Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/XLBPpY2Ik56VsGhW2eAG7Do_ckg.roa
File: XLBPpY2Ik56VsGhW2eAG7Do_ckg.roa (raw, json)
Hash identifier: v0/NTlhdbWs+i7DwHTyprvkVxeXCRjASWtWTbJNI5X8=
Subject key identifier: 5C:B0:4F:A5:8D:88:93:9E:95:B0:68:56:D9:E0:06:EC:3A:3F:72:48
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 08F1
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/XLBPpY2Ik56VsGhW2eAG7Do_ckg.roa
Signing time: Tue 29 Sep 2020 09:52:37 +0000
ROA not before: Tue 29 Sep 2020 09:52:37 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4780
IP address blocks: 220.228.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2289 (0x8f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:37 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=5CB04FA58D88939E95B06856D9E006EC3A3F7248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:69:fa:ec:ff:81:52:61:30:f3:b5:94:15:65:
61:f5:68:50:72:3f:5e:18:6d:4d:fa:49:ee:40:d1:
a8:a8:35:46:b5:a8:31:95:b7:20:2e:25:ef:67:1e:
0d:0e:34:c5:74:eb:bf:08:a6:46:a1:01:b4:01:79:
df:7d:a4:0b:48:b0:9f:65:07:f9:52:01:6e:f7:ba:
ff:b0:f3:c1:6d:c1:48:11:12:74:83:6c:62:85:dc:
df:0f:d5:3d:50:9e:be:64:85:86:c2:04:6c:5b:8f:
22:67:84:10:0a:86:e9:61:2d:08:75:cb:c7:3c:34:
0a:02:ff:c5:bb:c5:03:48:2a:94:09:5b:2a:64:2b:
4d:4d:ff:3f:2f:d7:bc:30:0f:90:80:ec:d8:23:4b:
0c:06:8c:84:ec:7f:25:dd:ea:50:05:c1:48:9e:fd:
23:3f:5a:65:c8:9b:18:eb:47:a6:03:03:e1:68:4e:
b4:84:ce:ea:7a:3a:26:46:39:69:cf:8e:d2:8b:75:
eb:60:d9:1d:2f:59:f3:9c:70:6f:7c:5a:e4:a1:e2:
02:6c:9c:c0:18:9f:4e:12:ae:26:c4:7c:89:90:86:
68:29:30:28:7d:86:7b:fb:51:1e:5d:b8:d0:87:90:
3c:a5:4c:8d:68:ae:88:e2:c0:97:37:a9:fb:87:cc:
09:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B0:4F:A5:8D:88:93:9E:95:B0:68:56:D9:E0:06:EC:3A:3F:72:48
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/XLBPpY2Ik56VsGhW2eAG7Do_ckg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7a:47:ed:19:4a:8d:bd:e9:29:9a:4b:6d:8e:f4:d5:12:88:e6:
f5:61:0d:3e:f1:d7:00:ca:d9:ac:62:2e:5f:d3:5f:54:0f:80:
ac:ba:95:f8:d2:a5:16:14:69:49:53:6c:c7:29:57:4f:9b:da:
d5:48:9e:40:68:8f:7e:34:fe:8d:25:a6:67:66:d7:64:6f:bc:
e0:dc:5b:96:95:3c:59:ea:4a:41:3d:d7:8d:43:09:a4:06:cb:
da:27:f3:b6:06:e9:28:0b:63:f5:c2:80:61:51:79:f6:97:4c:
b7:64:11:d2:01:52:84:ab:7f:d6:8f:db:29:6b:b6:0f:b7:73:
4e:27:21:c3:7a:01:80:8b:bd:5f:d5:fa:20:84:1a:7f:4d:ba:
c8:bb:00:b5:f0:ea:01:89:f7:bf:c3:c7:c7:88:3f:2b:98:67:
6c:f6:1e:c1:e7:9e:9c:70:bc:d3:02:ed:04:e6:d9:7c:30:f3:
86:d7:1a:6b:f6:23:c7:dc:82:bb:78:ae:f7:a4:68:3b:e1:c9:
bf:c0:30:6e:8c:40:e0:75:d4:25:8e:35:35:48:31:c0:8b:71:
0a:e4:25:28:02:fb:81:9e:8f:5d:38:8d:6f:bf:25:e4:8d:db:
1c:77:fc:f2:78:a7:f7:34:d0:00:36:d7:d8:58:4a:d9:02:2d:
8a:15:3f:8e
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMzdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDVDQjA0RkE1OEQ4ODkz
OUU5NUIwNjg1NkQ5RTAwNkVDM0EzRjcyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpafrs/4FSYTDztZQVZWH1aFByP14YbU36Se5A0aioNUa1qDGV
tyAuJe9nHg0ONMV0678IpkahAbQBed99pAtIsJ9lB/lSAW73uv+w88FtwUgREnSD
bGKF3N8P1T1Qnr5khYbCBGxbjyJnhBAKhulhLQh1y8c8NAoC/8W7xQNIKpQJWypk
K01N/z8v17wwD5CA7NgjSwwGjITsfyXd6lAFwUie/SM/WmXImxjrR6YDA+FoTrSE
zup6OiZGOWnPjtKLdetg2R0vWfOccG98WuSh4gJsnMAYn04SribEfImQhmgpMCh9
hnv7UR5duNCHkDylTI1orojiwJc3qfuHzAmhAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUXLBPpY2Ik56VsGhW2eAG7Do/ckgwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWExCUHBZMklrNTZWc0doVzJlQUc3
RG9fY2tnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAdzkMA0G
CSqGSIb3DQEBCwUAA4IBAQB6R+0ZSo296SmaS22O9NUSiOb1YQ0+8dcAytmsYi5f
019UD4CsupX40qUWFGlJU2zHKVdPm9rVSJ5AaI9+NP6NJaZnZtdkb7zg3FuWlTxZ
6kpBPdeNQwmkBsvaJ/O2BukoC2P1woBhUXn2l0y3ZBHSAVKEq3/Wj9spa7YPt3NO
JyHDegGAi71f1foghBp/TbrIuwC18OoBife/w8fHiD8rmGds9h7B556ccLzTAu0E
5tl8MPOG1xpr9iPH3IK7eK73pGg74cm/wDBujEDgddQljjU1SDHAi3EK5CUoAvuB
no9dOI1vvyXkjdscd/zyeKf3NNAANtfYWErZAi2KFT+O
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:59 2023 by rpki-client on console-ams.rpki-client.org