Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/3LzJTkiHYGD7gdEf79NGLApl1H8.roa
File: 3LzJTkiHYGD7gdEf79NGLApl1H8.roa (raw, json)
Hash identifier: fVq+lgPzLdZ/UaKqLIr+RfZBYxZRNmSpynhaAb9TUf8=
Subject key identifier: DC:BC:C9:4E:48:87:60:60:FB:81:D1:1F:EF:D3:46:2C:0A:65:D4:7F
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E75
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/3LzJTkiHYGD7gdEf79NGLApl1H8.roa
Signing time: Wed 29 Sep 2021 02:43:37 +0000
ROA not before: Wed 29 Sep 2021 02:43:37 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 106.105.250.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3701 (0xe75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:37 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DCBCC94E48876060FB81D11FEFD3462C0A65D47F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:01:5f:79:39:50:03:bd:5a:75:f7:8c:af:1d:
f8:dc:d7:0b:f1:98:7d:9a:6e:c9:77:46:2a:7d:aa:
60:62:f7:68:10:e7:1c:7b:5f:e8:f1:47:a9:2a:65:
c5:96:af:e9:4c:43:cb:ca:0b:88:73:32:ad:79:4c:
de:5d:fc:9a:57:dd:36:74:3f:32:ad:7f:0c:57:00:
f0:77:5a:b1:52:41:d2:8b:92:bf:9c:ca:a8:d2:fb:
ea:ac:58:f2:14:68:86:02:24:c0:84:7e:9c:4b:b3:
3d:3d:b6:58:da:aa:2e:e6:fe:58:c6:f6:fc:42:3d:
17:11:b8:c5:9a:5d:56:f0:ab:44:c9:17:53:43:de:
06:93:9f:25:17:71:94:48:26:bb:88:7a:da:5b:aa:
11:cf:7f:ee:63:e7:72:50:6b:f1:03:bb:7d:db:b4:
e3:13:ca:aa:68:5a:a2:98:5f:57:a9:98:a6:48:2a:
09:70:48:76:52:97:35:b3:a4:5a:40:6e:88:d2:78:
56:f1:19:76:aa:71:62:77:3d:e6:eb:71:c5:64:6c:
5f:62:d2:58:9c:38:df:62:49:86:3c:d4:7b:89:38:
11:33:32:16:5e:8e:ad:10:c0:0e:d9:28:ba:fc:b8:
9c:99:1d:ba:dc:94:52:9a:3d:b9:ee:7d:8b:b2:02:
a7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:BC:C9:4E:48:87:60:60:FB:81:D1:1F:EF:D3:46:2C:0A:65:D4:7F
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/3LzJTkiHYGD7gdEf79NGLApl1H8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.250.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:fd:58:55:dc:ca:8c:04:5a:48:3c:d2:7c:56:65:11:13:b2:
15:d1:ed:50:60:38:49:45:06:95:97:19:47:45:0e:50:e3:af:
c6:eb:27:96:59:99:e6:ea:e1:1e:f7:5e:8e:cd:f5:2d:30:51:
26:c0:17:fd:da:ba:59:0c:87:04:be:95:fb:b2:a4:26:b5:db:
8c:34:71:df:d8:34:d2:8f:52:9c:71:9f:07:8d:43:d4:cf:4d:
b4:e0:ea:2e:89:36:3c:d5:3f:8b:1b:7a:26:9d:e8:52:6c:6b:
ab:c3:9e:01:ab:87:f1:14:84:07:96:da:1b:9b:ae:cb:3b:b9:
d2:bf:f2:d0:b2:01:aa:42:c9:14:fc:96:09:5b:44:58:95:f9:
d5:f9:11:b7:d3:72:a8:c7:0b:ca:bc:d0:04:c5:d5:28:30:f0:
3a:ca:99:1e:83:7e:f0:f8:48:df:c5:bf:af:36:c8:68:f5:af:
92:ce:0d:3d:4d:c9:f1:77:34:c5:55:ae:d7:d7:9d:ab:c4:30:
3a:51:4e:fa:a6:05:34:bb:27:f0:86:17:d6:ba:4b:6a:3b:72:
1c:b1:5b:39:1b:ee:99:c0:58:4b:d1:02:95:7c:27:9e:be:7e:
f4:3b:bd:35:01:8b:22:31:61:14:75:1d:fb:db:71:1e:bc:ca:
f4:05:02:12
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDnUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMzdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERDQkNDOTRFNDg4NzYw
NjBGQjgxRDExRkVGRDM0NjJDMEE2NUQ0N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChAV95OVADvVp194yvHfjc1wvxmH2absl3Rip9qmBi92gQ5xx7
X+jxR6kqZcWWr+lMQ8vKC4hzMq15TN5d/JpX3TZ0PzKtfwxXAPB3WrFSQdKLkr+c
yqjS++qsWPIUaIYCJMCEfpxLsz09tljaqi7m/ljG9vxCPRcRuMWaXVbwq0TJF1ND
3gaTnyUXcZRIJruIetpbqhHPf+5j53JQa/EDu33btOMTyqpoWqKYX1epmKZIKglw
SHZSlzWzpFpAbojSeFbxGXaqcWJ3PebrccVkbF9i0licON9iSYY81HuJOBEzMhZe
jq0QwA7ZKLr8uJyZHbrclFKaPbnufYuyAqd3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3LzJTkiHYGD7gdEf79NGLApl1H8wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvM0x6SlRraUhZR0Q3Z2RFZjc5TkdM
QXBsMUg4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWpp+jAN
BgkqhkiG9w0BAQsFAAOCAQEAL/1YVdzKjARaSDzSfFZlEROyFdHtUGA4SUUGlZcZ
R0UOUOOvxusnllmZ5urhHvdejs31LTBRJsAX/dq6WQyHBL6V+7KkJrXbjDRx39g0
0o9SnHGfB41D1M9NtODqLok2PNU/ixt6Jp3oUmxrq8OeAauH8RSEB5baG5uuyzu5
0r/y0LIBqkLJFPyWCVtEWJX51fkRt9NyqMcLyrzQBMXVKDDwOsqZHoN+8PhI38W/
rzbIaPWvks4NPU3J8Xc0xVWu19edq8QwOlFO+qYFNLsn8IYX1rpLajtyHLFbORvu
mcBYS9EClXwnnr5+9Du9NQGLIjFhFHUd+9txHrzK9AUCEg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-fra.rpki-client.org