Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/QwM6uU50tK4ZnQdNqF6A9Y_tXnI.roa
File: QwM6uU50tK4ZnQdNqF6A9Y_tXnI.roa (raw, json)
Hash identifier: 7V66X3y+brXmU03HPhhg0Yq4ALcGqaTMJX/Lv2d0P7g=
Subject key identifier: 43:03:3A:B9:4E:74:B4:AE:19:9D:07:4D:A8:5E:80:F5:8F:ED:5E:72
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E34
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/QwM6uU50tK4ZnQdNqF6A9Y_tXnI.roa
Signing time: Wed 29 Sep 2021 02:43:18 +0000
ROA not before: Wed 29 Sep 2021 02:43:18 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4780
IP address blocks: 220.228.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3636 (0xe34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:18 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=43033AB94E74B4AE199D074DA85E80F58FED5E72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e5:81:4c:7a:eb:e7:73:45:a2:33:b0:a6:61:
1c:29:09:f2:11:1a:c8:04:bb:db:e3:bd:2f:40:e2:
91:97:00:f3:2f:49:cf:f8:1b:59:5a:56:2c:e5:9b:
99:3c:b9:aa:9e:b9:3f:45:9d:02:e6:b2:d0:fd:58:
d8:7f:2e:dc:d2:95:f9:89:fc:cd:be:41:68:b7:fc:
59:bf:ef:4f:cb:57:18:64:42:a7:02:cf:0a:57:f3:
23:37:9a:00:c5:6f:ed:35:9e:be:d1:92:d5:51:aa:
75:d8:6c:23:a3:92:f7:69:61:f6:81:2b:1d:88:57:
c5:d7:86:27:ad:b0:83:37:c5:fe:50:9e:a3:21:17:
6d:f6:b1:fd:3b:10:b7:da:73:8c:2a:09:eb:db:df:
54:4c:75:7f:c6:31:cf:17:39:ac:4f:ea:00:3e:9c:
1a:53:a7:aa:7d:cd:8d:10:8a:1b:94:09:1b:35:39:
aa:8c:d8:73:cd:27:26:ea:fa:9a:54:58:10:f4:cd:
54:05:a3:f0:e0:ee:a9:bf:c7:85:89:32:c6:31:0c:
d0:c9:c6:58:6f:3f:6b:d9:a6:4a:30:a0:4d:94:cb:
db:e2:22:6c:c6:44:e3:42:48:6f:46:21:d0:37:68:
4c:80:0a:33:91:e5:4d:71:49:49:ad:bb:6f:ab:5f:
7f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:03:3A:B9:4E:74:B4:AE:19:9D:07:4D:A8:5E:80:F5:8F:ED:5E:72
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/QwM6uU50tK4ZnQdNqF6A9Y_tXnI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.228.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:ad:65:d6:65:09:fd:50:be:c2:77:8f:12:cd:b5:79:09:50:
d2:14:85:76:ef:b4:66:9d:82:b8:8e:13:6e:a6:13:1b:14:d3:
7c:6a:e2:12:1c:bd:b7:f7:a3:76:aa:d6:88:36:0e:fa:7f:f3:
2e:8b:fe:52:d3:fb:58:5f:b0:38:0e:d4:97:23:b0:ab:c2:d4:
dd:31:ef:25:5b:cb:69:f9:99:06:0e:94:53:51:02:f2:3d:9c:
f3:34:1a:ce:0f:5f:a5:2a:28:8e:ea:bc:c0:43:74:a0:2a:e0:
f1:7a:0e:67:49:8b:39:e1:18:4b:ea:34:a5:e9:9d:be:27:6c:
2f:35:2c:4a:c6:e6:ff:31:37:cf:52:da:ca:1e:b5:4a:80:d6:
11:e0:4d:52:f8:80:fb:d1:4f:ff:79:20:2e:c8:26:a5:0e:b1:
4e:77:47:b5:0e:50:d0:e8:2c:21:a1:bc:c2:d4:18:29:69:ed:
5a:65:f2:ef:84:12:17:10:01:f6:d3:c6:00:96:be:01:0e:b6:
74:d3:77:90:af:5f:6a:1c:c4:ea:29:6f:84:dc:be:2f:f1:de:
56:ea:19:30:4a:e5:70:49:db:9a:c3:14:1d:68:44:f4:eb:3d:
84:a7:0c:36:49:46:4a:63:7b:1a:0a:20:4d:26:16:1d:7f:0c:
42:76:7d:a0
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDjQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQzMDMzQUI5NEU3NEI0
QUUxOTlEMDc0REE4NUU4MEY1OEZFRDVFNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDs5YFMeuvnc0WiM7CmYRwpCfIRGsgEu9vjvS9A4pGXAPMvSc/4
G1laVizlm5k8uaqeuT9FnQLmstD9WNh/LtzSlfmJ/M2+QWi3/Fm/70/LVxhkQqcC
zwpX8yM3mgDFb+01nr7RktVRqnXYbCOjkvdpYfaBKx2IV8XXhietsIM3xf5QnqMh
F232sf07ELfac4wqCevb31RMdX/GMc8XOaxP6gA+nBpTp6p9zY0QihuUCRs1OaqM
2HPNJybq+ppUWBD0zVQFo/Dg7qm/x4WJMsYxDNDJxlhvP2vZpkowoE2Uy9viImzG
RONCSG9GIdA3aEyACjOR5U1xSUmtu2+rX3/5AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUQwM6uU50tK4ZnQdNqF6A9Y/tXnIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUXdNNnVVNTB0SzRablFkTnFGNkE5
WV90WG5JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANzkMA0G
CSqGSIb3DQEBCwUAA4IBAQAFrWXWZQn9UL7Cd48SzbV5CVDSFIV277RmnYK4jhNu
phMbFNN8auISHL2396N2qtaINg76f/Mui/5S0/tYX7A4DtSXI7CrwtTdMe8lW8tp
+ZkGDpRTUQLyPZzzNBrOD1+lKiiO6rzAQ3SgKuDxeg5nSYs54RhL6jSl6Z2+J2wv
NSxKxub/MTfPUtrKHrVKgNYR4E1S+ID70U//eSAuyCalDrFOd0e1DlDQ6CwhobzC
1Bgpae1aZfLvhBIXEAH208YAlr4BDrZ003eQr19qHMTqKW+E3L4v8d5W6hkwSuVw
SduawxQdaET06z2Epww2SUZKY3saCiBNJhYdfwxCdn2g
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-fra.rpki-client.org