Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/A9t9pwCI42c4p7xXMtj6nR1WeV8.roa
File: A9t9pwCI42c4p7xXMtj6nR1WeV8.roa (raw, json)
Hash identifier: vHXolhI9EnIX6X/DuZxjYfR2+gmR5iyEtL5hUHe6zaI=
Subject key identifier: 03:DB:7D:A7:00:88:E3:67:38:A7:BC:57:32:D8:FA:9D:1D:56:79:5F
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E8F
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/A9t9pwCI42c4p7xXMtj6nR1WeV8.roa
Signing time: Wed 29 Sep 2021 02:43:44 +0000
ROA not before: Wed 29 Sep 2021 02:43:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 220.229.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3727 (0xe8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=03DB7DA70088E36738A7BC5732D8FA9D1D56795F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:4d:a2:39:f0:59:07:80:9c:7a:1b:fc:b1:
50:23:61:76:7a:04:ee:c9:22:d6:03:58:10:ad:29:
9c:9a:75:56:7d:a8:56:eb:69:9e:a9:d9:4a:d2:22:
0f:d2:93:03:08:ff:8d:26:41:1f:4f:06:28:c8:4d:
d7:16:c9:f5:5c:ff:2b:99:24:44:83:af:6d:de:cd:
0e:f5:f7:2a:fd:12:b8:e3:df:e7:4d:80:90:a4:b6:
38:cc:3f:2f:b2:f8:30:7c:f1:6e:a8:b5:8f:80:14:
d1:25:a2:37:bf:8d:89:46:59:b2:fd:0c:c4:36:23:
74:20:52:01:31:10:da:d1:30:96:78:b6:ca:1f:06:
2d:e0:c7:bc:a0:7d:a1:96:c8:f7:c9:04:cb:4f:e9:
16:c3:53:9b:c8:52:23:7e:8e:2f:71:db:82:bb:06:
9e:6b:6a:8c:65:af:0c:0f:9e:00:ab:4b:09:79:fb:
65:ce:6e:e1:30:03:1c:11:37:c1:6c:41:40:3f:4e:
e2:73:d9:fa:12:98:62:08:dd:53:38:87:67:41:15:
bc:7d:91:e1:6f:15:8e:82:29:c5:50:33:01:80:fa:
33:9b:9f:0b:6f:fd:82:07:ef:ba:3e:89:b7:0e:7a:
09:fd:d1:96:82:07:bc:39:e2:98:18:2e:3d:31:0a:
e9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DB:7D:A7:00:88:E3:67:38:A7:BC:57:32:D8:FA:9D:1D:56:79:5F
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/A9t9pwCI42c4p7xXMtj6nR1WeV8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.65.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:a7:e2:f5:dc:62:34:40:a0:fb:77:25:0a:c8:66:81:52:2f:
b2:60:df:b5:82:44:20:b1:db:c7:45:cb:b8:fa:ad:44:dc:a1:
af:e1:33:6d:32:0d:ee:ee:23:b2:86:70:3f:be:7d:51:10:bb:
9f:c9:28:d0:90:f0:20:c5:26:45:57:56:0e:66:56:de:5f:23:
c2:e8:cf:25:c1:b1:c1:2a:1c:bf:9a:db:f1:33:dc:c5:6b:01:
5c:82:a4:33:07:70:6c:0a:26:d8:54:cc:02:2f:01:d4:1a:49:
b5:0c:46:95:d7:89:be:af:f6:40:e6:38:d3:3e:52:0f:03:cd:
25:cd:aa:81:47:2f:18:c2:49:7e:1a:cf:82:e0:fc:2c:e5:30:
f3:aa:de:ff:f2:7b:71:24:01:3c:c8:37:a2:17:51:26:d8:a7:
d9:c7:de:00:e6:ad:cb:4b:06:73:aa:75:f8:19:02:e5:65:70:
4d:43:4b:9c:cb:07:60:a1:7a:27:81:35:97:be:b0:02:d1:3b:
79:57:31:2f:21:03:34:74:a6:80:9b:01:7c:ec:87:bd:fd:e3:
2c:4d:6e:96:49:d6:ce:c5:ab:03:29:79:77:11:25:61:14:8c:
05:25:94:67:4c:ec:ec:da:2b:94:d3:2e:78:31:c3:3a:4d:08:
9f:a8:47:72
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzNDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDAzREI3REE3MDA4OEUz
NjczOEE3QkM1NzMyRDhGQTlEMUQ1Njc5NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpQ02iOfBZB4Ccehv8sVAjYXZ6BO7JItYDWBCtKZyadVZ9qFbr
aZ6p2UrSIg/SkwMI/40mQR9PBijITdcWyfVc/yuZJESDr23ezQ719yr9Erjj3+dN
gJCktjjMPy+y+DB88W6otY+AFNEloje/jYlGWbL9DMQ2I3QgUgExENrRMJZ4tsof
Bi3gx7ygfaGWyPfJBMtP6RbDU5vIUiN+ji9x24K7Bp5raoxlrwwPngCrSwl5+2XO
buEwAxwRN8FsQUA/TuJz2foSmGII3VM4h2dBFbx9keFvFY6CKcVQMwGA+jObnwtv
/YIH77o+ibcOegn90ZaCB7w54pgYLj0xCulvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUA9t9pwCI42c4p7xXMtj6nR1WeV8wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQTl0OXB3Q0k0MmM0cDd4WE10ajZu
UjFXZVY4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANzlQTAN
BgkqhkiG9w0BAQsFAAOCAQEAHafi9dxiNECg+3clCshmgVIvsmDftYJEILHbx0XL
uPqtRNyhr+EzbTIN7u4jsoZwP759URC7n8ko0JDwIMUmRVdWDmZW3l8jwujPJcGx
wSocv5rb8TPcxWsBXIKkMwdwbAom2FTMAi8B1BpJtQxGldeJvq/2QOY40z5SDwPN
Jc2qgUcvGMJJfhrPguD8LOUw86re//J7cSQBPMg3ohdRJtin2cfeAOaty0sGc6p1
+BkC5WVwTUNLnMsHYKF6J4E1l76wAtE7eVcxLyEDNHSmgJsBfOyHvf3jLE1ulknW
zsWrAyl5dxElYRSMBSWUZ0zs7NorlNMueDHDOk0In6hHcg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:10 2023 by rpki-client on console-fra.rpki-client.org