Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/PJ14FAbp8eVVssQUeXcQ6d037I8.roa
File: PJ14FAbp8eVVssQUeXcQ6d037I8.roa (raw, json)
Hash identifier: eF2oFBv/FcVgxVY3GwyzQUaD0y3h9/bU12VNojkZI94=
Subject key identifier: 3C:9D:78:14:06:E9:F1:E5:55:B2:C4:14:79:77:10:E9:DD:37:EC:8F
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 088A
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PJ14FAbp8eVVssQUeXcQ6d037I8.roa
Signing time: Tue 29 Sep 2020 09:52:08 +0000
ROA not before: Tue 29 Sep 2020 09:52:08 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4780
IP address blocks: 220.229.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2186 (0x88a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:08 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3C9D781406E9F1E555B2C414797710E9DD37EC8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:72:8f:94:d8:e0:31:3b:ed:21:bf:73:f6:0c:
2f:3e:cf:6d:b6:51:53:f9:22:68:cb:34:64:1d:8d:
57:27:d7:80:a2:2e:70:ed:9d:53:f9:0b:3a:b9:86:
ea:51:5c:48:f4:8a:40:d7:92:26:a2:cf:e7:b7:52:
2e:27:6d:6d:1c:79:13:61:9d:01:4f:23:ca:78:8c:
9e:32:22:df:ba:1a:43:c0:e6:15:8e:7a:82:90:7b:
57:11:55:41:42:46:ab:22:e5:f3:dc:fb:89:66:1d:
9c:90:a8:ac:71:d3:d0:b2:3b:12:ca:8e:02:c6:99:
6f:f9:96:0d:a4:47:99:f8:fe:bd:51:63:db:0e:7e:
55:d5:ea:95:80:a3:f1:3e:95:10:3e:33:d3:4d:db:
31:80:63:d1:d1:29:cb:bc:b6:bd:a6:5d:d5:40:5c:
d1:33:2d:3c:29:f7:7b:89:cd:0f:79:cf:53:09:88:
f7:19:48:fc:5a:3b:ce:2c:dd:62:31:1a:52:56:46:
45:15:f2:5a:4b:92:5e:87:a5:49:b0:57:b6:ce:47:
7f:e4:6d:b5:00:76:29:cc:74:aa:b4:83:c1:75:25:
e2:b7:ab:6a:e1:51:d0:7b:d1:49:fc:ba:4c:75:e0:
f6:82:1f:2d:09:97:86:ea:93:7d:51:1e:bf:4e:3a:
7c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9D:78:14:06:E9:F1:E5:55:B2:C4:14:79:77:10:E9:DD:37:EC:8F
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PJ14FAbp8eVVssQUeXcQ6d037I8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.68.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:e0:47:e7:44:d2:f8:19:d7:42:ea:60:1f:c0:18:42:ed:bf:
44:c0:2d:7a:0c:76:e8:55:e1:06:e4:da:d7:f9:9a:6e:98:33:
9c:5a:0a:33:42:3a:e4:7e:23:b0:eb:33:00:2d:6a:0c:96:b8:
c5:b8:26:77:3b:6c:45:59:08:0f:2f:fc:26:d4:ea:c5:3c:18:
2b:04:1e:d0:b8:3b:bc:7e:24:2f:58:a3:16:f7:09:f8:91:cf:
45:e4:a7:0b:a1:a6:6c:71:41:7b:62:ef:14:17:24:d0:5f:dc:
4b:b1:a6:86:b1:7e:2b:7e:3d:6c:9a:08:35:d4:94:d1:80:83:
80:d1:5e:63:2f:a6:da:2e:03:3b:61:84:f6:1a:3b:97:58:5c:
8b:57:a7:69:7a:c1:4d:59:83:d1:9d:ce:32:d0:e9:e8:fa:38:
17:77:2b:ce:fe:c6:67:cc:08:91:46:0e:3e:8f:e1:d7:5d:8a:
6a:ac:11:89:ba:22:3c:b1:dd:08:b2:f5:3d:8f:db:bb:eb:98:
0a:c3:1d:7a:2e:44:e6:ca:dd:b8:e0:a9:88:4c:3f:89:21:f6:
af:bb:4b:12:10:84:36:a5:46:2d:63:26:3f:0b:e4:06:a8:cf:
8a:98:c8:3e:1c:e7:fc:07:89:08:c3:ec:94:9c:ef:a9:28:9c:
d6:32:31:a7
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNDOUQ3ODE0MDZFOUYx
RTU1NUIyQzQxNDc5NzcxMEU5REQzN0VDOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrco+U2OAxO+0hv3P2DC8+z222UVP5ImjLNGQdjVcn14CiLnDt
nVP5Czq5hupRXEj0ikDXkiaiz+e3Ui4nbW0ceRNhnQFPI8p4jJ4yIt+6GkPA5hWO
eoKQe1cRVUFCRqsi5fPc+4lmHZyQqKxx09CyOxLKjgLGmW/5lg2kR5n4/r1RY9sO
flXV6pWAo/E+lRA+M9NN2zGAY9HRKcu8tr2mXdVAXNEzLTwp93uJzQ95z1MJiPcZ
SPxaO84s3WIxGlJWRkUV8lpLkl6HpUmwV7bOR3/kbbUAdinMdKq0g8F1JeK3q2rh
UdB70Un8ukx14PaCHy0Jl4bqk31RHr9OOny1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPJ14FAbp8eVVssQUeXcQ6d037I8wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUEoxNEZBYnA4ZVZWc3NRVWVYY1E2
ZDAzN0k4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtzlRDAN
BgkqhkiG9w0BAQsFAAOCAQEAvOBH50TS+BnXQupgH8AYQu2/RMAtegx26FXhBuTa
1/mabpgznFoKM0I65H4jsOszAC1qDJa4xbgmdztsRVkIDy/8JtTqxTwYKwQe0Lg7
vH4kL1ijFvcJ+JHPReSnC6GmbHFBe2LvFBck0F/cS7GmhrF+K349bJoINdSU0YCD
gNFeYy+m2i4DO2GE9ho7l1hci1enaXrBTVmD0Z3OMtDp6Po4F3crzv7GZ8wIkUYO
Po/h112KaqwRiboiPLHdCLL1PY/bu+uYCsMdei5E5srduOCpiEw/iSH2r7tLEhCE
NqVGLWMmPwvkBqjPipjIPhzn/AeJCMPslJzvqSic1jIxpw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-fra.rpki-client.org