Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/HQDDqYY2LXw5Z97o15d-3-M5ggA.roa
File: HQDDqYY2LXw5Z97o15d-3-M5ggA.roa (raw, json)
Hash identifier: 2o0RpsCphmkukr0mTYJUkaEN7aFQHVJeg5Uph2QUCsg=
Subject key identifier: 1D:00:C3:A9:86:36:2D:7C:39:67:DE:E8:D7:97:7E:DF:E3:39:82:00
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0BE9
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HQDDqYY2LXw5Z97o15d-3-M5ggA.roa
Signing time: Sun 07 Feb 2021 06:40:35 +0000
ROA not before: Sun 07 Feb 2021 06:40:35 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 203.70.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3049 (0xbe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 06:40:35 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1D00C3A986362D7C3967DEE8D7977EDFE3398200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ea:bd:00:c2:33:95:9b:21:b2:20:12:bc:49:
2c:9b:ba:e5:1d:ab:e4:dc:03:97:cf:c5:39:39:fe:
e9:4a:36:7f:2c:7c:72:bf:fc:24:cd:cb:c6:4a:91:
f2:b5:59:a1:0d:5d:f6:3c:ab:8c:e6:17:25:b2:6d:
1e:d2:5a:c6:b2:05:f6:51:44:36:f3:f9:39:8f:f1:
18:c6:d4:81:3b:8d:c6:ec:61:7c:b8:c7:e2:63:b7:
e2:ca:fa:b8:e2:e9:22:ed:ed:7a:fd:8c:de:a1:a0:
7b:c9:08:95:49:1b:78:a7:b1:bb:13:38:1f:de:2b:
2c:da:71:fc:e0:a4:43:13:be:a9:4a:67:b2:51:4e:
26:2c:86:0c:59:e5:27:84:88:85:16:34:e5:b3:2b:
45:78:38:00:26:e0:7c:8f:8f:d7:ed:43:cf:0d:91:
9e:74:c7:13:c4:6d:da:09:59:c4:b0:96:48:d4:9f:
56:ac:20:38:c8:ae:00:8c:c1:ee:aa:99:74:53:5c:
33:0e:61:5b:38:39:6e:90:64:ca:f8:13:6f:20:16:
87:92:5f:e6:29:33:09:14:0a:78:fb:49:7a:b0:32:
1b:f0:08:4d:c3:bb:93:ce:79:21:4e:5f:f8:90:e6:
21:83:f3:07:8d:c1:ff:4b:14:07:df:91:d2:2d:be:
e6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:00:C3:A9:86:36:2D:7C:39:67:DE:E8:D7:97:7E:DF:E3:39:82:00
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HQDDqYY2LXw5Z97o15d-3-M5ggA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:9e:f2:c3:9c:7f:50:6f:19:bc:85:e3:8b:b6:90:a6:2d:65:
a9:6d:fa:80:59:f6:aa:30:1c:70:eb:47:1e:4e:f2:c8:bb:59:
30:a0:0b:fa:d3:0f:21:33:b2:44:6c:64:43:d1:52:9c:b7:3d:
0f:d1:bf:ae:dd:be:04:d0:37:2e:2b:5d:e8:4c:85:2a:31:ed:
c0:9f:8d:4e:df:aa:a9:5c:67:f0:df:4b:73:25:aa:f7:38:c5:
c9:f6:dc:02:ce:8a:c5:58:72:cf:e7:04:d9:f2:97:3d:2d:ef:
a2:53:6b:d6:e6:d5:7a:19:7d:2b:7f:95:a0:98:80:69:a7:53:
46:46:c3:94:8a:23:dd:11:c2:1c:19:e2:55:e6:96:f7:77:22:
c3:9d:f9:bf:57:36:fb:ae:54:db:d9:fe:c4:a4:ad:94:fb:9e:
72:36:8f:89:4b:2e:38:ba:05:0e:af:cc:e4:f0:ba:e6:ab:0b:
bd:f4:84:6f:3d:c2:d1:1c:bf:b4:87:37:d5:09:83:d7:82:a0:
d7:5a:78:c7:3d:3b:06:be:e5:9e:ab:7f:b7:76:13:86:3a:ce:
30:0b:61:be:9d:d6:5e:5b:dd:eb:19:28:87:d0:9f:e8:db:1f:
d2:12:4d:35:d7:9a:2f:cb:f8:81:5e:b2:de:6f:9c:ad:88:ae:
63:b4:12:48
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICC+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcw
NjQwMzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFEMDBDM0E5ODYzNjJE
N0MzOTY3REVFOEQ3OTc3RURGRTMzOTgyMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC06r0AwjOVmyGyIBK8SSybuuUdq+TcA5fPxTk5/ulKNn8sfHK/
/CTNy8ZKkfK1WaENXfY8q4zmFyWybR7SWsayBfZRRDbz+TmP8RjG1IE7jcbsYXy4
x+Jjt+LK+rji6SLt7Xr9jN6hoHvJCJVJG3insbsTOB/eKyzacfzgpEMTvqlKZ7JR
TiYshgxZ5SeEiIUWNOWzK0V4OAAm4HyPj9ftQ88NkZ50xxPEbdoJWcSwlkjUn1as
IDjIrgCMwe6qmXRTXDMOYVs4OW6QZMr4E28gFoeSX+YpMwkUCnj7SXqwMhvwCE3D
u5POeSFOX/iQ5iGD8weNwf9LFAffkdItvuabAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUHQDDqYY2LXw5Z97o15d+3+M5ggAwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSFFERHFZWTJMWHc1Wjk3bzE1ZC0z
LU01Z2dBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMtGMA0G
CSqGSIb3DQEBCwUAA4IBAQAwnvLDnH9Qbxm8heOLtpCmLWWpbfqAWfaqMBxw60ce
TvLIu1kwoAv60w8hM7JEbGRD0VKctz0P0b+u3b4E0DcuK13oTIUqMe3An41O36qp
XGfw30tzJar3OMXJ9twCzorFWHLP5wTZ8pc9Le+iU2vW5tV6GX0rf5WgmIBpp1NG
RsOUiiPdEcIcGeJV5pb3dyLDnfm/Vzb7rlTb2f7EpK2U+55yNo+JSy44ugUOr8zk
8Lrmqwu99IRvPcLRHL+0hzfVCYPXgqDXWnjHPTsGvuWeq3+3dhOGOs4wC2G+ndZe
W93rGSiH0J/o2x/SEk0115ovy/iBXrLeb5ytiK5jtBJI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:10 2023 by rpki-client on console-fra.rpki-client.org