Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/-CNqbHaQ-07jOJUf2fNhDoTExzQ.roa
File: -CNqbHaQ-07jOJUf2fNhDoTExzQ.roa (raw, json)
Hash identifier: o1kVyWvZUZBp0CkdXkId6HmrpKXII29Lb9AYykk2uWE=
Subject key identifier: F8:23:6A:6C:76:90:FB:4E:E3:38:95:1F:D9:F3:61:0E:84:C4:C7:34
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0891
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/-CNqbHaQ-07jOJUf2fNhDoTExzQ.roa
Signing time: Tue 29 Sep 2020 09:52:10 +0000
ROA not before: Tue 29 Sep 2020 09:52:10 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18419
IP address blocks: 106.105.24.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2193 (0x891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:10 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F8236A6C7690FB4EE338951FD9F3610E84C4C734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6d:d7:ff:25:2e:a5:99:34:e8:6d:53:60:36:
e5:c2:cc:29:e2:1c:b0:e4:61:e0:03:2a:6e:3d:fb:
e4:ea:0a:45:10:ac:94:ec:83:2f:d7:0d:36:43:fe:
d3:d9:c7:9a:7f:20:7c:1a:f7:e5:54:56:64:e9:2e:
9d:9b:6d:82:9e:a9:3f:03:55:f5:e1:d9:05:7f:0d:
5d:16:c8:75:f3:c8:1c:1e:f7:d6:2a:9b:71:72:44:
3f:bb:85:88:99:ec:93:ac:b9:1c:75:5a:b6:a2:01:
25:7c:6f:40:a6:da:64:cf:ab:a8:b1:02:90:ea:e8:
c1:75:17:6f:92:5d:e3:2c:5f:b0:6c:5a:c6:51:07:
1b:f9:36:25:b4:fc:7a:e8:35:cb:bc:04:5c:cf:f2:
da:9c:bb:f9:ec:74:2e:c2:29:f6:60:ff:45:ec:47:
b5:80:54:bc:e9:29:b7:23:94:b9:a9:0b:25:6d:bb:
00:84:d6:03:01:4a:e4:9a:7f:89:1a:49:b1:a1:b7:
c0:67:c3:ae:53:03:52:f7:77:c1:b1:7e:f1:09:5c:
8e:ae:ac:1d:40:f0:a1:b6:5b:eb:84:7a:8a:b6:cd:
a9:1c:11:fd:91:db:d4:82:f4:51:e8:7b:9e:c7:46:
fb:3e:56:f2:a6:40:9e:03:0b:d0:64:b5:f4:3f:6f:
73:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:23:6A:6C:76:90:FB:4E:E3:38:95:1F:D9:F3:61:0E:84:C4:C7:34
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/-CNqbHaQ-07jOJUf2fNhDoTExzQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.24.0/21
Signature Algorithm: sha256WithRSAEncryption
58:09:b7:20:1a:76:de:1a:a5:bb:48:ee:31:67:ae:ef:a8:3e:
44:da:af:10:16:44:f7:55:0d:5c:9a:c2:e3:87:94:23:14:42:
3c:d6:88:22:09:59:f6:fb:f2:9c:ad:72:15:3c:5e:c2:93:f1:
7e:dd:a8:c3:24:ca:7a:01:fd:f9:f8:3a:6c:54:a4:97:07:63:
2a:c5:df:3a:1d:6d:4c:28:5d:6b:c3:5c:88:24:04:f2:34:2a:
ca:41:52:42:d3:85:e5:93:42:bd:20:72:2e:5a:61:f0:6c:a7:
77:5b:a3:e7:1d:2f:8e:93:42:09:13:19:48:c2:f4:03:d0:4a:
5a:93:40:9f:45:89:63:36:68:44:e3:4a:23:e9:e7:4d:40:58:
a3:e0:c1:4a:b4:d1:35:5f:66:54:41:2b:aa:be:37:37:00:cc:
35:01:b1:ab:e1:3f:0c:b8:a9:51:39:f8:d8:03:66:b2:1a:50:
0c:4b:a4:6d:07:57:21:a1:8f:ac:07:cf:da:d3:92:56:bc:80:
d2:18:ff:84:90:36:64:12:63:db:8e:74:69:86:ab:2f:c2:81:
85:8c:b2:b5:04:e7:12:e3:ee:ac:a7:3f:e5:22:c8:2d:2d:5e:
70:6f:78:d2:37:a3:55:38:9a:a4:17:a8:35:32:79:26:f1:63:
4f:e2:f4:d5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY4MjM2QTZDNzY5MEZC
NEVFMzM4OTUxRkQ5RjM2MTBFODRDNEM3MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIbdf/JS6lmTTobVNgNuXCzCniHLDkYeADKm49++TqCkUQrJTs
gy/XDTZD/tPZx5p/IHwa9+VUVmTpLp2bbYKeqT8DVfXh2QV/DV0WyHXzyBwe99Yq
m3FyRD+7hYiZ7JOsuRx1WraiASV8b0Cm2mTPq6ixApDq6MF1F2+SXeMsX7BsWsZR
Bxv5NiW0/HroNcu8BFzP8tqcu/nsdC7CKfZg/0XsR7WAVLzpKbcjlLmpCyVtuwCE
1gMBSuSaf4kaSbGht8Bnw65TA1L3d8GxfvEJXI6urB1A8KG2W+uEeoq2zakcEf2R
29SC9FHoe57HRvs+VvKmQJ4DC9BktfQ/b3NrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU+CNqbHaQ+07jOJUf2fNhDoTExzQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvLUNOcWJIYVEtMDdqT0pVZjJmTmhE
b1RFeHpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2ppGDAN
BgkqhkiG9w0BAQsFAAOCAQEAWAm3IBp23hqlu0juMWeu76g+RNqvEBZE91UNXJrC
44eUIxRCPNaIIglZ9vvynK1yFTxewpPxft2owyTKegH9+fg6bFSklwdjKsXfOh1t
TChda8NciCQE8jQqykFSQtOF5ZNCvSByLlph8Gynd1uj5x0vjpNCCRMZSML0A9BK
WpNAn0WJYzZoRONKI+nnTUBYo+DBSrTRNV9mVEErqr43NwDMNQGxq+E/DLipUTn4
2ANmshpQDEukbQdXIaGPrAfP2tOSVryA0hj/hJA2ZBJj2450aYarL8KBhYyytQTn
EuPurKc/5SLILS1ecG940jejVTiapBeoNTJ5JvFjT+L01Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-fra.rpki-client.org