Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/5c9n0KAkWjNti_ltEC9rE835nuc.roa
File: 5c9n0KAkWjNti_ltEC9rE835nuc.roa (raw, json)
Hash identifier: kyuCB3TMN/xhAV8K83B/N/m5bIS941XYMD7aOGb5uzo=
Subject key identifier: E5:CF:67:D0:A0:24:5A:33:6D:8B:F9:6D:10:2F:6B:13:CD:F9:9E:E7
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E7F
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/5c9n0KAkWjNti_ltEC9rE835nuc.roa
Signing time: Wed 29 Sep 2021 02:43:40 +0000
ROA not before: Wed 29 Sep 2021 02:43:40 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 106.107.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3711 (0xe7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:40 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=E5CF67D0A0245A336D8BF96D102F6B13CDF99EE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:56:27:99:45:2a:cd:84:81:91:a3:dd:8c:b1:
6d:59:5a:02:01:fd:08:27:4f:6c:06:4b:16:4d:aa:
e5:93:3f:7b:ff:e4:8b:73:e8:1d:93:1f:8f:59:e8:
9f:63:e2:9e:7d:bb:ca:1a:11:87:43:93:67:f0:d3:
b6:70:c1:b6:5c:e1:f2:38:6c:1b:57:a2:c9:3c:5a:
ad:ce:b1:8a:ba:16:15:55:af:f6:79:43:09:ad:01:
17:c8:52:f7:d8:a4:49:be:39:6c:51:17:48:aa:e9:
cb:73:46:63:84:8d:ba:b9:48:1c:8f:d2:3a:9e:e8:
f0:d1:61:8a:4e:38:0f:db:49:ab:a3:fe:ab:3f:f6:
ac:55:99:5b:db:6c:40:c9:82:30:c9:45:97:54:73:
22:cb:b8:bb:b3:f1:89:c6:23:a2:90:d9:d3:12:ce:
cc:56:4a:6c:71:49:99:13:a0:5f:ce:de:bb:94:b9:
8f:c7:61:94:4f:58:86:92:62:5a:68:f8:94:f5:52:
39:16:fc:91:10:e3:10:46:7d:cf:ce:8d:00:59:c0:
6a:3d:09:f1:a8:ed:d7:bb:5d:03:9b:8a:c0:85:e9:
7b:f3:30:29:0e:69:26:38:73:2b:5b:41:d2:12:00:
b0:85:22:ab:45:12:51:84:22:d0:2f:1a:d6:c1:bf:
2f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CF:67:D0:A0:24:5A:33:6D:8B:F9:6D:10:2F:6B:13:CD:F9:9E:E7
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/5c9n0KAkWjNti_ltEC9rE835nuc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.107.208.0/20
Signature Algorithm: sha256WithRSAEncryption
25:58:cb:6e:35:e3:46:b2:a7:e6:05:dc:b7:0f:b7:20:4f:2f:
b6:4a:23:ac:e3:8c:78:9d:6c:c8:0d:ae:ff:83:a1:74:54:49:
54:dc:5d:78:5c:69:79:7e:64:52:59:4e:a9:85:72:7b:fd:2e:
9d:de:ed:bc:83:cb:3e:50:5f:b8:41:d6:9b:7a:18:d4:ab:23:
72:b8:1d:2e:ca:25:ef:11:fd:4a:e1:d7:97:c2:a0:9f:4b:42:
27:a1:77:12:9a:bd:e7:ff:0d:63:f8:b0:d9:61:36:7c:58:7b:
26:36:df:d5:cf:d5:6f:cd:ae:27:70:92:96:67:aa:fd:32:4c:
e3:13:8c:60:f7:b8:fa:8d:21:ac:ad:60:d4:69:b4:da:b2:6b:
a2:16:f4:30:bf:7c:6d:33:ba:a4:e2:d6:fb:60:35:ac:88:d0:
58:58:7c:a2:7d:ce:38:fa:d7:2f:2f:48:ad:4b:60:61:87:97:
9a:c9:47:2c:09:70:a9:3f:2f:c1:d0:de:70:55:bc:e1:13:51:
86:60:73:f3:e9:2b:4f:9f:58:87:bc:00:6e:ab:a8:86:4c:6c:
ce:3f:c5:62:a3:5e:b9:cc:47:4f:74:2a:85:65:84:90:a4:84:
15:ea:25:11:d7:7b:1c:f1:95:91:38:d3:92:58:10:b9:a4:5d:
51:d1:87:37
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDn8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzNDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEU1Q0Y2N0QwQTAyNDVB
MzM2RDhCRjk2RDEwMkY2QjEzQ0RGOTlFRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7VieZRSrNhIGRo92MsW1ZWgIB/QgnT2wGSxZNquWTP3v/5Itz
6B2TH49Z6J9j4p59u8oaEYdDk2fw07ZwwbZc4fI4bBtXosk8Wq3OsYq6FhVVr/Z5
QwmtARfIUvfYpEm+OWxRF0iq6ctzRmOEjbq5SByP0jqe6PDRYYpOOA/bSauj/qs/
9qxVmVvbbEDJgjDJRZdUcyLLuLuz8YnGI6KQ2dMSzsxWSmxxSZkToF/O3ruUuY/H
YZRPWIaSYlpo+JT1UjkW/JEQ4xBGfc/OjQBZwGo9CfGo7de7XQObisCF6XvzMCkO
aSY4cytbQdISALCFIqtFElGEItAvGtbBvy9rAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU5c9n0KAkWjNti/ltEC9rE835nucwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvNWM5bjBLQWtXak50aV9sdEVDOXJF
ODM1bnVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGpr0DAN
BgkqhkiG9w0BAQsFAAOCAQEAJVjLbjXjRrKn5gXctw+3IE8vtkojrOOMeJ1syA2u
/4OhdFRJVNxdeFxpeX5kUllOqYVye/0und7tvIPLPlBfuEHWm3oY1KsjcrgdLsol
7xH9SuHXl8Kgn0tCJ6F3Epq95/8NY/iw2WE2fFh7Jjbf1c/Vb82uJ3CSlmeq/TJM
4xOMYPe4+o0hrK1g1Gm02rJrohb0ML98bTO6pOLW+2A1rIjQWFh8on3OOPrXLy9I
rUtgYYeXmslHLAlwqT8vwdDecFW84RNRhmBz8+krT59Yh7wAbquohkxszj/FYqNe
ucxHT3QqhWWEkKSEFeolEdd7HPGVkTjTklgQuaRdUdGHNw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:58 2023 by rpki-client on console-ams.rpki-client.org