Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Zu7GgGZ6Q0OkpN9QoqJr0OLHFLo.roa
File: Zu7GgGZ6Q0OkpN9QoqJr0OLHFLo.roa (raw, json)
Hash identifier: hMhDig7++kLH8MlTFjPTb4h2F5ycCdfXbfO8pU4Mf+Y=
Subject key identifier: 66:EE:C6:80:66:7A:43:43:A4:A4:DF:50:A2:A2:6B:D0:E2:C7:14:BA
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E5D
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Zu7GgGZ6Q0OkpN9QoqJr0OLHFLo.roa
Signing time: Wed 29 Sep 2021 02:43:30 +0000
ROA not before: Wed 29 Sep 2021 02:43:30 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131586
IP address blocks: 106.106.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3677 (0xe5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:30 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=66EEC680667A4343A4A4DF50A2A26BD0E2C714BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ab:9b:0d:8f:32:2d:96:fb:67:4c:6e:15:44:
e6:53:12:97:47:3b:f6:25:78:dc:a5:27:d3:8a:f4:
48:18:3b:02:b7:5f:c0:93:6a:d2:e9:e5:b9:3e:1b:
a6:e1:6e:28:39:7e:04:f7:3d:33:d0:0d:5d:8f:90:
fc:70:fd:a0:bf:28:41:94:90:08:d3:87:4d:7e:99:
ea:e3:ac:01:9b:e5:10:b8:ad:2d:8f:a4:63:c0:0d:
50:79:6e:4d:8e:7b:67:f0:dc:dc:ec:df:3a:cd:6c:
0b:49:ac:8a:1d:dc:67:66:86:6b:d2:3c:d8:29:63:
f5:65:3f:fa:61:3f:28:6c:62:15:8a:fb:0f:dc:61:
10:d3:c1:ed:e8:bc:7c:6f:6f:37:e4:27:c2:1d:7e:
08:97:ae:1e:3a:23:31:39:70:b3:c1:08:2e:d5:e8:
d2:73:36:eb:07:71:91:51:28:53:aa:2b:59:d0:f5:
41:81:10:0d:94:eb:94:70:4c:ba:18:14:5a:9f:b1:
c1:07:79:54:17:65:13:76:71:0c:a0:99:0d:b7:35:
85:76:71:d6:ff:63:e5:dd:c3:e0:c8:92:c8:c1:4c:
93:66:5a:46:29:00:44:90:42:f4:e8:d8:9f:59:1f:
dd:d0:c3:a2:69:07:43:68:83:b1:dd:79:05:79:33:
98:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:EE:C6:80:66:7A:43:43:A4:A4:DF:50:A2:A2:6B:D0:E2:C7:14:BA
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Zu7GgGZ6Q0OkpN9QoqJr0OLHFLo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.106.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:38:b3:aa:55:48:52:e5:4b:f2:75:65:8f:75:38:33:14:67:
16:e5:b9:84:7d:d3:74:bf:38:b1:d3:02:9e:5e:ac:ee:b8:1d:
0c:46:88:e8:f6:73:82:0e:ee:22:55:9a:2b:51:70:87:7e:de:
80:52:2f:24:2a:ad:1f:85:5c:df:c1:69:17:bc:94:9d:e4:96:
34:33:06:0e:50:db:1c:8c:c9:91:1c:36:eb:3f:2a:9b:fc:0d:
30:90:69:9e:2d:c0:a8:cf:dc:87:c8:52:34:bb:17:44:a3:34:
99:a8:2a:16:7b:d5:2e:7f:26:69:32:1e:b9:84:07:c3:8d:d5:
92:e6:d2:93:e2:ac:83:90:99:94:1d:06:6f:87:58:cd:0d:5f:
40:ab:4c:f3:8b:88:f9:26:de:81:89:84:9a:44:aa:3f:06:db:
5c:ec:f2:5f:ba:67:e0:46:0a:97:21:1b:24:70:d2:9c:9e:42:
c0:65:41:e8:09:66:c8:1c:8d:c9:a1:aa:92:5b:79:5c:1c:af:
ad:35:c3:ef:f2:a2:ac:6c:98:11:2c:22:46:c2:7e:f3:d2:e8:
31:44:b8:aa:a4:6b:5d:f8:21:0d:f6:f5:70:78:1b:2c:27:bf:
75:25:cb:a2:f2:0f:87:53:23:cb:41:7a:28:5a:ee:5e:5a:54:
bc:6b:c4:22
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMzBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY2RUVDNjgwNjY3QTQz
NDNBNEE0REY1MEEyQTI2QkQwRTJDNzE0QkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClq5sNjzItlvtnTG4VROZTEpdHO/YleNylJ9OK9EgYOwK3X8CT
atLp5bk+G6bhbig5fgT3PTPQDV2PkPxw/aC/KEGUkAjTh01+merjrAGb5RC4rS2P
pGPADVB5bk2Oe2fw3Nzs3zrNbAtJrIod3GdmhmvSPNgpY/VlP/phPyhsYhWK+w/c
YRDTwe3ovHxvbzfkJ8IdfgiXrh46IzE5cLPBCC7V6NJzNusHcZFRKFOqK1nQ9UGB
EA2U65RwTLoYFFqfscEHeVQXZRN2cQygmQ23NYV2cdb/Y+Xdw+DIksjBTJNmWkYp
AESQQvTo2J9ZH93Qw6JpB0Nog7HdeQV5M5jVAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUZu7GgGZ6Q0OkpN9QoqJr0OLHFLowHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWnU3R2dHWjZRME9rcE45UW9xSnIw
T0xIRkxvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAGpqMA0G
CSqGSIb3DQEBCwUAA4IBAQBPOLOqVUhS5UvydWWPdTgzFGcW5bmEfdN0vzix0wKe
XqzuuB0MRojo9nOCDu4iVZorUXCHft6AUi8kKq0fhVzfwWkXvJSd5JY0MwYOUNsc
jMmRHDbrPyqb/A0wkGmeLcCoz9yHyFI0uxdEozSZqCoWe9UufyZpMh65hAfDjdWS
5tKT4qyDkJmUHQZvh1jNDV9Aq0zzi4j5Jt6BiYSaRKo/Bttc7PJfumfgRgqXIRsk
cNKcnkLAZUHoCWbIHI3JoaqSW3lcHK+tNcPv8qKsbJgRLCJGwn7z0ugxRLiqpGtd
+CEN9vVweBssJ791Jcui8g+HUyPLQXooWu5eWlS8a8Qi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:00 2023 by rpki-client on console-ams.rpki-client.org