Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCDTV/5umMRjpQLBhxY3DfTCUWf0XOwtc.roa
File: 5umMRjpQLBhxY3DfTCUWf0XOwtc.roa (raw, json)
Hash identifier: uQbNQ2WrMjFlpQFKYpNusAikPQ+tNKU/89VudFmFpBQ=
Subject key identifier: E6:E9:8C:46:3A:50:2C:18:71:63:70:DF:4C:25:16:7F:45:CE:C2:D7
Certificate issuer: /CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Certificate serial: 08AD
Authority key identifier: 4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/5umMRjpQLBhxY3DfTCUWf0XOwtc.roa
Signing time: Sun 07 Feb 2021 11:32:50 +0000
ROA not before: Sun 07 Feb 2021 11:32:50 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131597
IP address blocks: 202.123.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2221 (0x8ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Validity
Not Before: Feb 7 11:32:50 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=E6E98C463A502C18716370DF4C25167F45CEC2D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:30:43:5f:ca:86:c7:95:3d:e6:ea:ba:3e:ee:
65:e7:9c:07:66:5c:fc:75:22:5e:15:54:10:69:c1:
53:c7:76:31:af:c3:0c:ae:b0:b8:90:0f:cc:2a:88:
20:17:ae:94:32:62:d6:76:1c:ef:c2:73:9a:4b:77:
c8:31:b6:0d:95:e4:d7:a4:31:61:7f:3a:b1:f3:ad:
ad:ca:60:39:80:d4:fa:5b:ba:62:1f:91:b5:3d:f1:
68:9c:c6:cf:17:ad:98:80:43:df:09:51:a3:d0:a0:
70:fb:ca:fc:0b:14:74:09:73:77:b4:b1:51:f6:b3:
4d:34:20:0f:58:17:fa:11:60:b6:bc:f1:e8:5c:cb:
cb:2c:17:90:21:15:84:fe:4c:be:e7:56:5a:53:97:
2e:82:9b:c0:d7:20:68:83:6a:3d:a9:ec:3e:e1:d2:
a6:c2:b6:9c:15:62:df:c9:a7:85:d7:20:2c:4f:67:
59:bf:95:24:8e:d5:c4:31:23:1a:9c:78:96:a4:2f:
08:83:b6:2d:50:27:08:ed:c4:31:d1:ac:50:38:57:
5c:ff:d0:ce:ba:16:7e:84:76:cb:39:aa:23:9b:95:
0d:3e:57:8d:89:cc:f8:cb:bb:0e:18:d2:90:b2:aa:
7b:94:8a:c7:24:a7:ec:ce:6e:45:d9:c6:91:d9:6a:
d3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E9:8C:46:3A:50:2C:18:71:63:70:DF:4C:25:16:7F:45:CE:C2:D7
X509v3 Authority Key Identifier:
keyid:4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/5umMRjpQLBhxY3DfTCUWf0XOwtc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.123.124.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:9b:a5:82:77:9b:84:0d:1d:55:99:11:83:71:c8:d6:af:5e:
76:a9:26:f6:e1:05:fb:30:62:e1:76:c8:b5:a3:70:06:16:b4:
ae:1e:3f:40:ab:f6:1f:9f:fc:30:f8:2f:77:76:6c:fd:eb:0e:
4d:8a:96:49:ab:24:97:a4:b8:7b:1d:de:4d:63:16:ba:bf:28:
ee:a3:6e:90:b4:82:3e:bb:b5:17:89:3a:70:9b:63:d1:e2:5f:
d6:c9:84:56:74:60:1b:70:9f:85:a0:23:7c:70:a2:70:44:d5:
73:14:91:ce:20:cb:e3:6c:2c:63:d2:84:86:e5:8a:3f:ab:4c:
bd:6c:3d:c7:25:74:f8:c1:08:ca:55:92:80:15:d5:4e:92:3c:
6a:bf:1c:30:b4:ce:ba:a3:9f:c0:5c:5f:16:69:7d:df:a1:46:
22:57:3f:c2:0b:f8:85:31:c0:7f:71:84:25:65:af:be:6c:8e:
49:80:f3:9b:47:f4:97:1c:a9:63:fb:d8:ce:bd:e5:fd:8c:96:
1c:c4:43:af:01:c1:f2:81:82:69:00:63:70:b0:e1:e4:5b:21:
10:ab:36:d1:95:fd:ee:22:4f:d8:1a:bf:fc:83:67:67:59:dd:
28:22:e4:ab:61:9d:c3:95:28:e3:3f:14:50:d0:b7:fe:ce:ec:
85:c3:0c:a3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEI4
MUJCMzFGQTUyOTJDODAyNUI4MjhGODAyNzIyREUwRDVFQURFMzAeFw0yMTAyMDcx
MTMyNTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEU2RTk4QzQ2M0E1MDJD
MTg3MTYzNzBERjRDMjUxNjdGNDVDRUMyRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjMENfyobHlT3m6ro+7mXnnAdmXPx1Il4VVBBpwVPHdjGvwwyu
sLiQD8wqiCAXrpQyYtZ2HO/Cc5pLd8gxtg2V5NekMWF/OrHzra3KYDmA1PpbumIf
kbU98Wicxs8XrZiAQ98JUaPQoHD7yvwLFHQJc3e0sVH2s000IA9YF/oRYLa88ehc
y8ssF5AhFYT+TL7nVlpTly6Cm8DXIGiDaj2p7D7h0qbCtpwVYt/Jp4XXICxPZ1m/
lSSO1cQxIxqceJakLwiDti1QJwjtxDHRrFA4V1z/0M66Fn6Edss5qiOblQ0+V42J
zPjLuw4Y0pCyqnuUisckp+zObkXZxpHZatMxAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU5umMRjpQLBhxY3DfTCUWf0XOwtcwHwYDVR0jBBgwFoAUS4G7MfpSksgCW4KP
gCci3g1ereMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNEVFYv
UzRHN01mcFNrc2dDVzRLUGdDY2kzZzFlcmVNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9TNEc3TWZwU2tzZ0NXNEtQZ0NjaTNnMWVyZU0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0RUVi81dW1NUmpwUUxCaHhZM0RmVENV
V2YwWE93dGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCynt8
MA0GCSqGSIb3DQEBCwUAA4IBAQCnm6WCd5uEDR1VmRGDccjWr152qSb24QX7MGLh
dsi1o3AGFrSuHj9Aq/Yfn/ww+C93dmz96w5NipZJqySXpLh7Hd5NYxa6vyjuo26Q
tII+u7UXiTpwm2PR4l/WyYRWdGAbcJ+FoCN8cKJwRNVzFJHOIMvjbCxj0oSG5Yo/
q0y9bD3HJXT4wQjKVZKAFdVOkjxqvxwwtM66o5/AXF8WaX3foUYiVz/CC/iFMcB/
cYQlZa++bI5JgPObR/SXHKlj+9jOveX9jJYcxEOvAcHygYJpAGNwsOHkWyEQqzbR
lf3uIk/YGr/8g2dnWd0oIuSrYZ3DlSjjPxRQ0Lf+zuyFwwyj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org