Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/CdyOT9EyX_1-HUfUgM-N_2OZxdU.roa
File: CdyOT9EyX_1-HUfUgM-N_2OZxdU.roa (raw, json)
Hash identifier: 5fUzmgf9Kf/7KTIdYI9Z1gt7Pa/eQE6wZBqnt4lLZwM=
Subject key identifier: 09:DC:8E:4F:D1:32:5F:FD:7E:1D:47:D4:80:CF:8D:FF:63:99:C5:D5
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 087D
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CdyOT9EyX_1-HUfUgM-N_2OZxdU.roa
Signing time: Tue 29 Sep 2020 09:52:05 +0000
ROA not before: Tue 29 Sep 2020 09:52:05 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4780
IP address blocks: 211.74.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2173 (0x87d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:05 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=09DC8E4FD1325FFD7E1D47D480CF8DFF6399C5D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3a:70:ba:6a:2a:c9:5b:fb:42:c2:7a:1d:d3:
b2:63:5f:02:a2:8d:3b:d4:d1:95:49:59:6a:dc:39:
7d:a2:07:07:fb:3e:3d:1e:29:02:ea:d5:a9:af:de:
73:66:d4:34:aa:be:56:b1:9a:f0:b5:19:0e:75:8e:
35:58:4f:be:c1:dd:58:f5:38:56:81:f8:bf:1d:51:
f2:69:ff:f2:c1:32:f2:c4:9e:76:c6:a7:ac:fc:09:
ef:e1:2a:3e:02:62:0b:69:8d:89:2d:f0:eb:b4:5b:
28:f4:06:a0:49:c1:25:dc:a2:5d:a8:d8:0a:43:0c:
34:ed:9d:39:a4:10:c5:99:fe:41:dc:c0:1c:79:16:
0f:ba:31:a5:b2:cf:95:f4:23:aa:09:df:55:4d:fd:
f1:1e:b4:ef:61:1c:a6:5a:25:95:33:c1:c2:1d:db:
e7:53:d8:ce:b6:57:30:b2:57:c8:87:ee:03:7a:7f:
4f:95:07:54:f2:9a:09:be:ad:9a:e0:e2:6c:65:74:
b0:f6:23:af:a0:9a:23:26:79:83:18:34:6b:92:10:
1c:67:ca:22:02:63:48:84:5f:db:71:a0:b1:89:a9:
3c:17:e0:d0:6e:96:5a:1d:37:2a:97:d1:7b:df:6b:
14:25:3f:29:8e:d4:af:ee:ce:16:cf:06:51:a1:d5:
ba:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DC:8E:4F:D1:32:5F:FD:7E:1D:47:D4:80:CF:8D:FF:63:99:C5:D5
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CdyOT9EyX_1-HUfUgM-N_2OZxdU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.74.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1e:69:83:c5:cc:90:bc:e4:53:6c:37:69:6b:b2:c0:3e:3c:42:
04:9f:26:7e:1a:9c:a6:50:02:ae:27:58:8d:71:92:25:81:bb:
d2:f9:11:ae:74:c5:23:b5:d8:d3:1d:1e:da:bf:b0:45:54:88:
56:2b:d5:b8:7b:b3:1b:ed:28:da:e6:6f:91:aa:8f:c9:96:6f:
9e:54:e5:57:f8:52:3a:7f:e6:77:98:8c:ce:7e:cf:9c:64:e4:
b4:96:36:ee:06:b1:e8:3b:98:98:cd:28:6b:0d:43:d9:b2:d3:
be:ab:f0:aa:7d:86:51:14:ef:60:3d:37:89:8c:01:37:64:81:
a2:f9:33:4b:21:e3:12:28:80:74:dd:5f:d7:97:38:bc:5a:78:
70:b0:8e:77:e7:09:a1:5f:9b:6c:98:46:cc:70:e6:8b:b8:61:
07:98:fd:f4:d7:75:11:84:c1:05:56:ff:c0:f7:d9:cb:b3:7d:
5a:d4:22:b9:27:58:24:d8:20:1e:ba:f7:27:a2:8c:9e:0f:cb:
f9:49:f9:d7:1c:7e:c5:86:1e:6b:b6:cf:78:7f:a8:3f:c5:f7:
5c:7c:16:8d:0a:e1:ef:6c:64:fc:55:44:6a:72:8e:19:45:98:
97:ba:f4:01:09:3d:71:58:98:fc:d6:7e:20:52:10:2a:70:81:
a2:89:e4:62
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCH0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA5REM4RTRGRDEzMjVG
RkQ3RTFENDdENDgwQ0Y4REZGNjM5OUM1RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQOnC6airJW/tCwnod07JjXwKijTvU0ZVJWWrcOX2iBwf7Pj0e
KQLq1amv3nNm1DSqvlaxmvC1GQ51jjVYT77B3Vj1OFaB+L8dUfJp//LBMvLEnnbG
p6z8Ce/hKj4CYgtpjYkt8Ou0Wyj0BqBJwSXcol2o2ApDDDTtnTmkEMWZ/kHcwBx5
Fg+6MaWyz5X0I6oJ31VN/fEetO9hHKZaJZUzwcId2+dT2M62VzCyV8iH7gN6f0+V
B1Tymgm+rZrg4mxldLD2I6+gmiMmeYMYNGuSEBxnyiICY0iEX9txoLGJqTwX4NBu
llodNyqX0XvfaxQlPymO1K/uzhbPBlGh1brZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCdyOT9EyX/1+HUfUgM+N/2OZxdUwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQ2R5T1Q5RXlYXzEtSFVmVWdNLU5f
Mk9aeGRVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9NKADAN
BgkqhkiG9w0BAQsFAAOCAQEAHmmDxcyQvORTbDdpa7LAPjxCBJ8mfhqcplACridY
jXGSJYG70vkRrnTFI7XY0x0e2r+wRVSIVivVuHuzG+0o2uZvkaqPyZZvnlTlV/hS
On/md5iMzn7PnGTktJY27gax6DuYmM0oaw1D2bLTvqvwqn2GURTvYD03iYwBN2SB
ovkzSyHjEiiAdN1f15c4vFp4cLCOd+cJoV+bbJhGzHDmi7hhB5j99Nd1EYTBBVb/
wPfZy7N9WtQiuSdYJNggHrr3J6KMng/L+Un51xx+xYYea7bPeH+oP8X3XHwWjQrh
72xk/FVEanKOGUWYl7r0AQk9cViY/NZ+IFIQKnCBoonkYg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:58 2023 by rpki-client on console-ams.rpki-client.org