Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/KNRtRlM0e59DJddf0L5M8WzHyZ8.roa
File: KNRtRlM0e59DJddf0L5M8WzHyZ8.roa (raw, json)
Hash identifier: 3LlSu78RjqOu4lPtIfvsfEmwkbhOiGbQAMZciw5B2W4=
Subject key identifier: 28:D4:6D:46:53:34:7B:9F:43:25:D7:5F:D0:BE:4C:F1:6C:C7:C9:9F
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 08C6
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KNRtRlM0e59DJddf0L5M8WzHyZ8.roa
Signing time: Tue 29 Sep 2020 09:52:26 +0000
ROA not before: Tue 29 Sep 2020 09:52:26 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 220.228.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2246 (0x8c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:26 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=28D46D4653347B9F4325D75FD0BE4CF16CC7C99F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:80:5f:d1:c2:00:25:39:35:33:a8:15:3a:
b2:a6:3e:4a:1c:a6:3e:16:61:09:ad:6b:2c:62:31:
dd:3c:03:aa:13:3c:fe:c4:45:af:58:db:e9:1b:46:
0d:66:a9:9f:01:e0:5c:55:a2:89:c3:20:ea:25:44:
72:f3:72:ea:8b:c6:1b:9e:86:b6:18:cb:b0:28:37:
ae:42:28:36:2d:cc:b6:11:92:aa:4c:51:e2:9c:f3:
ea:48:e8:b1:7a:46:21:1f:a1:f9:39:c0:52:76:0f:
1f:c5:86:a3:b7:55:3c:73:91:73:7a:00:28:43:d3:
99:93:8a:5d:9e:79:8e:be:11:82:91:5c:e2:25:45:
bc:e4:10:d3:ce:23:48:f4:01:a0:bd:d2:af:00:43:
bd:dc:df:6b:d0:8c:4c:68:ae:6d:d4:b0:89:cf:02:
1a:f7:9b:99:ab:88:aa:f7:2c:6c:8c:24:77:80:00:
19:8f:d1:bb:ca:dc:86:a2:ea:f1:2e:ef:1d:f6:6d:
11:a1:5c:45:f9:5e:36:8a:58:99:d6:7f:a8:77:74:
f7:41:da:a2:e9:5e:f8:88:65:7b:36:a2:25:ff:04:
28:09:fd:bb:19:53:f0:07:13:93:57:bc:2b:aa:54:
5f:cc:7e:9f:bf:a9:03:d2:ee:44:95:b7:d6:86:48:
f9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D4:6D:46:53:34:7B:9F:43:25:D7:5F:D0:BE:4C:F1:6C:C7:C9:9F
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KNRtRlM0e59DJddf0L5M8WzHyZ8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b7:05:d5:8b:b6:73:55:db:d8:83:68:08:9f:67:50:62:3e:1d:
89:1a:cd:e5:39:6c:b1:03:b4:18:a7:e6:42:f6:05:1d:f2:20:
c6:67:25:87:cf:56:ee:1a:25:d8:88:b9:6d:21:ce:3d:f5:97:
2e:dd:9f:33:e7:a8:0b:06:3c:ba:56:13:6c:86:61:68:0e:71:
1e:08:c3:b8:49:2d:11:0b:e4:93:17:e3:d8:6c:48:54:9a:28:
e9:ac:83:09:8f:6e:10:6e:3f:d7:32:68:e7:c3:d8:a0:c1:33:
44:43:e0:e3:7c:b0:f9:d2:17:74:8d:4e:de:34:60:6a:47:69:
1e:c4:49:03:c2:4b:e6:ff:4c:20:7c:54:9a:7f:80:1d:24:a7:
ad:53:9f:18:06:80:e5:68:68:5a:fc:ea:53:4b:92:e2:73:cd:
9f:af:f7:fe:80:ce:b1:06:ed:6a:37:8b:c0:2b:f1:44:7e:8e:
38:2b:37:50:b4:ab:a6:d2:2c:00:ce:1e:7c:04:b2:db:98:a6:
4a:f4:af:00:8b:1a:f1:0b:f1:87:a2:33:4f:65:a9:14:0d:b4:
6d:4c:da:1b:bd:ba:97:2b:b3:3f:63:8f:ab:87:1a:21:ba:33:
e3:ab:43:e3:22:f7:b0:49:eb:2d:77:3e:75:d9:ee:29:d2:94:
61:6f:6b:d2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCMYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMjZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI4RDQ2RDQ2NTMzNDdC
OUY0MzI1RDc1RkQwQkU0Q0YxNkNDN0M5OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvsoBf0cIAJTk1M6gVOrKmPkocpj4WYQmtayxiMd08A6oTPP7E
Ra9Y2+kbRg1mqZ8B4FxVoonDIOolRHLzcuqLxhuehrYYy7AoN65CKDYtzLYRkqpM
UeKc8+pI6LF6RiEfofk5wFJ2Dx/FhqO3VTxzkXN6AChD05mTil2eeY6+EYKRXOIl
RbzkENPOI0j0AaC90q8AQ73c32vQjExorm3UsInPAhr3m5mriKr3LGyMJHeAABmP
0bvK3Iai6vEu7x32bRGhXEX5XjaKWJnWf6h3dPdB2qLpXviIZXs2oiX/BCgJ/bsZ
U/AHE5NXvCuqVF/Mfp+/qQPS7kSVt9aGSPkLAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUKNRtRlM0e59DJddf0L5M8WzHyZ8wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvS05SdFJsTTBlNTlESmRkZjBMNU04
V3pIeVo4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAdzkMA0G
CSqGSIb3DQEBCwUAA4IBAQC3BdWLtnNV29iDaAifZ1BiPh2JGs3lOWyxA7QYp+ZC
9gUd8iDGZyWHz1buGiXYiLltIc499Zcu3Z8z56gLBjy6VhNshmFoDnEeCMO4SS0R
C+STF+PYbEhUmijprIMJj24Qbj/XMmjnw9igwTNEQ+DjfLD50hd0jU7eNGBqR2ke
xEkDwkvm/0wgfFSaf4AdJKetU58YBoDlaGha/OpTS5Lic82fr/f+gM6xBu1qN4vA
K/FEfo44KzdQtKum0iwAzh58BLLbmKZK9K8AixrxC/GHojNPZakUDbRtTNobvbqX
K7M/Y4+rhxohujPjq0PjIvewSestdz512e4p0pRhb2vS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:10 2023 by rpki-client on console-fra.rpki-client.org