Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Qd0wRU9hvkQiltctoskM2lYcWIc.roa
File: Qd0wRU9hvkQiltctoskM2lYcWIc.roa (raw, json)
Hash identifier: ZI5G+6hwIelZYkQ6gHjqTSnhDo3UF2I5KDyaNpGhsUk=
Subject key identifier: 41:DD:30:45:4F:61:BE:44:22:96:D7:2D:A2:C9:0C:DA:56:1C:58:87
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0B7B
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Qd0wRU9hvkQiltctoskM2lYcWIc.roa
Signing time: Wed 29 Sep 2021 02:44:15 +0000
ROA not before: Wed 29 Sep 2021 02:44:15 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4780
IP address blocks: 192.72.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2939 (0xb7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Sep 29 02:44:15 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=41DD30454F61BE442296D72DA2C90CDA561C5887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:17:9b:9c:98:09:b8:93:6d:4a:93:40:39:75:
2d:dc:25:4f:5e:2f:fc:92:25:9c:a5:8d:b0:5c:fb:
a8:8d:23:64:4f:3e:de:0e:d3:17:21:f5:21:bf:65:
58:2d:c2:04:b1:b4:21:8f:2e:58:67:a8:5b:42:e3:
65:37:1a:2e:95:1d:52:76:fe:3e:65:bd:44:1c:ee:
8e:55:bc:80:a4:fb:e3:21:c7:a6:3d:94:71:93:b1:
cd:e1:82:51:09:58:ce:94:b0:7f:d4:77:79:a7:59:
dd:2c:8b:5d:15:d1:1e:96:89:a3:24:54:57:9e:ac:
fe:c4:ae:31:09:2a:6e:b0:60:65:7f:f3:e5:23:b5:
c7:9e:2b:69:d1:99:11:a0:e7:97:46:cc:3a:b9:30:
eb:53:24:fc:04:09:8c:6d:7e:bb:2a:36:05:2d:4c:
9c:69:c6:70:6a:86:61:5b:ef:73:f4:0f:56:96:ba:
f2:04:45:4a:4a:ce:eb:0e:1e:62:2c:d4:ec:12:61:
ca:fe:e6:fc:4e:76:60:d8:b1:74:7a:f5:85:fe:16:
dd:8b:9f:c6:60:0e:01:49:fd:13:51:dc:a5:49:98:
6d:af:6a:81:34:9c:71:77:cb:51:7b:d4:b9:5e:a7:
f6:ec:12:6c:0f:78:7a:30:e1:dc:04:2c:5f:88:01:
f2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:DD:30:45:4F:61:BE:44:22:96:D7:2D:A2:C9:0C:DA:56:1C:58:87
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Qd0wRU9hvkQiltctoskM2lYcWIc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:c9:9f:e4:c4:67:32:89:0a:dd:d4:53:65:ab:be:c0:e3:a0:
55:bb:74:91:94:6b:db:1e:50:ed:d7:06:aa:33:22:d6:6b:f8:
db:cc:75:61:a2:9f:17:63:fc:b9:67:84:af:e1:d4:ff:6d:d6:
c7:f1:de:53:82:9e:10:ff:ec:56:87:b4:6e:73:ea:c5:25:c8:
7f:c0:65:f9:99:e2:18:84:9a:20:58:7e:a0:39:6a:f1:41:71:
00:ea:d1:0d:94:1e:4c:c0:24:d5:c1:b1:c7:bc:8b:a2:a0:e7:
90:cd:4e:0d:e3:d1:f7:4a:c8:a7:f3:8b:39:b1:3f:15:23:f9:
56:8f:b4:e1:b3:53:ad:ec:10:8b:36:8f:d3:db:a0:74:4a:58:
36:a5:e6:68:23:b2:2b:68:f0:da:3f:97:eb:98:f0:e5:94:9b:
a4:aa:18:1d:41:d9:f5:0f:d0:52:d7:6b:2d:1d:e2:38:01:7d:
6c:0c:ab:c1:7e:49:11:d9:82:ed:5b:ca:5f:b1:2e:2b:b8:e2:
42:72:62:5c:85:b8:6e:65:84:3a:9f:17:da:08:9e:be:9d:9b:
a9:31:75:15:c3:94:80:a0:36:a6:13:42:32:55:62:0d:37:3a:
ba:3f:85:e1:4d:a7:ed:6f:9e:bf:79:79:66:08:80:4d:95:26:
42:82:df:c2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC3swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMTA5Mjkw
MjQ0MTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQxREQzMDQ1NEY2MUJF
NDQyMjk2RDcyREEyQzkwQ0RBNTYxQzU4ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwF5ucmAm4k21Kk0A5dS3cJU9eL/ySJZyljbBc+6iNI2RPPt4O
0xch9SG/ZVgtwgSxtCGPLlhnqFtC42U3Gi6VHVJ2/j5lvUQc7o5VvICk++Mhx6Y9
lHGTsc3hglEJWM6UsH/Ud3mnWd0si10V0R6WiaMkVFeerP7ErjEJKm6wYGV/8+Uj
tceeK2nRmRGg55dGzDq5MOtTJPwECYxtfrsqNgUtTJxpxnBqhmFb73P0D1aWuvIE
RUpKzusOHmIs1OwSYcr+5vxOdmDYsXR69YX+Ft2Ln8ZgDgFJ/RNR3KVJmG2vaoE0
nHF3y1F71Llep/bsEmwPeHow4dwELF+IAfLNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQd0wRU9hvkQiltctoskM2lYcWIcwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUWQwd1JVOWh2a1FpbHRjdG9za00y
bFljV0ljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMBIEDAN
BgkqhkiG9w0BAQsFAAOCAQEADsmf5MRnMokK3dRTZau+wOOgVbt0kZRr2x5Q7dcG
qjMi1mv428x1YaKfF2P8uWeEr+HU/23Wx/HeU4KeEP/sVoe0bnPqxSXIf8Bl+Zni
GISaIFh+oDlq8UFxAOrRDZQeTMAk1cGxx7yLoqDnkM1ODePR90rIp/OLObE/FSP5
Vo+04bNTrewQizaP09ugdEpYNqXmaCOyK2jw2j+X65jw5ZSbpKoYHUHZ9Q/QUtdr
LR3iOAF9bAyrwX5JEdmC7VvKX7EuK7jiQnJiXIW4bmWEOp8X2gievp2bqTF1FcOU
gKA2phNCMlViDTc6uj+F4U2n7W+ev3l5ZgiATZUmQoLfwg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:59 2023 by rpki-client on console-ams.rpki-client.org