Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Xfo4ZP0IIDCFSP1su5NTD5muFdM.roa
File: Xfo4ZP0IIDCFSP1su5NTD5muFdM.roa (raw, json)
Hash identifier: Rt2OoxnNP6B4HozztlFD+XGMsiGNjSMBnVSg4MYW3wY=
Subject key identifier: 5D:FA:38:64:FD:08:20:30:85:48:FD:6C:BB:93:53:0F:99:AE:15:D3
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0A0A
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Xfo4ZP0IIDCFSP1su5NTD5muFdM.roa
Signing time: Sun 07 Feb 2021 06:37:49 +0000
ROA not before: Sun 07 Feb 2021 06:37:49 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4780
IP address blocks: 192.72.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2570 (0xa0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 7 06:37:49 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=5DFA3864FD0820308548FD6CBB93530F99AE15D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:0a:83:27:12:28:98:83:5b:cc:29:4f:90:
cb:40:9c:97:03:68:69:9b:34:63:73:24:e2:86:cf:
68:bb:44:e2:bd:91:64:a4:4b:a4:17:66:1b:44:20:
61:ab:2e:90:7b:c7:f5:9d:b6:78:e9:75:b9:df:bf:
30:d6:4d:eb:87:74:62:d9:89:7d:a9:47:10:1c:2c:
85:9e:ce:3b:6e:0a:a9:72:82:65:ad:9e:19:bd:08:
6f:99:4e:9f:bf:2f:f0:d2:91:80:fa:4d:c9:e4:5b:
ca:5f:3f:31:a3:4d:40:31:20:7d:a4:fc:35:a8:02:
41:40:fb:65:14:6a:ba:a8:11:8d:00:4e:3b:9d:06:
07:6e:98:50:87:64:39:84:79:55:03:bf:6f:6b:e6:
02:98:01:ee:c3:cc:6c:dc:dc:1e:81:41:66:0c:8d:
dc:86:2c:69:47:ab:1f:f4:52:a0:72:d8:58:29:2a:
df:37:c0:86:d7:a1:93:58:1b:8d:8f:3c:b4:3a:fe:
cc:34:19:e2:5b:09:95:d4:b5:2b:4b:31:ff:63:59:
11:36:52:d6:16:76:84:3e:f8:8f:3f:96:85:96:6a:
d0:38:64:8b:68:cb:d4:ab:42:69:85:bc:de:f6:98:
c4:bf:1c:88:ee:f2:93:95:b5:65:d4:06:f6:8e:b4:
97:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FA:38:64:FD:08:20:30:85:48:FD:6C:BB:93:53:0F:99:AE:15:D3
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Xfo4ZP0IIDCFSP1su5NTD5muFdM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.252.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:dd:37:93:34:77:e2:f4:62:14:fa:04:d1:42:06:5d:00:96:
e0:a5:20:89:35:28:bf:b5:1f:5b:ca:d4:7f:1f:f9:fe:56:06:
53:db:d0:4a:9c:d2:8a:e2:63:5d:60:13:91:52:69:a8:cf:ec:
36:30:5a:fb:b9:43:53:af:5b:0a:35:84:2c:85:fd:e5:77:b8:
62:0e:44:24:7e:6c:ea:f2:16:8d:d9:5f:01:99:d5:c0:cb:7d:
a4:b9:61:f5:51:77:75:0c:e6:ba:82:b3:d5:e3:14:7c:32:a3:
10:63:64:6c:36:f4:75:aa:90:54:61:4f:20:5d:ad:88:c3:ec:
a1:e0:20:a0:b2:00:30:09:35:af:16:65:4c:23:77:68:ff:45:
fe:80:fc:67:95:5c:84:11:8c:6c:69:d8:79:cf:b9:81:66:f2:
ad:3b:77:e3:11:ca:bd:34:dc:a1:0d:0b:2a:d6:4f:cd:ce:0f:
bb:38:cf:d1:da:fb:07:18:74:46:15:f7:85:2a:00:25:2b:5f:
7e:fd:d7:e4:9a:77:4a:8a:4a:e8:ba:77:0e:cb:06:a8:09:37:
12:ef:f6:e9:e0:b6:22:59:ad:2a:df:cb:8d:f0:b7:39:38:d9:
de:b6:cd:12:00:77:22:f0:d6:69:d7:15:55:52:c9:91:f7:5f:
37:9a:d7:7c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMTAyMDcw
NjM3NDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDVERkEzODY0RkQwODIw
MzA4NTQ4RkQ2Q0JCOTM1MzBGOTlBRTE1RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDABwqDJxIomINbzClPkMtAnJcDaGmbNGNzJOKGz2i7ROK9kWSk
S6QXZhtEIGGrLpB7x/WdtnjpdbnfvzDWTeuHdGLZiX2pRxAcLIWezjtuCqlygmWt
nhm9CG+ZTp+/L/DSkYD6TcnkW8pfPzGjTUAxIH2k/DWoAkFA+2UUarqoEY0ATjud
BgdumFCHZDmEeVUDv29r5gKYAe7DzGzc3B6BQWYMjdyGLGlHqx/0UqBy2FgpKt83
wIbXoZNYG42PPLQ6/sw0GeJbCZXUtStLMf9jWRE2UtYWdoQ++I8/loWWatA4ZIto
y9SrQmmFvN72mMS/HIju8pOVtWXUBvaOtJd7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXfo4ZP0IIDCFSP1su5NTD5muFdMwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWGZvNFpQMElJRENGU1Axc3U1TlRE
NW11RmRNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBI/DAN
BgkqhkiG9w0BAQsFAAOCAQEAO903kzR34vRiFPoE0UIGXQCW4KUgiTUov7UfW8rU
fx/5/lYGU9vQSpzSiuJjXWATkVJpqM/sNjBa+7lDU69bCjWELIX95Xe4Yg5EJH5s
6vIWjdlfAZnVwMt9pLlh9VF3dQzmuoKz1eMUfDKjEGNkbDb0daqQVGFPIF2tiMPs
oeAgoLIAMAk1rxZlTCN3aP9F/oD8Z5VchBGMbGnYec+5gWbyrTt34xHKvTTcoQ0L
KtZPzc4PuzjP0dr7Bxh0RhX3hSoAJStffv3X5Jp3SopK6Lp3DssGqAk3Eu/26eC2
IlmtKt/LjfC3OTjZ3rbNEgB3IvDWadcVVVLJkfdfN5rXfA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:59 2023 by rpki-client on console-ams.rpki-client.org