Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/0YCZ6Ehfl7s7FXNiWdC_KaPNfac.roa
File: 0YCZ6Ehfl7s7FXNiWdC_KaPNfac.roa (raw, json)
Hash identifier: Ouy1cN7rGv9Gq+G2X/emeFj3qmc7TlthkLBTeZgM4QI=
Subject key identifier: D1:80:99:E8:48:5F:97:BB:3B:15:73:62:59:D0:BF:29:A3:CD:7D:A7
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E17
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/0YCZ6Ehfl7s7FXNiWdC_KaPNfac.roa
Signing time: Wed 29 Sep 2021 02:43:11 +0000
ROA not before: Wed 29 Sep 2021 02:43:11 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4780
IP address blocks: 218.211.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3607 (0xe17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:11 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=D18099E8485F97BB3B15736259D0BF29A3CD7DA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d1:cf:07:1d:10:f4:00:0b:29:af:5b:ec:a9:
42:26:93:2e:b0:13:53:d8:f9:00:c1:56:54:fb:47:
90:8c:17:d0:7a:d8:04:79:29:10:65:a1:7f:13:57:
34:51:fe:23:0e:c8:c9:80:50:27:29:7a:5f:e4:89:
a1:e5:9d:37:79:4e:18:62:46:f9:03:5b:10:3b:34:
94:1a:ad:56:b1:11:4e:3c:ac:1d:e3:ca:2e:18:15:
9c:a3:c0:2f:24:59:94:ff:fb:f9:7d:13:c3:c2:35:
e4:f4:93:08:16:64:87:1f:40:d5:47:c6:c2:bd:69:
bc:69:65:a9:96:e9:87:26:a5:dc:e8:9f:0f:0d:af:
e5:6a:e7:a2:ea:71:cb:13:7c:5a:c3:a9:a7:b2:e1:
c2:ad:6d:12:f6:94:90:ad:c4:a8:46:3c:c3:e1:db:
50:c8:ad:79:3f:fe:cc:b2:cd:b5:39:f6:d2:df:b7:
33:fb:7d:d0:d9:1c:06:fa:0e:bc:85:f9:4b:71:e0:
83:6f:6d:ce:91:05:2a:e4:f9:01:64:e5:5e:35:6b:
23:b1:15:d9:79:b7:b7:5b:31:e6:03:b2:99:cb:89:
d8:10:e1:c6:ce:3f:c2:cd:58:ec:8b:9c:89:14:92:
59:45:ee:80:8d:08:0e:ee:d3:25:52:c9:f2:04:40:
63:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:80:99:E8:48:5F:97:BB:3B:15:73:62:59:D0:BF:29:A3:CD:7D:A7
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/0YCZ6Ehfl7s7FXNiWdC_KaPNfac.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.211.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:c3:d0:3a:19:bf:ad:61:aa:fb:00:8c:f3:76:0e:c1:23:25:
28:62:27:b8:ae:c0:c1:6a:25:c3:19:b4:4e:a4:99:05:9d:52:
b4:27:e8:84:c7:f7:c3:c4:7d:11:bf:20:05:3e:21:21:ea:ea:
c6:85:50:78:28:57:bd:e3:85:92:98:19:6d:98:e4:5b:d3:3d:
ee:15:e9:1c:47:e2:ec:36:de:04:33:b7:fb:0b:5c:45:12:2f:
6b:c2:ae:b3:3c:ff:b2:f4:9c:45:f1:10:94:2d:8e:5c:16:5a:
19:d9:e6:8e:cf:d5:4e:1a:32:ff:8b:d9:ca:48:10:72:40:48:
e5:ef:b8:5d:fe:7a:b1:d9:f0:a5:70:0c:6a:91:15:e2:d2:37:
00:54:94:de:24:e5:d4:f6:58:e2:53:4a:3e:32:b7:f3:70:f9:
fc:fa:55:7e:1e:14:fe:da:b7:ea:1d:59:f0:3d:08:dc:4a:cd:
42:e1:27:f5:ab:84:99:21:8b:26:cf:d4:c7:c7:0f:5c:4e:61:
df:fa:58:83:a7:20:27:b3:94:c2:db:a5:5a:c0:bc:48:fb:7b:
32:59:6f:13:ec:ca:13:d9:01:87:b1:09:ca:07:c9:b0:ea:dc:
69:73:9d:81:87:b6:8c:31:33:82:a0:43:11:10:68:e7:32:0c:
aa:3a:51:5e
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDhcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQxODA5OUU4NDg1Rjk3
QkIzQjE1NzM2MjU5RDBCRjI5QTNDRDdEQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE0c8HHRD0AAspr1vsqUImky6wE1PY+QDBVlT7R5CMF9B62AR5
KRBloX8TVzRR/iMOyMmAUCcpel/kiaHlnTd5ThhiRvkDWxA7NJQarVaxEU48rB3j
yi4YFZyjwC8kWZT/+/l9E8PCNeT0kwgWZIcfQNVHxsK9abxpZamW6Ycmpdzonw8N
r+Vq56LqccsTfFrDqaey4cKtbRL2lJCtxKhGPMPh21DIrXk//syyzbU59tLftzP7
fdDZHAb6DryF+Utx4INvbc6RBSrk+QFk5V41ayOxFdl5t7dbMeYDspnLidgQ4cbO
P8LNWOyLnIkUkllF7oCNCA7u0yVSyfIEQGNHAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU0YCZ6Ehfl7s7FXNiWdC/KaPNfacwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMFlDWjZFaGZsN3M3RlhOaVdkQ19L
YVBOZmFjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANrTMA0G
CSqGSIb3DQEBCwUAA4IBAQBPw9A6Gb+tYar7AIzzdg7BIyUoYie4rsDBaiXDGbRO
pJkFnVK0J+iEx/fDxH0RvyAFPiEh6urGhVB4KFe944WSmBltmORb0z3uFekcR+Ls
Nt4EM7f7C1xFEi9rwq6zPP+y9JxF8RCULY5cFloZ2eaOz9VOGjL/i9nKSBByQEjl
77hd/nqx2fClcAxqkRXi0jcAVJTeJOXU9ljiU0o+MrfzcPn8+lV+HhT+2rfqHVnw
PQjcSs1C4Sf1q4SZIYsmz9THxw9cTmHf+liDpyAns5TC26VawLxI+3syWW8T7MoT
2QGHsQnKB8mw6txpc52Bh7aMMTOCoEMREGjnMgyqOlFe
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-fra.rpki-client.org