24:16 +0000
ROA not before: Fri 01 Sep 2023 09:24:16 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131627
IP address blocks: 122.147.16.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4843 (0x12eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 1 09:24:16 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=C47126720E504CF1AED02BD03E741A1546A981A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:49:bb:f6:46:7f:f8:44:68:52:38:58:ae:c4:
3a:d3:96:60:b9:bf:0e:0f:c0:ab:70:83:50:38:a7:
9f:a0:0c:81:de:bd:d0:7b:3a:15:cd:25:23:c6:d4:
bd:8b:dd:3e:01:9a:e0:5e:1b:a3:92:5d:58:f6:fd:
a6:2b:42:53:ed:02:9d:81:bd:19:2a:93:f1:35:ad:
59:aa:7f:72:d6:8e:c5:d4:c1:20:58:b5:04:d9:ce:
0f:fe:38:09:ee:71:cf:d0:e2:9c:30:2b:7e:c1:84:
be:fd:81:24:a2:4c:74:e6:3f:0d:fc:de:e2:28:a7:
6b:78:f1:5e:2a:b7:f4:ec:76:74:93:11:71:23:e8:
e3:e8:69:60:df:08:99:ad:7c:2b:7e:ca:c1:a7:8b:
79:f5:06:83:b6:4a:1e:d3:15:aa:22:f5:20:89:41:
2a:62:ea:4b:85:30:8d:46:32:1a:19:af:7f:c8:32:
a1:2e:f5:fa:ad:1f:e8:98:d6:eb:6e:5f:3b:ff:1d:
10:0b:7d:58:e3:36:60:a9:53:de:4a:95:25:93:64:
3c:e1:d4:9e:d3:05:81:76:15:8d:02:51:67:d5:84:
b0:bc:54:15:b5:bf:d2:16:4a:71:da:43:ec:20:61:
40:eb:8e:ab:b6:75:fd:d6:b9:52:7c:2b:cd:1c:77:
b3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:71:26:72:0E:50:4C:F1:AE:D0:2B:D0:3E:74:1A:15:46:A9:81:A7
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xHEmcg5QTPGu0CvQPnQaFUapgac.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.16.0/21
Signature Algorithm: sha256WithRSAEncryption
46:7b:8d:be:17:3a:f0:11:40:83:5a:68:53:89:54:e7:ba:1a:
6e:64:e0:56:88:2b:66:14:ff:3a:a2:e6:50:8c:35:16:7c:e7:
cd:c1:32:53:b1:5e:cf:bf:49:90:11:2d:e9:62:52:f8:e2:8e:
51:19:2a:21:98:2a:68:73:84:7b:12:47:54:b8:c4:d3:05:28:
4f:b7:51:2e:58:61:06:de:73:80:9a:ab:1c:a7:a2:fd:f9:5e:
1e:2f:2d:a5:d0:12:57:56:a9:77:0d:f8:9c:69:94:f4:68:6e:
f9:18:3d:90:f0:a3:aa:52:37:30:09:50:3d:ed:d2:84:fe:0d:
2f:63:c2:e7:75:67:cc:5e:22:83:60:ea:a0:b8:e4:08:73:40:
21:12:bc:9f:d9:3b:b8:73:be:5a:35:23:3c:ae:0c:eb:7d:7e:
ae:14:b1:9c:7e:ca:ef:18:00:f0:e7:07:5d:7f:66:d0:19:70:
23:41:62:e8:8e:76:44:eb:dc:23:ad:9d:63:b1:9f:e3:fb:88:
25:b9:3c:d3:a0:75:2d:7b:b2:8b:6f:0a:7d:9b:c6:d1:11:a1:
81:03:b4:61:2e:a9:7e:d3:fb:78:b5:11:79:c3:90:14:ca:1e:
9f:94:00:5a:57:5a:1e:53:6d:0c:42:c2:60:ff:01:a8:62:48:
03:a8:b6:2b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA5MDEw
OTI0MTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM0NzEyNjcyMEU1MDRD
RjFBRUQwMkJEMDNFNzQxQTE1NDZBOTgxQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkSbv2Rn/4RGhSOFiuxDrTlmC5vw4PwKtwg1A4p5+gDIHevdB7
OhXNJSPG1L2L3T4BmuBeG6OSXVj2/aYrQlPtAp2BvRkqk/E1rVmqf3LWjsXUwSBY
tQTZzg/+OAnucc/Q4pwwK37BhL79gSSiTHTmPw383uIop2t48V4qt/TsdnSTEXEj
6OPoaWDfCJmtfCt+ysGni3n1BoO2Sh7TFaoi9SCJQSpi6kuFMI1GMhoZr3/IMqEu
9fqtH+iY1utuXzv/HRALfVjjNmCpU95KlSWTZDzh1J7TBYF2FY0CUWfVhLC8VBW1
v9IWSnHaQ+wgYUDrjqu2df3WuVJ8K80cd7OrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxHEmcg5QTPGu0CvQPnQaFUapgacwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveEhFbWNnNVFUUEd1MEN2UVBuUWFG
VWFwZ2FjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3qTEDAN
BgkqhkiG9w0BAQsFAAOCAQEARnuNvhc68BFAg1poU4lU57oabmTgVogrZhT/OqLm
UIw1FnznzcEyU7Fez79JkBEt6WJS+OKOURkqIZgqaHOEexJHVLjE0wUoT7dRLlhh
Bt5zgJqrHKei/fleHi8tpdASV1apdw34nGmU9Ghu+Rg9kPCjqlI3MAlQPe3ShP4N
L2PC53VnzF4ig2DqoLjkCHNAIRK8n9k7uHO+WjUjPK4M631+rhSxnH7K7xgA8OcH
XX9m0BlwI0Fi6I52ROvcI62dY7Gf4/uIJbk806B1LXuyi28KfZvG0RGhgQO0YS6p
ftP7eLURecOQFMoen5QAWldaHlNtDELCYP8BqGJIA6i2Kw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:36:19 2025 by rpki-client