Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/O2DMB0DfY0vWZKHZ4Th3mHL0Aj0.roa
File: O2DMB0DfY0vWZKHZ4Th3mHL0Aj0.roa (raw, json)
Hash identifier: yBH1TU0HZh1WGOPEkiSPaNZ58ReGmTpNoOsTYSQNQFA=
Subject key identifier: 3B:60:CC:07:40:DF:63:4B:D6:64:A1:D9:E1:38:77:98:72:F4:02:3D
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 085D
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/O2DMB0DfY0vWZKHZ4Th3mHL0Aj0.roa
Signing time: Tue 29 Sep 2020 09:51:57 +0000
ROA not before: Tue 29 Sep 2020 09:51:57 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131627
IP address blocks: 106.105.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2141 (0x85d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:51:57 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3B60CC0740DF634BD664A1D9E138779872F4023D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:52:9c:ae:f0:2a:55:bf:3b:0f:4b:f9:ae:7b:
d4:4d:bb:0e:18:88:e0:65:9d:09:1b:b0:14:d4:03:
e0:f4:f7:ef:18:a5:49:f9:6e:02:46:9a:06:df:21:
da:5b:62:73:0b:8a:51:39:36:df:60:b2:f3:80:08:
9d:9c:d3:e7:3e:a7:7d:f2:ee:f2:9e:b2:e8:8d:ef:
91:c2:ef:f1:21:f0:12:5e:a3:dd:57:e2:ba:1c:04:
da:87:f7:32:9b:82:b2:ff:ce:86:27:78:5f:cf:cc:
37:0c:4a:ee:cc:77:a3:ad:e1:ef:5c:4a:c6:c3:8e:
5b:4d:63:e9:0c:09:3e:bc:e6:96:56:cd:4a:b2:d9:
63:68:79:04:84:06:5a:c1:2d:4e:2e:ec:9b:ac:ec:
f4:be:0b:4a:9a:d9:e4:31:6d:88:14:50:e5:68:f1:
e6:34:70:b1:2a:dc:aa:1c:a2:89:72:eb:f7:a7:cc:
a9:c0:6e:bf:dc:19:57:50:17:fe:d2:a7:75:e8:b2:
a6:83:53:1a:c2:01:f3:86:cb:31:05:f5:08:c6:cd:
37:9e:49:2f:35:4a:e7:13:10:fc:71:87:29:40:fa:
1c:86:c0:20:cb:5a:f7:29:42:01:0d:e8:8c:cc:39:
39:23:6f:db:81:42:11:99:a2:49:ac:88:e8:74:c1:
e6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:60:CC:07:40:DF:63:4B:D6:64:A1:D9:E1:38:77:98:72:F4:02:3D
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/O2DMB0DfY0vWZKHZ4Th3mHL0Aj0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.0.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:c0:4a:bb:a1:20:2a:92:f9:b0:46:4b:b7:a0:54:14:5d:20:
e2:08:4c:2f:17:f2:28:50:33:de:a9:29:e7:1b:1e:54:ff:45:
cb:cb:cb:e8:87:d3:bf:85:eb:ce:b7:c7:40:d4:db:d1:b4:67:
76:d0:5b:76:60:a9:73:cb:ec:2e:c6:18:74:81:02:b2:97:1a:
ee:e6:d8:cb:6e:f5:a9:11:1d:58:02:1e:16:01:b8:73:51:66:
d3:3c:e1:15:6c:92:fc:c2:a2:2a:0f:74:56:1b:ef:e0:5a:2a:
c5:05:6e:4b:22:62:e8:df:5f:17:f0:37:3e:73:16:35:17:7d:
2e:3e:d3:75:34:c3:81:67:81:ae:fd:c6:16:c5:f9:db:3f:76:
7a:fc:d9:3e:4e:69:11:44:d0:6a:7a:c7:0c:36:34:39:a0:34:
03:8a:33:aa:ee:d4:f2:0e:90:2d:3e:5b:a3:eb:09:4f:12:3e:
0e:f6:94:28:83:12:11:3e:24:fd:79:06:58:62:8c:d5:5b:3b:
29:03:95:33:d5:d5:6a:03:52:0a:99:27:bb:6d:93:12:b2:2d:
96:72:73:17:fe:90:66:70:dc:79:5c:e7:24:d2:87:a8:89:b6:
54:a2:cc:63:dd:d8:5d:42:b1:55:d5:44:fd:45:e6:c8:81:c0:
d1:b3:45:6e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCF0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUxNTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNCNjBDQzA3NDBERjYz
NEJENjY0QTFEOUUxMzg3Nzk4NzJGNDAyM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Upyu8CpVvzsPS/mue9RNuw4YiOBlnQkbsBTUA+D09+8YpUn5
bgJGmgbfIdpbYnMLilE5Nt9gsvOACJ2c0+c+p33y7vKesuiN75HC7/Eh8BJeo91X
4rocBNqH9zKbgrL/zoYneF/PzDcMSu7Md6Ot4e9cSsbDjltNY+kMCT685pZWzUqy
2WNoeQSEBlrBLU4u7Jus7PS+C0qa2eQxbYgUUOVo8eY0cLEq3Kocooly6/enzKnA
br/cGVdQF/7Sp3XosqaDUxrCAfOGyzEF9QjGzTeeSS81SucTEPxxhylA+hyGwCDL
WvcpQgEN6IzMOTkjb9uBQhGZokmsiOh0weYnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUO2DMB0DfY0vWZKHZ4Th3mHL0Aj0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTzJETUIwRGZZMHZXWktIWjRUaDNt
SEwwQWowLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGppADAN
BgkqhkiG9w0BAQsFAAOCAQEAssBKu6EgKpL5sEZLt6BUFF0g4ghMLxfyKFAz3qkp
5xseVP9Fy8vL6IfTv4XrzrfHQNTb0bRndtBbdmCpc8vsLsYYdIECspca7ubYy271
qREdWAIeFgG4c1Fm0zzhFWyS/MKiKg90Vhvv4FoqxQVuSyJi6N9fF/A3PnMWNRd9
Lj7TdTTDgWeBrv3GFsX52z92evzZPk5pEUTQanrHDDY0OaA0A4ozqu7U8g6QLT5b
o+sJTxI+DvaUKIMSET4k/XkGWGKM1Vs7KQOVM9XVagNSCpknu22TErItlnJzF/6Q
ZnDceVznJNKHqIm2VKLMY93YXUKxVdVE/UXmyIHA0bNFbg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:59 2023 by rpki-client on console-ams.rpki-client.org