Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Hu7wetQgbxHiGNDlra-dhS64ML0.roa
File: Hu7wetQgbxHiGNDlra-dhS64ML0.roa (raw, json)
Hash identifier: lIsTgfLCGZPEho5OTzZnvCx5eLC4kQgPSb2Q25fgUG4=
Subject key identifier: 1E:EE:F0:7A:D4:20:6F:11:E2:18:D0:E5:AD:AF:9D:85:2E:B8:30:BD
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E8E
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Hu7wetQgbxHiGNDlra-dhS64ML0.roa
Signing time: Wed 29 Sep 2021 02:43:44 +0000
ROA not before: Wed 29 Sep 2021 02:43:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9919
IP address blocks: 220.229.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3726 (0xe8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=1EEEF07AD4206F11E218D0E5ADAF9D852EB830BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0c:c2:25:fa:b4:33:b7:31:e5:cc:24:3c:4f:
dc:9e:2d:3f:c3:73:09:d0:f6:a6:5f:3b:5d:1c:79:
a2:c6:43:5e:68:1c:c5:9e:89:d2:0b:b7:17:ab:25:
c0:20:1b:36:41:05:08:7c:f4:43:3d:86:27:4a:03:
6f:cc:b4:52:80:bc:4d:c8:17:a7:cb:2f:4b:5c:91:
87:2a:83:02:55:12:db:d8:f8:60:25:dd:a5:0a:6d:
2a:79:4e:26:53:61:2d:b8:5b:d2:df:fc:16:72:71:
89:47:53:35:23:cc:18:87:1c:36:ea:6e:04:c7:14:
5d:51:c6:17:9f:2f:50:81:96:97:2a:45:32:cf:f7:
f5:2f:ed:25:02:8c:f6:84:cf:7d:6c:6f:85:cb:7d:
e5:40:be:ed:7d:f0:a8:f4:ac:69:da:a4:82:84:79:
dc:41:56:bf:7a:cc:55:66:2d:58:e3:80:80:34:25:
b3:fb:97:e4:46:52:62:53:bb:75:4b:da:db:d3:62:
a9:ee:77:3d:82:f0:2d:d6:53:ce:50:9c:85:4a:48:
c6:f9:de:c6:22:27:ee:99:71:ae:bb:c9:67:99:a9:
a6:a8:ce:2d:b9:44:b2:64:32:a3:9b:93:f5:49:83:
b6:b7:de:2e:cf:ef:ca:bc:9a:10:d2:a7:e3:03:d5:
d5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EE:F0:7A:D4:20:6F:11:E2:18:D0:E5:AD:AF:9D:85:2E:B8:30:BD
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Hu7wetQgbxHiGNDlra-dhS64ML0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.64.0/24
Signature Algorithm: sha256WithRSAEncryption
54:87:2e:3c:a4:92:f6:39:aa:3e:98:b0:1b:20:8c:73:ab:f1:
c9:8e:32:0b:48:f7:3f:6b:3d:a8:a5:17:5a:6c:19:89:f6:3a:
a0:0d:ec:93:89:d2:c5:2d:13:06:84:95:e7:a3:c3:4f:be:4c:
89:a2:8e:39:98:d2:fc:86:15:ae:06:16:ce:e2:c5:14:d3:00:
e8:e5:b5:af:bc:b6:2f:f5:eb:5d:05:1b:0a:17:c6:32:bb:e5:
59:72:f1:9a:25:9e:44:90:78:95:22:df:31:7e:91:35:cc:b4:
e7:81:b9:1f:88:c7:59:76:2c:b5:35:56:cf:da:33:8b:97:5c:
c3:a0:39:01:6e:23:45:38:bf:19:3b:85:14:ef:79:af:e4:f0:
03:49:0f:15:7c:be:f7:fd:9a:30:05:bc:38:de:73:ec:51:16:
a8:0f:8c:e3:48:4e:99:37:08:de:a9:59:56:00:ee:6b:38:61:
af:93:e3:49:40:fe:bb:8b:3e:7e:a1:e8:a5:42:58:bf:58:a1:
c1:f3:6b:69:34:f1:19:70:a7:88:87:11:39:eb:82:fe:e4:50:
45:62:78:e0:7a:42:8a:55:58:d7:07:38:68:be:41:f5:d2:08:
49:41:17:52:67:20:78:8e:c7:df:8c:3e:61:6e:5d:16:0d:c1:
bd:18:2d:c2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzNDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFFRUVGMDdBRDQyMDZG
MTFFMjE4RDBFNUFEQUY5RDg1MkVCODMwQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaDMIl+rQztzHlzCQ8T9yeLT/DcwnQ9qZfO10ceaLGQ15oHMWe
idILtxerJcAgGzZBBQh89EM9hidKA2/MtFKAvE3IF6fLL0tckYcqgwJVEtvY+GAl
3aUKbSp5TiZTYS24W9Lf/BZycYlHUzUjzBiHHDbqbgTHFF1RxhefL1CBlpcqRTLP
9/Uv7SUCjPaEz31sb4XLfeVAvu198Kj0rGnapIKEedxBVr96zFVmLVjjgIA0JbP7
l+RGUmJTu3VL2tvTYqnudz2C8C3WU85QnIVKSMb53sYiJ+6Zca67yWeZqaaozi25
RLJkMqObk/VJg7a33i7P78q8mhDSp+MD1dW/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHu7wetQgbxHiGNDlra+dhS64ML0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSHU3d2V0UWdieEhpR05EbHJhLWRo
UzY0TUwwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANzlQDAN
BgkqhkiG9w0BAQsFAAOCAQEAVIcuPKSS9jmqPpiwGyCMc6vxyY4yC0j3P2s9qKUX
WmwZifY6oA3sk4nSxS0TBoSV56PDT75MiaKOOZjS/IYVrgYWzuLFFNMA6OW1r7y2
L/XrXQUbChfGMrvlWXLxmiWeRJB4lSLfMX6RNcy054G5H4jHWXYstTVWz9ozi5dc
w6A5AW4jRTi/GTuFFO95r+TwA0kPFXy+9/2aMAW8ON5z7FEWqA+M40hOmTcI3qlZ
VgDuazhhr5PjSUD+u4s+fqHopUJYv1ihwfNraTTxGXCniIcROeuC/uRQRWJ44HpC
ilVY1wc4aL5B9dIISUEXUmcgeI7H34w+YW5dFg3BvRgtwg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:58 2023 by rpki-client on console-ams.rpki-client.org