Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Ac-mAq_49JmyLEL_yfjWcxb9j2A.roa
File: Ac-mAq_49JmyLEL_yfjWcxb9j2A.roa (raw, json)
Hash identifier: +HN3kLPBqxyH+ijx5cH/2xdeTHVE5fQyztTTcKQ33Ho=
Subject key identifier: 01:CF:A6:02:AF:F8:F4:99:B2:2C:42:FF:C9:F8:D6:73:16:FD:8F:60
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 08CE
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Ac-mAq_49JmyLEL_yfjWcxb9j2A.roa
Signing time: Tue 29 Sep 2020 09:52:28 +0000
ROA not before: Tue 29 Sep 2020 09:52:28 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 220.229.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2254 (0x8ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:28 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=01CFA602AFF8F499B22C42FFC9F8D67316FD8F60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4c:0d:f5:f7:11:11:ff:df:18:ab:32:6a:21:
b8:2f:a1:c1:b6:02:22:ea:d9:12:0e:dc:07:54:90:
0b:94:ea:5d:31:82:49:c5:65:74:15:21:89:76:94:
3e:80:97:53:35:97:f1:33:85:6a:04:89:a8:d9:3e:
65:e7:38:02:fc:99:4b:8e:f8:43:f3:d0:dc:bd:d3:
c4:54:f9:b6:2e:20:0f:02:8b:e4:81:74:f5:b1:5f:
2c:01:e4:32:06:5d:eb:62:fc:e3:ab:b4:a6:75:01:
68:83:59:ed:c8:f0:43:19:78:a1:09:b1:99:21:46:
71:25:fb:c2:80:1e:52:1f:3c:e4:4a:be:d7:cf:08:
24:84:09:46:4f:6b:fc:8c:33:34:b2:5b:c5:54:b3:
b0:7f:22:8b:6c:fc:92:70:0f:ce:a2:8b:a5:68:29:
d7:30:9d:a9:c6:e7:3d:f7:2d:d1:03:d4:dc:3f:16:
67:14:9b:cd:ac:69:ec:0d:30:ca:21:6c:4b:98:c8:
b6:b5:ec:06:c6:c5:61:ab:b8:dc:d1:23:20:bf:c1:
24:67:c3:c1:a1:0c:e7:b4:70:8c:3d:81:e6:b7:a8:
64:39:e8:e8:8f:ed:88:4f:aa:f8:d3:4f:8a:5c:89:
5c:1e:9d:10:b3:4f:49:9f:c2:23:cc:b0:6e:da:06:
47:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:CF:A6:02:AF:F8:F4:99:B2:2C:42:FF:C9:F8:D6:73:16:FD:8F:60
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Ac-mAq_49JmyLEL_yfjWcxb9j2A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.72.0/21
Signature Algorithm: sha256WithRSAEncryption
ba:ec:fa:38:80:ca:5b:63:7e:51:05:78:d5:4c:b0:94:56:c8:
41:5f:a1:3a:87:83:c4:9c:6e:6d:03:bd:f4:65:a5:c3:21:96:
7f:13:e1:6f:c4:0e:90:d3:6b:bb:c8:83:59:37:0b:5b:6f:c8:
f2:1f:e9:14:9c:cc:9a:c2:b2:c0:a4:e8:87:ef:ad:22:c3:dc:
a5:03:2d:62:94:af:d3:e6:dd:37:6d:d8:50:1e:26:19:a0:b2:
bd:22:fb:5e:27:cb:aa:18:04:21:d1:17:cf:01:09:92:de:6d:
5d:58:4a:90:f4:b5:97:41:ef:3b:2b:7f:47:fd:3b:18:7b:5f:
d4:35:ce:b2:c4:ed:23:ab:ad:d8:bc:70:f3:63:06:8f:71:6f:
93:c0:b7:ee:55:37:21:9e:d9:0e:26:49:53:9a:9d:a2:ae:e5:
65:c2:69:fa:87:aa:b5:88:5e:86:ca:fa:6b:6b:20:ce:17:bd:
09:46:44:2e:62:61:94:21:64:bb:1c:8e:87:03:12:9a:2a:91:
51:74:8d:8d:c5:4f:00:58:12:1e:ef:7c:d1:a2:12:84:b9:09:
23:bd:e2:ed:f3:92:71:e2:3e:42:ec:e4:42:40:3f:9d:c2:81:
20:2f:2d:4c:f5:22:42:50:8a:90:79:6c:04:7f:34:a1:9d:5b:
c0:a0:ed:11
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCM4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMjhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDAxQ0ZBNjAyQUZGOEY0
OTlCMjJDNDJGRkM5RjhENjczMTZGRDhGNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuTA319xER/98YqzJqIbgvocG2AiLq2RIO3AdUkAuU6l0xgknF
ZXQVIYl2lD6Al1M1l/EzhWoEiajZPmXnOAL8mUuO+EPz0Ny908RU+bYuIA8Ci+SB
dPWxXywB5DIGXeti/OOrtKZ1AWiDWe3I8EMZeKEJsZkhRnEl+8KAHlIfPORKvtfP
CCSECUZPa/yMMzSyW8VUs7B/Iots/JJwD86ii6VoKdcwnanG5z33LdED1Nw/FmcU
m82saewNMMohbEuYyLa17AbGxWGruNzRIyC/wSRnw8GhDOe0cIw9gea3qGQ56OiP
7YhPqvjTT4pciVwenRCzT0mfwiPMsG7aBkdBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUAc+mAq/49JmyLEL/yfjWcxb9j2AwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQWMtbUFxXzQ5Sm15TEVMX3lmaldj
eGI5ajJBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9zlSDAN
BgkqhkiG9w0BAQsFAAOCAQEAuuz6OIDKW2N+UQV41UywlFbIQV+hOoeDxJxubQO9
9GWlwyGWfxPhb8QOkNNru8iDWTcLW2/I8h/pFJzMmsKywKToh++tIsPcpQMtYpSv
0+bdN23YUB4mGaCyvSL7XifLqhgEIdEXzwEJkt5tXVhKkPS1l0HvOyt/R/07GHtf
1DXOssTtI6ut2Lxw82MGj3Fvk8C37lU3IZ7ZDiZJU5qdoq7lZcJp+oeqtYhehsr6
a2sgzhe9CUZELmJhlCFkuxyOhwMSmiqRUXSNjcVPAFgSHu980aIShLkJI73i7fOS
ceI+QuzkQkA/ncKBIC8tTPUiQlCKkHlsBH80oZ1bwKDtEQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:10 2023 by rpki-client on console-fra.rpki-client.org