Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/JfcShfAzoK4aKlDE4hG_gb9281s.roa
File: JfcShfAzoK4aKlDE4hG_gb9281s.roa (raw, json)
Hash identifier: qYd2rnAZo4I84wXC4ziGmWg+yjT+Dq0FDktpAeIAGGk=
Subject key identifier: 25:F7:12:85:F0:33:A0:AE:1A:2A:50:C4:E2:11:BF:81:BF:76:F3:5B
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E02
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/JfcShfAzoK4aKlDE4hG_gb9281s.roa
Signing time: Wed 29 Sep 2021 02:43:06 +0000
ROA not before: Wed 29 Sep 2021 02:43:06 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9919
IP address blocks: 45.64.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3586 (0xe02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:06 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=25F71285F033A0AE1A2A50C4E211BF81BF76F35B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:11:b2:bb:95:64:ca:af:48:c2:37:b0:51:d0:
c9:58:ff:a9:91:2f:d2:dc:ae:4e:53:a2:11:13:d3:
27:a0:74:97:4d:7b:b1:79:8c:2a:ce:24:e6:1a:ec:
59:b7:6b:56:b0:44:c4:7e:c8:41:67:5f:c2:f9:c0:
2e:2e:06:6f:62:ab:07:86:42:57:e3:3a:4f:98:74:
c9:0a:f0:19:50:3b:82:83:bd:6e:88:5d:00:b4:9c:
ae:e2:eb:4c:ff:f9:7c:94:3c:45:1f:66:85:4b:09:
e6:12:24:54:93:3a:01:54:b3:b0:31:00:95:87:f1:
9c:6c:38:bf:95:58:b0:9a:b2:af:8b:39:17:b5:08:
c9:91:8b:93:85:1d:9c:9e:2e:9c:6a:df:1b:2c:52:
aa:01:b1:bb:6c:0c:4c:6c:6c:cf:bd:7f:4a:91:56:
98:6f:12:1a:78:46:7e:82:21:ad:c8:07:08:79:da:
04:01:f1:13:aa:ec:75:ba:e2:36:57:82:58:7f:4d:
a3:a4:7c:1d:be:9b:44:c8:7d:fc:24:45:fc:6d:54:
22:db:9b:ad:8d:e0:fa:38:9b:60:be:7e:64:29:f1:
8e:34:8e:cd:67:6d:ca:af:89:8d:63:d5:ae:aa:48:
37:ba:2a:f9:92:79:40:ab:52:41:b9:a5:b3:12:95:
3e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F7:12:85:F0:33:A0:AE:1A:2A:50:C4:E2:11:BF:81:BF:76:F3:5B
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/JfcShfAzoK4aKlDE4hG_gb9281s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.228.0/22
Signature Algorithm: sha256WithRSAEncryption
be:c5:b8:a0:42:14:e8:bf:d0:60:70:7b:b7:de:d7:fc:cc:43:
b1:72:75:9d:c1:85:c6:10:c2:52:af:08:64:6b:9b:77:d8:6e:
26:c5:79:62:3f:80:ed:b4:4d:c6:82:86:f5:ed:85:ce:a6:2b:
da:20:92:78:3b:12:5d:67:22:54:3c:6e:ed:f1:58:79:64:b7:
ed:99:17:56:28:1c:62:eb:42:45:37:00:7e:f1:20:ec:53:2c:
72:4b:ca:a1:2d:9b:2f:c6:7b:9d:0e:b8:8f:0e:ce:0d:5e:3a:
40:25:d9:ba:4b:12:ae:a6:7d:89:d4:db:4a:5a:09:e6:c6:d4:
21:26:19:21:07:f0:e5:b6:fe:0e:26:94:26:c2:dc:53:12:19:
f4:fc:e1:a6:24:ff:39:9a:6d:36:f9:8d:7b:00:d7:71:28:2a:
3b:c2:db:a1:1f:5b:f1:35:61:98:76:d6:9d:ba:2b:ac:fa:ee:
93:f4:94:23:30:d0:d0:e7:14:49:5f:91:c4:e7:0a:ca:1d:21:
bc:e1:5c:a4:2c:04:4a:44:b0:86:1c:66:13:91:aa:65:f6:fa:
64:1b:6e:6b:f7:75:c7:72:83:49:7b:ef:d7:72:94:74:ba:b9:
b3:00:23:31:c1:4a:8e:ec:ae:c3:5b:1c:d8:04:5b:50:09:29:
71:1a:e1:bc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDgIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI1RjcxMjg1RjAzM0Ew
QUUxQTJBNTBDNEUyMTFCRjgxQkY3NkYzNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4EbK7lWTKr0jCN7BR0MlY/6mRL9Lcrk5TohET0yegdJdNe7F5
jCrOJOYa7Fm3a1awRMR+yEFnX8L5wC4uBm9iqweGQlfjOk+YdMkK8BlQO4KDvW6I
XQC0nK7i60z/+XyUPEUfZoVLCeYSJFSTOgFUs7AxAJWH8ZxsOL+VWLCasq+LORe1
CMmRi5OFHZyeLpxq3xssUqoBsbtsDExsbM+9f0qRVphvEhp4Rn6CIa3IBwh52gQB
8ROq7HW64jZXglh/TaOkfB2+m0TIffwkRfxtVCLbm62N4Po4m2C+fmQp8Y40js1n
bcqviY1j1a6qSDe6KvmSeUCrUkG5pbMSlT4VAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUJfcShfAzoK4aKlDE4hG/gb9281swHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSmZjU2hmQXpvSzRhS2xERTRoR19n
YjkyODFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1A5DAN
BgkqhkiG9w0BAQsFAAOCAQEAvsW4oEIU6L/QYHB7t97X/MxDsXJ1ncGFxhDCUq8I
ZGubd9huJsV5Yj+A7bRNxoKG9e2FzqYr2iCSeDsSXWciVDxu7fFYeWS37ZkXVigc
YutCRTcAfvEg7FMsckvKoS2bL8Z7nQ64jw7ODV46QCXZuksSrqZ9idTbSloJ5sbU
ISYZIQfw5bb+DiaUJsLcUxIZ9PzhpiT/OZptNvmNewDXcSgqO8LboR9b8TVhmHbW
nborrPruk/SUIzDQ0OcUSV+RxOcKyh0hvOFcpCwESkSwhhxmE5GqZfb6ZBtua/d1
x3KDSXvv13KUdLq5swAjMcFKjuyuw1sc2ARbUAkpcRrhvA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:10 2023 by rpki-client on console-fra.rpki-client.org