Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/2WWdjoGiqmDH0RfSApiTHBYiuPc.roa
File: 2WWdjoGiqmDH0RfSApiTHBYiuPc.roa (raw, json)
Hash identifier: LNKDrqUlbOZlNdyQ51Bnh7SdzvNXA9/8cNgWSYO+ejI=
Subject key identifier: D9:65:9D:8E:81:A2:AA:60:C7:D1:17:D2:02:98:93:1C:16:22:B8:F7
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0C89
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2WWdjoGiqmDH0RfSApiTHBYiuPc.roa
Signing time: Sun 07 Feb 2021 11:43:52 +0000
ROA not before: Sun 07 Feb 2021 11:43:52 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131597
IP address blocks: 106.105.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3209 (0xc89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 11:43:52 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D9659D8E81A2AA60C7D117D20298931C1622B8F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:de:48:10:74:98:95:83:f9:b4:3b:12:b8:ac:
c5:39:61:9a:9d:b3:37:28:56:ca:78:99:67:48:65:
27:06:b6:63:0e:82:e5:1b:ef:0c:dc:81:9d:93:7d:
48:8c:93:f4:cb:43:a0:c8:ab:33:2b:a3:e6:94:31:
33:d3:62:75:31:04:c8:eb:62:92:f3:38:7f:f4:fd:
78:e0:f7:18:5a:09:96:a5:19:fc:6c:27:b2:84:48:
df:24:56:07:bc:ae:78:41:c1:59:15:09:6c:c7:69:
2c:7a:82:c1:b1:24:0e:d6:01:25:e3:d4:e4:98:34:
7e:72:01:8c:55:95:ba:91:99:1d:d9:8a:8f:02:9b:
a2:5e:70:0a:b4:69:04:da:45:9d:7d:54:5e:b7:a1:
d8:c5:36:07:41:49:26:36:7d:a3:b8:ed:16:55:67:
1a:ed:3b:f9:30:18:53:8e:cd:99:e3:c3:da:44:86:
a1:8e:8a:a4:76:c8:c2:14:d4:78:23:d2:ca:15:a8:
5a:9c:d7:3a:06:ce:a6:18:5d:b2:0b:c0:2c:b4:0b:
0c:3a:ce:e8:8d:12:49:88:d3:d4:06:ef:80:67:8f:
b9:4c:81:a2:1e:0b:49:4d:1f:13:7e:0a:e5:59:03:
f1:61:1a:09:56:07:f5:e0:d9:91:6f:32:9d:16:e6:
30:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:65:9D:8E:81:A2:AA:60:C7:D1:17:D2:02:98:93:1C:16:22:B8:F7
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2WWdjoGiqmDH0RfSApiTHBYiuPc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.240.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:1c:06:88:e1:ec:73:ed:d0:55:8c:99:87:b0:07:f6:58:32:
96:5d:76:ea:f6:c3:71:fd:20:6c:de:62:83:8c:58:c2:94:6b:
aa:65:2b:0b:22:d5:ce:43:85:aa:d3:fe:1b:5e:29:aa:ab:28:
c5:d8:33:26:61:d9:b2:92:da:6a:ec:b4:56:a2:2f:55:0a:81:
4f:39:bd:86:d1:a8:6a:bb:70:bb:c0:8c:d7:16:c2:98:cf:83:
03:52:05:0d:08:24:4e:ff:70:5d:2d:e5:ae:90:7a:2a:ec:fd:
e4:cb:b5:36:4e:00:e6:45:7f:85:2f:d1:1b:ea:27:48:d9:47:
1e:88:23:03:ab:d4:cb:79:f4:35:12:bb:c0:e6:18:dd:3b:88:
f4:45:4d:23:fd:bb:27:e0:fe:76:f4:94:99:3d:03:d5:44:35:
18:39:3d:49:36:89:84:c9:0d:16:3a:4e:26:19:cf:47:e6:b7:
ac:cf:3f:27:d7:dd:d4:fa:0d:b6:e4:87:82:0a:b6:95:f6:72:
36:88:00:d3:1f:4b:64:30:77:ed:64:d7:5f:c0:c2:86:16:69:
85:f5:88:ae:f0:50:c3:dd:27:76:f0:ce:47:2e:76:a8:e8:d1:
6e:94:77:53:df:9f:8c:00:b0:dd:e8:f2:b4:da:e8:16:c5:0c:
4a:49:17:7b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcx
MTQzNTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ5NjU5RDhFODFBMkFB
NjBDN0QxMTdEMjAyOTg5MzFDMTYyMkI4RjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC93kgQdJiVg/m0OxK4rMU5YZqdszcoVsp4mWdIZScGtmMOguUb
7wzcgZ2TfUiMk/TLQ6DIqzMro+aUMTPTYnUxBMjrYpLzOH/0/Xjg9xhaCZalGfxs
J7KESN8kVge8rnhBwVkVCWzHaSx6gsGxJA7WASXj1OSYNH5yAYxVlbqRmR3Zio8C
m6JecAq0aQTaRZ19VF63odjFNgdBSSY2faO47RZVZxrtO/kwGFOOzZnjw9pEhqGO
iqR2yMIU1Hgj0soVqFqc1zoGzqYYXbILwCy0Cww6zuiNEkmI09QG74Bnj7lMgaIe
C0lNHxN+CuVZA/FhGglWB/Xg2ZFvMp0W5jB3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2WWdjoGiqmDH0RfSApiTHBYiuPcwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMldXZGpvR2lxbURIMFJmU0FwaVRI
QllpdVBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2pp8DAN
BgkqhkiG9w0BAQsFAAOCAQEAtxwGiOHsc+3QVYyZh7AH9lgyll126vbDcf0gbN5i
g4xYwpRrqmUrCyLVzkOFqtP+G14pqqsoxdgzJmHZspLaauy0VqIvVQqBTzm9htGo
artwu8CM1xbCmM+DA1IFDQgkTv9wXS3lrpB6Kuz95Mu1Nk4A5kV/hS/RG+onSNlH
HogjA6vUy3n0NRK7wOYY3TuI9EVNI/27J+D+dvSUmT0D1UQ1GDk9STaJhMkNFjpO
JhnPR+a3rM8/J9fd1PoNtuSHggq2lfZyNogA0x9LZDB37WTXX8DChhZphfWIrvBQ
w90ndvDORy52qOjRbpR3U9+fjACw3ejytNroFsUMSkkXew==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-fra.rpki-client.org