Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/KfHh5B11kAkTo7UJvTO39lDc8gs.roa
File: KfHh5B11kAkTo7UJvTO39lDc8gs.roa (raw, json)
Hash identifier: 5XGH/s1Va+2J289NCoRdv/6+2ovrv5cCmf/V5L2YJbU=
Subject key identifier: 29:F1:E1:E4:1D:75:90:09:13:A3:B5:09:BD:33:B7:F6:50:DC:F2:0B
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0874
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KfHh5B11kAkTo7UJvTO39lDc8gs.roa
Signing time: Tue 29 Sep 2020 09:52:03 +0000
ROA not before: Tue 29 Sep 2020 09:52:03 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131627
IP address blocks: 106.105.250.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2164 (0x874)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:03 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=29F1E1E41D75900913A3B509BD33B7F650DCF20B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c7:dd:0b:a1:26:a3:01:21:b3:97:0e:f0:ed:
47:8f:67:4e:76:94:fe:f6:e3:bd:68:69:ed:c2:c3:
50:14:1e:92:08:d9:03:03:ad:fb:7c:c9:f5:4d:22:
21:07:81:56:08:2a:1d:a3:36:ac:7e:d9:7a:23:5d:
d5:2f:c5:ca:da:eb:eb:3a:d9:ab:68:af:df:ca:e6:
66:11:1e:d9:44:15:0c:bd:1c:7f:3d:45:7d:09:78:
99:9c:3f:4a:f2:27:fd:e3:eb:43:d8:84:39:58:8f:
e9:d8:04:4c:7d:5b:46:36:c5:93:3c:58:6a:0f:bd:
ab:4e:b9:de:57:5d:86:c1:49:17:7d:b2:c1:6e:75:
48:d4:a4:cc:73:94:67:bc:7e:3b:35:43:15:72:cf:
b6:d3:54:c1:ac:69:10:69:e0:af:39:0b:98:7a:b3:
4f:89:e0:3f:77:44:df:f2:b6:da:1c:41:ff:57:8b:
ac:ad:27:20:73:0e:66:a0:a0:92:10:58:72:d5:6b:
3a:c6:a6:ee:d9:88:91:fc:b1:58:81:82:fa:ad:43:
a4:14:07:f9:11:d9:ff:53:d0:f2:6e:d1:9b:6e:cc:
e3:25:ed:2f:09:e3:83:db:67:27:11:83:1d:df:c1:
4b:d1:29:1b:70:f1:65:1e:95:98:b5:7a:83:21:a2:
6e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F1:E1:E4:1D:75:90:09:13:A3:B5:09:BD:33:B7:F6:50:DC:F2:0B
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KfHh5B11kAkTo7UJvTO39lDc8gs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.250.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:c1:49:78:44:b1:5c:87:2e:90:79:f3:21:04:ed:68:db:e1:
32:de:2b:43:e0:0a:40:ce:4a:d2:7b:7a:97:04:36:59:bc:91:
0b:77:b9:75:78:8f:2c:23:49:73:0f:18:de:01:c9:36:1a:22:
5d:c6:ae:4e:ff:3d:82:0e:66:a0:a6:da:06:8c:df:03:32:70:
53:78:49:79:15:e5:2a:32:83:83:ab:fc:40:2f:32:3e:ec:97:
9a:ec:f9:d5:88:9f:9b:68:6a:52:58:80:d7:c4:fd:f5:2c:f7:
63:9a:5b:be:5d:d1:d3:9c:e9:ea:93:e4:0d:84:85:96:70:54:
3f:c2:7a:a6:20:0b:c2:6d:88:91:36:53:30:99:55:6f:72:e4:
b7:9e:d6:d7:f0:3d:60:05:19:b9:42:76:23:91:03:31:6c:7d:
4d:8e:b2:15:7e:4d:49:4f:4e:12:ff:c2:eb:aa:ff:cc:eb:4c:
11:0a:2f:6e:05:a8:dd:8a:1f:20:ec:e2:a8:71:2f:ac:71:d2:
12:1a:e1:de:40:38:91:56:b5:1c:17:7d:4e:84:8d:2a:e6:7e:
79:b9:8b:e2:11:19:07:48:5e:d4:f8:b6:4b:77:f8:57:78:1a:
9b:3c:72:f4:88:7c:db:fc:ea:63:0f:aa:36:68:99:26:05:99:
ea:70:49:42
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCHQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI5RjFFMUU0MUQ3NTkw
MDkxM0EzQjUwOUJEMzNCN0Y2NTBEQ0YyMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgx90LoSajASGzlw7w7UePZ052lP72471oae3Cw1AUHpII2QMD
rft8yfVNIiEHgVYIKh2jNqx+2XojXdUvxcra6+s62ator9/K5mYRHtlEFQy9HH89
RX0JeJmcP0ryJ/3j60PYhDlYj+nYBEx9W0Y2xZM8WGoPvatOud5XXYbBSRd9ssFu
dUjUpMxzlGe8fjs1QxVyz7bTVMGsaRBp4K85C5h6s0+J4D93RN/yttocQf9Xi6yt
JyBzDmagoJIQWHLVazrGpu7ZiJH8sViBgvqtQ6QUB/kR2f9T0PJu0ZtuzOMl7S8J
44PbZycRgx3fwUvRKRtw8WUelZi1eoMhom4/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKfHh5B11kAkTo7UJvTO39lDc8gswHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvS2ZIaDVCMTFrQWtUbzdVSnZUTzM5
bERjOGdzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWpp+jAN
BgkqhkiG9w0BAQsFAAOCAQEAyMFJeESxXIcukHnzIQTtaNvhMt4rQ+AKQM5K0nt6
lwQ2WbyRC3e5dXiPLCNJcw8Y3gHJNhoiXcauTv89gg5moKbaBozfAzJwU3hJeRXl
KjKDg6v8QC8yPuyXmuz51Yifm2hqUliA18T99Sz3Y5pbvl3R05zp6pPkDYSFlnBU
P8J6piALwm2IkTZTMJlVb3Lkt57W1/A9YAUZuUJ2I5EDMWx9TY6yFX5NSU9OEv/C
66r/zOtMEQovbgWo3YofIOziqHEvrHHSEhrh3kA4kVa1HBd9ToSNKuZ+ebmL4hEZ
B0he1Pi2S3f4V3gamzxy9Ih82/zqYw+qNmiZJgWZ6nBJQg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:59 2023 by rpki-client on console-ams.rpki-client.org