Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/CRHf9whQytEZNmcg71l8YgHxiSM.roa
File: CRHf9whQytEZNmcg71l8YgHxiSM.roa (raw, json)
Hash identifier: zlkBYcP/Kx4Oufjo3BPv5fkc5J38zVBrj/ZvRDEl1VM=
Subject key identifier: 09:11:DF:F7:08:50:CA:D1:19:36:67:20:EF:59:7C:62:01:F1:89:23
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0CE3
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CRHf9whQytEZNmcg71l8YgHxiSM.roa
Signing time: Sun 07 Feb 2021 11:45:45 +0000
ROA not before: Sun 07 Feb 2021 11:45:45 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 122.147.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3299 (0xce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 11:45:45 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=0911DFF70850CAD119366720EF597C6201F18923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:28:26:b4:f6:27:28:74:3e:eb:11:46:82:39:
4d:41:d8:ac:3d:a9:38:87:32:ba:4b:f4:80:cf:dd:
cf:18:9a:40:c8:38:a3:8c:1a:24:cb:fe:c2:fe:06:
a4:a1:dc:94:28:2e:61:4b:a1:98:0c:52:dc:88:ff:
31:01:04:9d:c3:24:f0:1c:e5:fe:f5:f0:0c:e2:36:
21:e2:56:cd:e8:c4:b1:6d:08:61:81:94:c7:cd:b9:
03:a2:3a:50:44:af:54:03:6c:c6:69:6c:d0:53:a1:
d1:d0:68:4b:57:38:79:39:4b:d5:47:f6:b9:84:9b:
9a:33:64:2b:b5:9d:81:be:e2:23:e3:9a:50:0d:2b:
3d:13:ff:1f:6a:18:26:61:2f:59:00:f4:2a:b5:5a:
48:9e:9c:4e:33:39:71:04:12:f0:76:d5:31:3b:0e:
9c:68:d1:05:40:03:32:62:56:e2:77:3b:c7:f5:fa:
2d:21:81:ec:69:45:dd:73:ff:02:bd:aa:2a:d4:9e:
53:b1:82:6f:4d:3e:d0:14:a5:16:1a:f5:36:2a:a0:
6b:19:8a:0b:24:8f:be:4d:70:bf:7d:b1:c7:ab:e1:
19:20:bd:58:39:18:bf:6f:24:15:43:18:2d:e1:b8:
02:c2:73:e4:81:0a:f8:0d:85:f1:2a:2d:07:2c:02:
65:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:11:DF:F7:08:50:CA:D1:19:36:67:20:EF:59:7C:62:01:F1:89:23
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CRHf9whQytEZNmcg71l8YgHxiSM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.168.0/21
Signature Algorithm: sha256WithRSAEncryption
07:50:e5:68:0e:3d:c9:22:de:56:ce:21:b0:36:6c:7a:c8:32:
e3:ae:8d:1e:62:6e:e4:99:c3:29:89:7c:9e:d0:ef:0f:c6:9c:
84:9f:73:e4:82:b9:0f:d8:ab:3b:0f:ff:21:c4:e0:06:cc:c6:
26:1a:01:e8:8f:45:53:53:fd:bf:ec:76:05:b3:4d:9d:3b:ce:
28:dd:dc:aa:9c:fc:2c:22:f3:93:ea:3d:f4:28:77:1e:f7:e0:
c1:f3:7f:ff:d2:08:9a:8e:38:e0:8e:4b:e6:5e:29:60:6d:2c:
20:3a:75:dc:8c:8c:5c:d5:14:f8:c5:54:c0:ec:bf:be:b1:b6:
6f:7a:8a:bb:3c:6a:61:23:22:db:27:07:12:b5:b5:50:1b:16:
59:bb:d7:57:64:08:4f:f0:98:2c:df:ab:80:fe:80:2f:01:81:
6b:b6:90:5f:ba:a5:be:27:e4:e7:43:a2:ff:73:96:a7:a1:21:
5b:04:16:14:24:5b:da:a4:8a:33:b7:c0:f1:75:6a:8b:4e:ea:
8d:42:1a:a2:d2:a0:46:fb:31:ab:d2:a2:38:f2:95:c0:0d:80:
bb:6d:13:9e:55:0c:ee:66:40:3d:14:e6:10:b5:9e:2d:9a:11:
a2:7d:9f:ad:cc:f9:3d:50:4e:00:f0:ec:e5:b4:ea:56:48:49:
87:0b:51:b9
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcx
MTQ1NDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA5MTFERkY3MDg1MENB
RDExOTM2NjcyMEVGNTk3QzYyMDFGMTg5MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRKCa09icodD7rEUaCOU1B2Kw9qTiHMrpL9IDP3c8YmkDIOKOM
GiTL/sL+BqSh3JQoLmFLoZgMUtyI/zEBBJ3DJPAc5f718AziNiHiVs3oxLFtCGGB
lMfNuQOiOlBEr1QDbMZpbNBTodHQaEtXOHk5S9VH9rmEm5ozZCu1nYG+4iPjmlAN
Kz0T/x9qGCZhL1kA9Cq1WkienE4zOXEEEvB21TE7Dpxo0QVAAzJiVuJ3O8f1+i0h
gexpRd1z/wK9qirUnlOxgm9NPtAUpRYa9TYqoGsZigskj75NcL99scer4RkgvVg5
GL9vJBVDGC3huALCc+SBCvgNhfEqLQcsAmWxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCRHf9whQytEZNmcg71l8YgHxiSMwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQ1JIZjl3aFF5dEVaTm1jZzcxbDhZ
Z0h4aVNNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3qTqDAN
BgkqhkiG9w0BAQsFAAOCAQEAB1DlaA49ySLeVs4hsDZsesgy466NHmJu5JnDKYl8
ntDvD8achJ9z5IK5D9irOw//IcTgBszGJhoB6I9FU1P9v+x2BbNNnTvOKN3cqpz8
LCLzk+o99Ch3HvfgwfN//9IImo444I5L5l4pYG0sIDp13IyMXNUU+MVUwOy/vrG2
b3qKuzxqYSMi2ycHErW1UBsWWbvXV2QIT/CYLN+rgP6ALwGBa7aQX7qlvifk50Oi
/3OWp6EhWwQWFCRb2qSKM7fA8XVqi07qjUIaotKgRvsxq9KiOPKVwA2Au20TnlUM
7mZAPRTmELWeLZoRon2frcz5PVBOAPDs5bTqVkhJhwtRuQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:58 2023 by rpki-client on console-ams.rpki-client.org