Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/COFly9cmkDojFHoHQWX6DHMfjxo.roa
File: COFly9cmkDojFHoHQWX6DHMfjxo.roa (raw, json)
Hash identifier: Ln6+fRWjBjANsdFTxZ1YmYkjeD/CwDqNrdTNlByCPGk=
Subject key identifier: 08:E1:65:CB:D7:26:90:3A:23:14:7A:07:41:65:FA:0C:73:1F:8F:1A
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 084D
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/COFly9cmkDojFHoHQWX6DHMfjxo.roa
Signing time: Tue 29 Sep 2020 09:51:53 +0000
ROA not before: Tue 29 Sep 2020 09:51:53 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 220.229.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2125 (0x84d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:51:53 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=08E165CBD726903A23147A074165FA0C731F8F1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7f:8f:28:97:0c:37:da:e9:37:7e:c3:ba:f8:
21:7e:6d:ec:15:73:be:43:5e:51:86:bd:62:97:b2:
4a:2f:8a:c9:d4:88:0b:f3:78:e0:46:c8:e9:ab:92:
b7:0f:ec:cb:dd:11:e8:fd:22:0d:45:1d:c5:61:60:
1d:63:7a:4b:2b:c3:7d:07:66:c1:25:4e:55:b1:1a:
0c:85:c6:15:bb:10:1b:86:0d:12:c1:ce:99:7b:3a:
de:93:b3:87:4e:fe:1c:28:0b:33:84:73:35:76:f0:
b8:13:97:0e:84:8e:93:3e:bc:d1:e9:ec:56:12:55:
5a:cf:3b:ed:c5:c7:12:92:b8:59:49:97:93:62:ec:
fd:f4:57:6b:36:b7:89:f5:b8:02:7f:a1:e1:8c:8e:
aa:71:fc:83:51:94:97:22:e2:71:f1:48:18:d1:ac:
f4:6b:dd:b1:2d:9c:3d:f0:b6:e7:91:44:eb:da:1b:
42:87:64:b8:e3:aa:f1:a1:23:1c:3e:68:e1:6a:be:
6f:25:83:6f:c9:40:89:4e:1e:d4:4b:c9:da:89:54:
22:b4:ad:ea:e1:01:7f:d2:54:52:12:67:be:83:4f:
1d:45:f2:83:4d:22:3d:93:4c:81:41:17:57:18:2f:
2f:8d:a5:1b:92:15:3e:cf:38:0e:6d:99:e6:2a:83:
6d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E1:65:CB:D7:26:90:3A:23:14:7A:07:41:65:FA:0C:73:1F:8F:1A
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/COFly9cmkDojFHoHQWX6DHMfjxo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.64.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:76:db:06:ca:65:5b:e4:92:54:5e:25:22:4e:33:8b:0f:0a:
1a:7a:e4:9d:ec:a5:e1:0c:fc:e0:ef:34:52:c9:8e:9a:27:f9:
fc:42:d1:56:ad:35:47:35:80:b9:75:dc:4f:a3:48:d6:0a:c7:
8d:e7:6b:64:fd:3a:cd:a5:a8:4d:f0:32:5d:2e:74:f7:e3:f4:
13:1b:a9:ab:1d:d8:6d:7c:d0:45:68:d7:f6:e5:4d:82:4a:b7:
ab:93:36:f0:63:b4:69:29:0f:cc:69:35:c6:9c:29:cc:01:b9:
90:e3:8e:8d:13:4a:4e:04:17:60:03:8d:b6:80:75:6a:00:cd:
2d:71:9d:b6:eb:f4:1b:be:79:f9:90:fc:41:2c:ee:55:46:d0:
a3:bd:6e:b3:cd:1d:41:c2:02:c2:30:8a:3a:4d:56:0f:62:de:
f9:09:09:5d:02:f7:59:5f:28:44:00:4f:70:f5:13:ed:ff:c7:
30:91:1a:59:96:73:e1:cb:d5:83:80:f3:d9:db:bc:a8:a5:b3:
a1:aa:41:6f:d8:20:9b:2f:79:2e:84:71:ff:77:25:4e:9e:b7:
f9:7d:af:f5:39:c0:27:7f:61:09:4f:17:d0:9f:03:08:7b:64:
24:08:e3:85:dd:c9:f1:f5:a0:6c:0d:a0:61:fc:aa:3d:93:a3:
55:e1:18:70
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUxNTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA4RTE2NUNCRDcyNjkw
M0EyMzE0N0EwNzQxNjVGQTBDNzMxRjhGMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVf48olww32uk3fsO6+CF+bewVc75DXlGGvWKXskovisnUiAvz
eOBGyOmrkrcP7MvdEej9Ig1FHcVhYB1jeksrw30HZsElTlWxGgyFxhW7EBuGDRLB
zpl7Ot6Ts4dO/hwoCzOEczV28LgTlw6EjpM+vNHp7FYSVVrPO+3FxxKSuFlJl5Ni
7P30V2s2t4n1uAJ/oeGMjqpx/INRlJci4nHxSBjRrPRr3bEtnD3wtueRROvaG0KH
ZLjjqvGhIxw+aOFqvm8lg2/JQIlOHtRLydqJVCK0rerhAX/SVFISZ76DTx1F8oNN
Ij2TTIFBF1cYLy+NpRuSFT7POA5tmeYqg21NAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCOFly9cmkDojFHoHQWX6DHMfjxowHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQ09GbHk5Y21rRG9qRkhvSFFXWDZE
SE1manhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANzlQDAN
BgkqhkiG9w0BAQsFAAOCAQEAv3bbBsplW+SSVF4lIk4ziw8KGnrkneyl4Qz84O80
UsmOmif5/ELRVq01RzWAuXXcT6NI1grHjedrZP06zaWoTfAyXS509+P0Exupqx3Y
bXzQRWjX9uVNgkq3q5M28GO0aSkPzGk1xpwpzAG5kOOOjRNKTgQXYAONtoB1agDN
LXGdtuv0G755+ZD8QSzuVUbQo71us80dQcICwjCKOk1WD2Le+QkJXQL3WV8oRABP
cPUT7f/HMJEaWZZz4cvVg4Dz2du8qKWzoapBb9ggmy95LoRx/3clTp63+X2v9TnA
J39hCU8X0J8DCHtkJAjjhd3J8fWgbA2gYfyqPZOjVeEYcA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:58 2023 by rpki-client on console-ams.rpki-client.org