Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/XZ9CN9syX0d2JX8nX7WgK26qIXY.roa
File: XZ9CN9syX0d2JX8nX7WgK26qIXY.roa (raw, json)
Hash identifier: H6Xw5SyX2MC0+tB6lJL6ntTJVHrTS3aye8/Tpyar3Jw=
Subject key identifier: 5D:9F:42:37:DB:32:5F:47:76:25:7F:27:5F:B5:A0:2B:6E:AA:21:76
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0B82
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/XZ9CN9syX0d2JX8nX7WgK26qIXY.roa
Signing time: Wed 29 Sep 2021 02:44:17 +0000
ROA not before: Wed 29 Sep 2021 02:44:17 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4780
IP address blocks: 192.72.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2946 (0xb82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Sep 29 02:44:17 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=5D9F4237DB325F4776257F275FB5A02B6EAA2176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f0:0b:71:73:e3:61:a0:7a:73:5d:38:54:eb:
04:95:63:d7:f2:8b:5b:ef:80:ec:b7:82:8a:82:84:
f6:fe:31:12:a0:7e:4a:e3:20:f4:3e:39:dc:5c:66:
85:75:55:b1:c1:77:46:74:65:bc:4f:ab:45:80:76:
5b:e2:c1:84:a0:28:5f:65:ef:87:22:ae:fc:34:c9:
1f:b9:2b:e7:a9:01:91:1e:92:8d:f8:c3:87:b5:5e:
d0:94:46:12:d4:2b:63:94:8a:fa:02:a3:f3:23:91:
55:bd:c9:0f:c1:7c:43:a5:2b:c9:e2:e4:3d:cb:69:
74:de:b1:62:81:8c:78:cc:80:11:40:6b:60:a7:57:
f7:8d:c9:d5:44:23:45:58:fb:0b:db:3a:b6:6c:fa:
63:90:b3:38:33:9e:17:e2:54:43:ce:37:af:40:6a:
cd:b5:87:7e:90:cb:2f:8f:b7:24:7b:dd:f4:9f:96:
bb:cd:a7:a9:ea:61:c3:4c:82:2d:8e:6f:43:cf:c1:
38:d7:c0:13:82:99:32:c2:81:6a:bb:e1:a6:9d:ef:
a7:26:57:45:43:b6:f0:a9:41:05:24:3a:d5:dc:ab:
c2:eb:d7:58:0e:06:1a:29:5f:48:4e:3c:27:6c:76:
ce:cb:69:81:43:a6:2e:96:5d:ef:cf:68:5d:c0:78:
81:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9F:42:37:DB:32:5F:47:76:25:7F:27:5F:B5:A0:2B:6E:AA:21:76
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/XZ9CN9syX0d2JX8nX7WgK26qIXY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.32.0/19
Signature Algorithm: sha256WithRSAEncryption
67:01:07:71:d0:96:89:58:26:3c:4d:60:b0:11:63:c1:74:24:
61:d3:8c:64:91:bb:6c:88:9b:d5:ec:d8:75:6d:7b:01:3b:76:
e5:83:69:aa:9c:eb:e7:d6:ab:91:ca:e2:56:05:83:ab:e4:17:
c3:3d:55:1a:54:c8:6c:05:6c:1c:07:19:2f:8f:d4:aa:42:b6:
d3:a2:6b:97:08:61:6a:50:44:63:3a:49:f1:59:db:a0:82:df:
bb:8b:a3:b4:fc:c7:51:57:13:8f:88:eb:11:8b:3d:fa:b2:85:
38:54:5b:56:c4:21:63:bc:d5:12:fc:90:ce:e7:e9:f1:bc:8c:
22:51:b5:1e:99:af:eb:c0:0a:74:6d:1b:81:98:7f:9d:7e:6c:
df:7d:e2:7a:7d:de:46:30:ea:f4:20:bb:4f:39:d4:96:09:3c:
45:89:7f:bd:8f:52:67:cd:d5:78:62:94:ac:66:51:10:7e:c5:
31:54:28:10:a4:16:e9:7a:16:dd:56:ec:6d:bd:2f:99:d1:05:
7e:3a:c1:ee:42:0a:bb:3a:1e:ee:e2:31:d8:db:2f:ec:f1:41:
36:fc:2e:36:92:c3:3a:ba:21:bd:4f:c7:a2:2d:8f:ac:73:c3:
86:1c:52:3e:15:a6:e7:40:57:41:48:5b:06:68:94:5e:32:89:
9d:6f:8f:2b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC4IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMTA5Mjkw
MjQ0MTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDVEOUY0MjM3REIzMjVG
NDc3NjI1N0YyNzVGQjVBMDJCNkVBQTIxNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI8Atxc+NhoHpzXThU6wSVY9fyi1vvgOy3goqChPb+MRKgfkrj
IPQ+OdxcZoV1VbHBd0Z0ZbxPq0WAdlviwYSgKF9l74cirvw0yR+5K+epAZEeko34
w4e1XtCURhLUK2OUivoCo/MjkVW9yQ/BfEOlK8ni5D3LaXTesWKBjHjMgBFAa2Cn
V/eNydVEI0VY+wvbOrZs+mOQszgznhfiVEPON69Aas21h36Qyy+PtyR73fSflrvN
p6nqYcNMgi2Ob0PPwTjXwBOCmTLCgWq74aad76cmV0VDtvCpQQUkOtXcq8Lr11gO
BhopX0hOPCdsds7LaYFDpi6WXe/PaF3AeIHDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXZ9CN9syX0d2JX8nX7WgK26qIXYwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWFo5Q045c3lYMGQySlg4blg3V2dL
MjZxSVhZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcBIIDAN
BgkqhkiG9w0BAQsFAAOCAQEAZwEHcdCWiVgmPE1gsBFjwXQkYdOMZJG7bIib1ezY
dW17ATt25YNpqpzr59arkcriVgWDq+QXwz1VGlTIbAVsHAcZL4/UqkK206Jrlwhh
alBEYzpJ8VnboILfu4ujtPzHUVcTj4jrEYs9+rKFOFRbVsQhY7zVEvyQzufp8byM
IlG1Hpmv68AKdG0bgZh/nX5s333ien3eRjDq9CC7TznUlgk8RYl/vY9SZ83VeGKU
rGZREH7FMVQoEKQW6XoW3Vbsbb0vmdEFfjrB7kIKuzoe7uIx2Nsv7PFBNvwuNpLD
OrohvU/Hoi2PrHPDhhxSPhWm50BXQUhbBmiUXjKJnW+PKw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-fra.rpki-client.org