Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/S49a482YDzLNWh2M5rMVGsBJNBo.roa
File: S49a482YDzLNWh2M5rMVGsBJNBo.roa (raw, json)
Hash identifier: wRhvwb7s3bMRXK+1CTcVa3L0rkMv6q+83s2H2DEHEfg=
Subject key identifier: 4B:8F:5A:E3:CD:98:0F:32:CD:5A:1D:8C:E6:B3:15:1A:C0:49:34:1A
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0C5B
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/S49a482YDzLNWh2M5rMVGsBJNBo.roa
Signing time: Sun 07 Feb 2021 11:43:02 +0000
ROA not before: Sun 07 Feb 2021 11:43:02 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4780
IP address blocks: 123.204.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3163 (0xc5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 11:43:02 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=4B8F5AE3CD980F32CD5A1D8CE6B3151AC049341A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:95:37:89:9b:a4:78:46:5c:f7:4b:95:e8:af:
55:6f:08:d7:38:ae:f4:d4:d8:aa:8a:56:7b:76:82:
b7:11:d8:ea:49:c0:52:80:31:e2:bf:80:b8:d4:f2:
20:d2:c7:e2:45:e2:da:1e:8c:2c:53:27:c3:08:10:
80:a4:e6:1c:fb:f8:8e:5b:80:80:70:15:b5:10:65:
72:29:01:9b:19:df:3c:7e:f3:21:b8:c6:c7:c5:71:
05:3f:da:1e:7a:05:65:47:4e:77:d9:2a:bb:44:58:
3b:68:9d:b3:68:d2:8b:91:11:1f:da:f0:d5:b4:44:
45:3d:86:06:39:2a:dc:b5:0d:a2:e0:a7:92:24:7a:
40:57:4a:d4:f6:2f:fe:3b:52:7d:ee:07:58:36:43:
db:d2:32:d9:55:c0:70:60:de:5f:c5:69:17:af:f0:
5e:ab:f3:b1:e6:8a:02:8e:5b:f5:27:e9:3f:71:92:
bd:0f:19:73:ca:50:ec:40:50:be:65:87:e2:39:2d:
6d:b8:4d:74:62:da:04:2f:1b:7a:43:58:2a:fa:bc:
a5:63:6f:4f:88:36:1f:49:da:5a:22:0d:b1:3d:07:
bc:02:8d:73:71:f5:32:20:66:38:77:8f:1d:9d:1a:
cd:e7:00:fb:32:f6:42:fe:53:ca:95:71:d8:da:ea:
a2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8F:5A:E3:CD:98:0F:32:CD:5A:1D:8C:E6:B3:15:1A:C0:49:34:1A
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/S49a482YDzLNWh2M5rMVGsBJNBo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.204.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:c8:7c:29:8c:42:c3:0f:b9:f0:25:b0:07:05:90:80:db:87:
22:01:83:ba:f7:34:c9:fc:c8:2d:40:60:6b:3f:94:79:9b:1c:
55:41:b4:57:20:79:8a:c0:c1:de:02:97:0c:f1:91:a8:42:e8:
e8:f6:0b:a7:fa:12:b2:8f:7d:eb:4e:2d:1e:a3:af:85:81:12:
bd:cd:1c:74:10:f4:be:95:85:5a:70:80:f5:9f:b7:a6:31:1a:
93:d0:37:96:48:28:85:a0:43:64:dd:d8:a5:3b:13:78:79:de:
03:c3:dd:6f:32:fa:95:4b:b3:21:5a:be:1c:9c:53:14:91:49:
23:53:36:b9:33:66:ad:95:f6:9c:b6:0d:ae:64:56:b1:bc:5a:
2e:a0:e5:ab:f0:24:41:07:1d:ee:f1:cf:70:0b:5f:82:e4:b9:
ff:c4:f8:5c:08:8b:e0:ff:05:7a:52:7e:a0:bb:0e:75:8e:b9:
04:d7:cc:68:26:9c:bd:37:98:9f:31:b3:d7:c6:94:d4:65:0a:
c5:e9:96:ef:da:3b:26:03:67:43:5f:5f:45:c5:dc:49:fe:ca:
c3:75:cf:e0:1d:4d:65:2f:1f:67:0a:f9:e9:a1:e9:8b:14:5d:
73:92:67:90:f9:ea:c4:e9:a0:92:40:22:69:b1:ea:15:12:1a:
19:9d:3a:d6
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcx
MTQzMDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDRCOEY1QUUzQ0Q5ODBG
MzJDRDVBMUQ4Q0U2QjMxNTFBQzA0OTM0MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvlTeJm6R4Rlz3S5Xor1VvCNc4rvTU2KqKVnt2grcR2OpJwFKA
MeK/gLjU8iDSx+JF4toejCxTJ8MIEICk5hz7+I5bgIBwFbUQZXIpAZsZ3zx+8yG4
xsfFcQU/2h56BWVHTnfZKrtEWDtonbNo0ouRER/a8NW0REU9hgY5Kty1DaLgp5Ik
ekBXStT2L/47Un3uB1g2Q9vSMtlVwHBg3l/FaRev8F6r87HmigKOW/Un6T9xkr0P
GXPKUOxAUL5lh+I5LW24TXRi2gQvG3pDWCr6vKVjb0+INh9J2loiDbE9B7wCjXNx
9TIgZjh3jx2dGs3nAPsy9kL+U8qVcdja6qLZAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUS49a482YDzLNWh2M5rMVGsBJNBowHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUzQ5YTQ4MllEekxOV2gyTTVyTVZH
c0JKTkJvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHvMMA0G
CSqGSIb3DQEBCwUAA4IBAQCpyHwpjELDD7nwJbAHBZCA24ciAYO69zTJ/MgtQGBr
P5R5mxxVQbRXIHmKwMHeApcM8ZGoQujo9gun+hKyj33rTi0eo6+FgRK9zRx0EPS+
lYVacID1n7emMRqT0DeWSCiFoENk3dilOxN4ed4Dw91vMvqVS7MhWr4cnFMUkUkj
Uza5M2atlfactg2uZFaxvFouoOWr8CRBBx3u8c9wC1+C5Ln/xPhcCIvg/wV6Un6g
uw51jrkE18xoJpy9N5ifMbPXxpTUZQrF6Zbv2jsmA2dDX19FxdxJ/srDdc/gHU1l
Lx9nCvnpoemLFF1zkmeQ+erE6aCSQCJpseoVEhoZnTrW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-fra.rpki-client.org