Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/QqDFwvNy0SObX780YY3hrtVmzzg.roa
File: QqDFwvNy0SObX780YY3hrtVmzzg.roa (raw, json)
Hash identifier: 4yABgz2cI9dDujoRCpsqw3ZuuBnYPOVdVHKqvHSJ/Fs=
Subject key identifier: 42:A0:C5:C2:F3:72:D1:23:9B:5F:BF:34:61:8D:E1:AE:D5:66:CF:38
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E7B
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/QqDFwvNy0SObX780YY3hrtVmzzg.roa
Signing time: Wed 29 Sep 2021 02:43:39 +0000
ROA not before: Wed 29 Sep 2021 02:43:39 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 106.107.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3707 (0xe7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:39 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=42A0C5C2F372D1239B5FBF34618DE1AED566CF38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:56:c4:fa:8f:e1:95:a4:bc:c2:e6:71:7c:48:
c6:35:14:7f:50:27:ab:76:bd:98:9a:2d:e7:90:aa:
4d:db:01:1b:3f:50:99:a6:e5:f0:8b:74:9b:81:77:
ad:f1:20:d7:cb:cc:dd:20:44:42:e9:db:8d:5f:25:
96:bb:ae:d5:01:9b:4a:8d:10:ec:f0:c7:48:8b:62:
f0:56:1d:13:87:a3:05:e2:04:91:a0:58:71:3f:c8:
23:2e:50:ab:d7:57:b8:43:5e:30:d4:6f:9c:d5:cc:
c0:1a:6c:68:f3:85:c4:68:d3:f4:70:f7:78:ca:49:
ef:29:08:88:4d:37:75:0f:2e:6d:19:2a:17:83:01:
26:27:04:ed:4b:a0:00:2c:7a:ec:c1:4c:16:a4:0e:
3f:9e:77:b4:b1:cb:34:bb:54:c6:cb:4a:2b:7c:cb:
45:60:2b:81:bc:d1:9b:05:d1:e1:55:86:ad:47:83:
24:8c:23:08:b7:8e:5e:be:b3:72:ca:94:81:23:5a:
25:2b:be:2c:f9:6e:8f:bb:3d:8f:9e:f4:ce:11:ca:
53:46:71:65:c0:81:ac:8c:61:17:c8:34:2a:af:c3:
5b:a6:3c:69:69:76:a6:c1:01:ae:be:81:02:a3:52:
3d:e8:45:9a:b3:8f:40:4f:30:d0:5a:98:b2:4b:f6:
3b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A0:C5:C2:F3:72:D1:23:9B:5F:BF:34:61:8D:E1:AE:D5:66:CF:38
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/QqDFwvNy0SObX780YY3hrtVmzzg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.107.152.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:85:6f:18:f4:94:f4:62:12:6d:b6:c2:95:24:1f:4b:67:73:
d3:05:0e:18:31:21:14:63:b8:4b:04:fb:6a:39:67:16:4b:99:
97:47:63:4f:90:bb:05:8f:8c:e4:74:14:7c:94:79:39:17:5b:
b9:0b:e1:f1:37:71:bf:43:bc:50:2b:56:32:7d:17:c6:2e:ef:
dd:af:28:00:ea:63:7a:da:00:ad:c0:83:f5:92:ef:a3:d8:5a:
ab:ba:eb:88:ff:34:d2:a8:80:5c:c7:89:14:03:c0:e4:cb:e5:
4b:07:78:a4:1b:fa:71:36:92:f3:f6:1c:cb:12:12:48:4d:a7:
3a:09:fe:7e:e2:38:cc:a2:8b:74:6b:26:c3:45:f7:e2:1c:1e:
00:10:ac:4b:03:11:c7:1d:34:9f:b5:3b:30:60:b9:0a:5b:3e:
77:3f:fb:bf:53:9b:02:93:09:ac:5a:54:4d:2e:a3:b9:19:8a:
94:cd:b4:61:cc:9c:ea:ce:95:7a:f7:81:37:24:d7:77:51:83:
44:3c:e8:60:7d:c9:cf:89:34:b7:6c:bc:f8:d4:ba:42:a1:08:
31:2a:94:e4:f5:3f:70:c5:bc:0d:b1:b3:92:c6:e1:30:25:4f:
21:76:67:34:2f:fe:18:f6:5a:a8:cd:56:9f:d2:d6:b0:49:3d:
b3:60:ad:96
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMzlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQyQTBDNUMyRjM3MkQx
MjM5QjVGQkYzNDYxOERFMUFFRDU2NkNGMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRVsT6j+GVpLzC5nF8SMY1FH9QJ6t2vZiaLeeQqk3bARs/UJmm
5fCLdJuBd63xINfLzN0gRELp241fJZa7rtUBm0qNEOzwx0iLYvBWHROHowXiBJGg
WHE/yCMuUKvXV7hDXjDUb5zVzMAabGjzhcRo0/Rw93jKSe8pCIhNN3UPLm0ZKheD
ASYnBO1LoAAseuzBTBakDj+ed7SxyzS7VMbLSit8y0VgK4G80ZsF0eFVhq1HgySM
Iwi3jl6+s3LKlIEjWiUrviz5bo+7PY+e9M4RylNGcWXAgayMYRfINCqvw1umPGlp
dqbBAa6+gQKjUj3oRZqzj0BPMNBamLJL9js5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQqDFwvNy0SObX780YY3hrtVmzzgwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUXFERnd2TnkwU09iWDc4MFlZM2hy
dFZtenpnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2prmDAN
BgkqhkiG9w0BAQsFAAOCAQEAnoVvGPSU9GISbbbClSQfS2dz0wUOGDEhFGO4SwT7
ajlnFkuZl0djT5C7BY+M5HQUfJR5ORdbuQvh8Tdxv0O8UCtWMn0Xxi7v3a8oAOpj
etoArcCD9ZLvo9haq7rriP800qiAXMeJFAPA5MvlSwd4pBv6cTaS8/YcyxISSE2n
Ogn+fuI4zKKLdGsmw0X34hweABCsSwMRxx00n7U7MGC5Cls+dz/7v1ObApMJrFpU
TS6juRmKlM20Ycyc6s6VeveBNyTXd1GDRDzoYH3Jz4k0t2y8+NS6QqEIMSqU5PU/
cMW8DbGzksbhMCVPIXZnNC/+GPZaqM1Wn9LWsEk9s2Ctlg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-fra.rpki-client.org