Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/WgVhWS8Lig_cqTnCfW9mWjwjJ88.roa
File: WgVhWS8Lig_cqTnCfW9mWjwjJ88.roa (raw, json)
Hash identifier: VekkT+8rXL4/jvNyiMMld7Htu7Pg7mDF4teCenS2TAo=
Subject key identifier: 5A:05:61:59:2F:0B:8A:0F:DC:A9:39:C2:7D:6F:66:5A:3C:23:27:CF
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 08AF
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/WgVhWS8Lig_cqTnCfW9mWjwjJ88.roa
Signing time: Tue 24 Nov 2020 09:24:57 +0000
ROA not before: Tue 24 Nov 2020 09:24:57 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 192.72.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2223 (0x8af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Nov 24 09:24:57 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=5A0561592F0B8A0FDCA939C27D6F665A3C2327CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:08:a8:eb:c8:7e:ab:cd:61:50:a3:26:4c:27:
66:b0:88:52:6e:3d:bd:42:bd:b2:d8:19:90:f3:e1:
80:6a:53:42:c6:7a:18:7e:89:77:cd:43:2f:7b:98:
de:87:7d:6b:d5:28:c2:e7:05:6a:cb:f5:bd:e3:68:
99:8d:0a:9d:c1:c7:c5:7a:82:fc:8d:a8:9b:e4:73:
2e:fb:48:e2:56:02:0d:be:a1:3b:9a:cb:42:1f:f4:
df:30:d9:84:8d:40:d3:20:1a:b7:1d:ee:ab:be:15:
ab:16:fd:16:5c:0c:a2:48:8b:eb:24:cd:a2:a3:dd:
ec:34:39:1f:0b:01:36:5f:1a:c6:26:1e:5c:d5:24:
a3:48:73:b1:e7:4f:3b:41:83:ce:72:74:e8:8c:70:
af:dd:cd:65:58:f5:2c:51:95:5a:a7:10:99:c3:a4:
19:9a:43:f5:32:fd:5b:47:b9:92:48:ef:f7:14:c1:
e7:16:49:29:dd:c3:0b:8d:a9:47:ea:11:49:13:af:
41:fe:0c:5b:9a:c8:42:b7:46:ba:33:b0:b7:35:f0:
30:91:63:c5:a8:0e:74:f9:a5:53:f6:5d:a5:a8:92:
53:69:9c:d1:00:5d:21:15:c3:83:64:0c:95:c1:9a:
f1:69:57:df:f6:d7:e5:78:06:40:a9:06:79:29:60:
3a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:05:61:59:2F:0B:8A:0F:DC:A9:39:C2:7D:6F:66:5A:3C:23:27:CF
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/WgVhWS8Lig_cqTnCfW9mWjwjJ88.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.16.0/20
Signature Algorithm: sha256WithRSAEncryption
31:3e:2e:08:a8:a8:ea:a2:3c:85:46:83:95:43:5d:62:37:33:
21:1a:2c:66:30:68:23:ed:32:81:1d:dd:35:d4:7a:14:5d:af:
9b:fb:86:03:e6:49:c9:73:43:bc:72:1b:0c:b3:e9:af:ee:ff:
0e:92:25:84:95:eb:80:f6:9b:57:52:a3:87:ef:6e:db:3c:a9:
a5:7a:5e:f0:56:a1:af:ae:e1:c4:5b:9a:56:1c:cf:3a:3d:b5:
4e:2c:a7:01:85:4e:13:01:19:f4:a2:1c:be:fc:bd:d6:4f:d0:
71:20:55:69:aa:70:2b:8a:14:0a:ef:47:f4:a3:72:97:75:ed:
8b:ed:06:4d:75:dd:07:e5:45:59:8b:3a:e9:18:09:44:63:05:
83:24:6f:98:0b:38:e7:96:fa:90:21:70:92:69:6c:85:8c:e1:
7b:51:7d:e2:ec:50:11:52:fd:5f:44:4b:da:b5:61:c0:d5:c5:
68:d3:fd:72:d2:ca:9e:e8:21:f4:6e:ca:0f:8a:b3:0b:2e:b4:
2e:df:3c:9a:83:f4:da:58:e4:70:68:eb:3f:98:bf:f2:bd:55:
ea:74:d4:60:be:5a:e7:3d:e0:49:1f:da:00:44:0f:16:ef:b9:
fa:e7:7d:23:9b:bd:40:3b:8a:fd:19:fd:05:f9:78:59:7b:d6:
4b:ee:8b:ff
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMDExMjQw
OTI0NTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDVBMDU2MTU5MkYwQjhB
MEZEQ0E5MzlDMjdENkY2NjVBM0MyMzI3Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGCKjryH6rzWFQoyZMJ2awiFJuPb1CvbLYGZDz4YBqU0LGehh+
iXfNQy97mN6HfWvVKMLnBWrL9b3jaJmNCp3Bx8V6gvyNqJvkcy77SOJWAg2+oTua
y0If9N8w2YSNQNMgGrcd7qu+FasW/RZcDKJIi+skzaKj3ew0OR8LATZfGsYmHlzV
JKNIc7HnTztBg85ydOiMcK/dzWVY9SxRlVqnEJnDpBmaQ/Uy/VtHuZJI7/cUwecW
SSndwwuNqUfqEUkTr0H+DFuayEK3RrozsLc18DCRY8WoDnT5pVP2XaWoklNpnNEA
XSEVw4NkDJXBmvFpV9/21+V4BkCpBnkpYDqfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUWgVhWS8Lig/cqTnCfW9mWjwjJ88wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvV2dWaFdTOExpZ19jcVRuQ2ZXOW1X
andqSjg4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMBIEDAN
BgkqhkiG9w0BAQsFAAOCAQEAMT4uCKio6qI8hUaDlUNdYjczIRosZjBoI+0ygR3d
NdR6FF2vm/uGA+ZJyXNDvHIbDLPpr+7/DpIlhJXrgPabV1Kjh+9u2zyppXpe8Fah
r67hxFuaVhzPOj21TiynAYVOEwEZ9KIcvvy91k/QcSBVaapwK4oUCu9H9KNyl3Xt
i+0GTXXdB+VFWYs66RgJRGMFgyRvmAs455b6kCFwkmlshYzhe1F94uxQEVL9X0RL
2rVhwNXFaNP9ctLKnugh9G7KD4qzCy60Lt88moP02ljkcGjrP5i/8r1V6nTUYL5a
5z3gSR/aAEQPFu+5+ud9I5u9QDuK/Rn9Bfl4WXvWS+6L/w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:59 2023 by rpki-client on console-ams.rpki-client.org