Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/HYBjGpzjT17hfsPJtJ4rUHRYpvg.roa
File: HYBjGpzjT17hfsPJtJ4rUHRYpvg.roa (raw, json)
Hash identifier: lUpVm0jIEOTZ9be6tCtXSjvzH863XWiOrhPbU8dIsQQ=
Subject key identifier: 1D:80:63:1A:9C:E3:4F:5E:E1:7E:C3:C9:B4:9E:2B:50:74:58:A6:F8
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0897
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HYBjGpzjT17hfsPJtJ4rUHRYpvg.roa
Signing time: Tue 29 Sep 2020 09:52:11 +0000
ROA not before: Tue 29 Sep 2020 09:52:11 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18049
IP address blocks: 106.107.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2199 (0x897)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:11 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1D80631A9CE34F5EE17EC3C9B49E2B507458A6F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:2c:e5:ca:af:94:2c:d8:0a:96:95:8f:75:
ab:63:b8:17:49:1e:9c:7c:cc:54:0b:a7:7a:be:ac:
31:9b:f9:2d:bb:c1:7c:0f:d8:6e:1b:14:c5:ff:5b:
be:bd:60:2d:bd:30:03:1b:8a:e6:d5:c2:93:b5:57:
84:e1:c7:cd:38:b2:71:62:d2:a2:2e:76:a7:0e:88:
7f:f6:5c:4d:54:04:6a:00:c2:fd:f1:f3:ba:90:57:
79:c7:83:3c:dc:71:6a:21:a5:7c:78:ae:5a:b7:ae:
cd:11:ed:6b:6c:8d:df:06:89:79:80:1f:a1:33:f4:
8f:bc:77:fa:0e:ec:e6:8a:5a:d5:c3:fe:54:c0:a8:
d1:26:e4:46:21:46:9c:8c:33:6d:4b:f2:47:cb:f6:
ab:63:b0:63:ff:aa:8b:dd:d3:00:33:54:30:0f:ad:
30:f4:c3:4a:c0:41:eb:9b:9b:0e:d4:a3:5e:60:d1:
09:ec:2c:fb:5f:ed:2b:7f:ff:ba:c7:30:63:13:14:
fc:2b:87:73:66:a1:0a:db:fb:2b:8f:d9:44:93:07:
89:69:fc:2e:ea:de:ae:5e:14:cd:95:13:ce:02:d0:
29:40:ae:cb:ae:0c:98:03:fd:15:bd:f5:a7:8b:e5:
84:dd:4b:85:c9:e5:6b:24:90:b3:8b:b8:e3:32:b5:
76:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:80:63:1A:9C:E3:4F:5E:E1:7E:C3:C9:B4:9E:2B:50:74:58:A6:F8
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HYBjGpzjT17hfsPJtJ4rUHRYpvg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.107.208.0/20
Signature Algorithm: sha256WithRSAEncryption
07:bf:58:3a:26:9f:e4:12:4a:78:8c:c9:e7:13:98:87:e3:4a:
2e:78:5e:27:9b:fa:cd:6a:91:c6:cf:bb:44:f2:6c:e6:af:48:
67:81:7b:6b:71:5c:7e:1e:4b:be:1d:a9:6f:84:dc:4f:f3:6c:
a9:1e:12:a2:0c:8c:d0:1c:ee:d6:81:f1:68:7f:1e:af:bd:83:
31:42:14:8a:5a:fa:0c:88:a8:e2:9b:5a:d4:b1:73:ad:a4:7a:
34:78:a1:3f:30:0f:30:04:26:4b:c5:06:12:94:7c:9f:44:90:
78:7a:6f:28:dc:3e:8f:82:f1:33:40:9e:cd:ab:75:fb:50:c1:
6d:cd:10:60:c3:4b:a9:a2:0b:23:a0:dd:c8:15:a0:95:39:77:
ab:1e:9c:75:4d:16:a7:d0:ed:ee:cd:f6:39:f4:63:54:89:5c:
0b:09:ad:01:80:ee:aa:49:44:54:7a:3c:ed:71:17:73:d6:1b:
74:85:73:be:ff:c4:18:c2:81:b5:1e:7a:ce:33:0c:41:35:1f:
18:f6:47:b3:cc:ed:2f:4a:92:1f:c6:9d:2f:42:c3:a2:1d:82:
c6:19:b2:08:e4:d0:e5:5e:d6:8c:0b:12:66:79:cf:b1:5c:70:
c6:50:bc:00:d5:52:88:7b:56:7c:c9:91:60:e1:2b:0c:e1:3f:
3a:59:80:a0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCJcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFEODA2MzFBOUNFMzRG
NUVFMTdFQzNDOUI0OUUyQjUwNzQ1OEE2RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8Lizlyq+ULNgKlpWPdatjuBdJHpx8zFQLp3q+rDGb+S27wXwP
2G4bFMX/W769YC29MAMbiubVwpO1V4Thx804snFi0qIudqcOiH/2XE1UBGoAwv3x
87qQV3nHgzzccWohpXx4rlq3rs0R7Wtsjd8GiXmAH6Ez9I+8d/oO7OaKWtXD/lTA
qNEm5EYhRpyMM21L8kfL9qtjsGP/qovd0wAzVDAPrTD0w0rAQeubmw7Uo15g0Qns
LPtf7St//7rHMGMTFPwrh3NmoQrb+yuP2USTB4lp/C7q3q5eFM2VE84C0ClArsuu
DJgD/RW99aeL5YTdS4XJ5WskkLOLuOMytXYFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHYBjGpzjT17hfsPJtJ4rUHRYpvgwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSFlCakdwempUMTdoZnNQSnRKNHJV
SFJZcHZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGpr0DAN
BgkqhkiG9w0BAQsFAAOCAQEAB79YOiaf5BJKeIzJ5xOYh+NKLnheJ5v6zWqRxs+7
RPJs5q9IZ4F7a3Fcfh5Lvh2pb4TcT/NsqR4SogyM0Bzu1oHxaH8er72DMUIUilr6
DIio4pta1LFzraR6NHihPzAPMAQmS8UGEpR8n0SQeHpvKNw+j4LxM0Cezat1+1DB
bc0QYMNLqaILI6DdyBWglTl3qx6cdU0Wp9Dt7s32OfRjVIlcCwmtAYDuqklEVHo8
7XEXc9YbdIVzvv/EGMKBtR56zjMMQTUfGPZHs8ztL0qSH8adL0LDoh2CxhmyCOTQ
5V7WjAsSZnnPsVxwxlC8ANVSiHtWfMmRYOErDOE/OlmAoA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:10 2023 by rpki-client on console-fra.rpki-client.org