Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Ic3YO-PuWLTIH2EW4EpC7UBxs9c.roa
File: Ic3YO-PuWLTIH2EW4EpC7UBxs9c.roa (raw, json)
Hash identifier: UX1lB8CnJfazlcA+dNO0IujEB6FKugMLFQdUmXyemow=
Subject key identifier: 21:CD:D8:3B:E3:EE:58:B4:C8:1F:61:16:E0:4A:42:ED:40:71:B3:D7
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E04
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Ic3YO-PuWLTIH2EW4EpC7UBxs9c.roa
Signing time: Wed 29 Sep 2021 02:43:07 +0000
ROA not before: Wed 29 Sep 2021 02:43:07 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9919
IP address blocks: 42.0.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3588 (0xe04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:07 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=21CDD83BE3EE58B4C81F6116E04A42ED4071B3D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6c:4c:00:24:df:f8:00:5d:a4:f7:17:85:e6:
96:f4:a7:7d:15:22:5b:4a:58:bf:70:b5:7c:a2:8e:
fd:63:c8:7c:d6:79:bc:01:ac:60:a6:52:33:71:61:
b8:32:ad:10:e2:ec:91:e8:88:96:a0:06:77:25:df:
e9:30:ae:5f:75:cb:58:5b:59:98:9e:25:47:91:be:
2b:4b:d6:ce:90:22:3a:d6:e8:cb:ae:86:c1:20:35:
f0:ed:99:ad:19:bf:d9:9e:49:6f:a6:9c:8e:29:17:
7f:22:c9:12:03:1d:72:73:ac:a0:f8:b7:29:e3:e0:
e3:0d:8c:fe:64:ab:84:30:40:40:b0:f5:70:84:b2:
a6:69:ca:0b:b5:8a:3e:3b:d9:6b:4b:4f:c7:76:75:
8c:bc:4e:f1:a8:67:92:2e:7d:fb:4a:4a:20:69:e3:
a3:68:1f:25:68:3f:c3:65:05:e7:45:c7:32:b4:f1:
09:28:a3:75:2c:99:9b:e4:e0:45:f2:2c:38:b0:e1:
73:6f:d2:f0:e8:3b:a2:15:f3:0d:5e:69:a3:11:94:
12:5d:0a:80:fe:00:19:46:15:72:32:6b:89:a4:b2:
e9:61:e5:99:26:ea:e6:ae:9a:6b:e8:c9:8e:a0:a1:
3c:78:2b:2f:e3:e4:9a:1c:0c:98:50:63:32:23:81:
34:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CD:D8:3B:E3:EE:58:B4:C8:1F:61:16:E0:4A:42:ED:40:71:B3:D7
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Ic3YO-PuWLTIH2EW4EpC7UBxs9c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:71:a6:b1:b4:35:2f:46:13:ed:56:23:33:30:b5:42:5a:3b:
1e:85:05:2f:2c:7b:46:2d:50:fc:0d:e0:dd:69:62:82:d0:17:
db:fc:9a:d0:f4:10:5f:9b:72:52:66:21:19:4e:33:7d:44:a6:
40:24:b7:63:4a:f6:ac:5a:89:13:b6:51:02:b3:e0:4c:43:46:
88:82:60:64:b8:3b:66:4f:e6:0e:1b:2f:15:59:1d:d6:ac:0b:
66:ac:4f:c8:4e:ff:80:8b:ba:f5:a1:ae:7a:c3:6d:2f:25:10:
04:36:e4:76:08:7d:7d:9d:c2:5e:e8:13:ed:0e:4d:64:e0:e4:
cd:8f:af:c6:9c:a2:86:14:0c:76:64:a5:d5:a5:ec:e3:13:b7:
34:f0:0e:9d:a7:33:31:73:b6:cd:dc:74:55:c0:18:0e:f2:85:
7f:92:5c:5b:67:ed:be:64:e7:d0:4e:a4:d8:42:ce:7c:74:c9:
38:2c:10:f6:85:9a:ed:8c:0a:59:f3:40:e9:25:55:5f:b5:79:
c5:af:da:6f:e6:37:1d:c5:53:29:68:32:4f:ec:6a:34:1e:5c:
97:e7:df:0b:a8:f8:a0:9d:91:c0:b3:25:16:be:25:61:02:5f:
6f:79:30:2c:cc:7b:e1:49:1d:96:ed:28:26:01:66:52:58:e7:
b2:48:49:e2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDgQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDIxQ0REODNCRTNFRTU4
QjRDODFGNjExNkUwNEE0MkVENDA3MUIzRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDubEwAJN/4AF2k9xeF5pb0p30VIltKWL9wtXyijv1jyHzWebwB
rGCmUjNxYbgyrRDi7JHoiJagBncl3+kwrl91y1hbWZieJUeRvitL1s6QIjrW6Muu
hsEgNfDtma0Zv9meSW+mnI4pF38iyRIDHXJzrKD4tynj4OMNjP5kq4QwQECw9XCE
sqZpygu1ij472WtLT8d2dYy8TvGoZ5IufftKSiBp46NoHyVoP8NlBedFxzK08Qko
o3UsmZvk4EXyLDiw4XNv0vDoO6IV8w1eaaMRlBJdCoD+ABlGFXIya4mksulh5Zkm
6uaummvoyY6goTx4Ky/j5JocDJhQYzIjgTThAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUIc3YO+PuWLTIH2EW4EpC7UBxs9cwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSWMzWU8tUHVXTFRJSDJFVzRFcEM3
VUJ4czljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBioAQDAN
BgkqhkiG9w0BAQsFAAOCAQEACnGmsbQ1L0YT7VYjMzC1Qlo7HoUFLyx7Ri1Q/A3g
3WligtAX2/ya0PQQX5tyUmYhGU4zfUSmQCS3Y0r2rFqJE7ZRArPgTENGiIJgZLg7
Zk/mDhsvFVkd1qwLZqxPyE7/gIu69aGuesNtLyUQBDbkdgh9fZ3CXugT7Q5NZODk
zY+vxpyihhQMdmSl1aXs4xO3NPAOnaczMXO2zdx0VcAYDvKFf5JcW2ftvmTn0E6k
2ELOfHTJOCwQ9oWa7YwKWfNA6SVVX7V5xa/ab+Y3HcVTKWgyT+xqNB5cl+ffC6j4
oJ2RwLMlFr4lYQJfb3kwLMx74Ukdlu0oJgFmUljnskhJ4g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:10 2023 by rpki-client on console-fra.rpki-client.org