Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/cNBnj5mpntWn1BwROS0QKntkTn8.roa
File: cNBnj5mpntWn1BwROS0QKntkTn8.roa (raw, json)
Hash identifier: RDFaItbrZigoEHmUmny9cypV2ASN7Oyy8f7N3wZyZWY=
Subject key identifier: 70:D0:67:8F:99:A9:9E:D5:A7:D4:1C:11:39:2D:10:2A:7B:64:4E:7F
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E39
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/cNBnj5mpntWn1BwROS0QKntkTn8.roa
Signing time: Wed 29 Sep 2021 02:43:20 +0000
ROA not before: Wed 29 Sep 2021 02:43:20 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 106.107.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3641 (0xe39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:20 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=70D0678F99A99ED5A7D41C11392D102A7B644E7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:37:b7:98:1c:be:ac:48:a1:b4:81:e5:b3:f8:
4c:2a:ca:db:64:5a:dc:69:cb:a6:02:05:27:e5:c5:
2c:d6:04:35:67:75:57:b3:a3:96:3f:82:a9:59:83:
ee:0e:88:89:06:6e:3e:63:28:29:b8:83:fc:a0:97:
07:02:e0:68:50:0b:89:e7:99:19:4d:85:05:3c:59:
66:f1:28:2c:84:e9:fb:72:72:97:a2:89:29:eb:8c:
5e:fa:da:28:c8:94:6d:03:c8:70:aa:62:75:ab:75:
a6:46:17:a8:5c:54:35:2a:ec:8e:62:f5:54:29:27:
40:22:a9:2b:67:70:ab:2d:65:f5:06:e8:65:b1:27:
a6:d3:25:9c:fc:d4:dc:26:2d:76:e7:77:49:be:3b:
54:a1:bc:04:83:fb:f4:f8:01:9e:6e:16:23:79:dd:
03:96:a4:d3:78:85:c5:06:ce:90:3e:45:10:3f:35:
fa:a1:59:35:07:16:f4:53:fe:31:91:53:d1:6f:63:
56:a8:ee:74:b3:0e:b7:b0:f6:d3:17:8d:cc:ea:74:
71:4a:5a:6d:dd:5d:eb:58:09:16:18:18:6b:31:ab:
70:10:25:57:aa:aa:86:7b:3e:84:b1:0d:0c:02:f2:
af:f4:a1:b0:cd:01:7d:1a:87:20:e2:df:ca:e2:17:
15:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D0:67:8F:99:A9:9E:D5:A7:D4:1C:11:39:2D:10:2A:7B:64:4E:7F
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/cNBnj5mpntWn1BwROS0QKntkTn8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.107.128.0/17
Signature Algorithm: sha256WithRSAEncryption
59:15:6f:52:fe:bc:27:fe:54:e1:5f:20:87:c0:63:b6:c0:2e:
ae:39:61:d4:6f:a4:35:c2:37:33:df:ac:31:98:f9:b4:53:00:
16:a9:07:ac:99:b0:e7:1b:55:45:70:55:86:66:7c:4d:c7:f7:
41:ea:8f:37:bd:9f:23:39:82:47:a3:f3:5c:2b:f8:c9:82:a1:
82:d6:86:50:75:7d:3a:03:56:f4:3d:b1:31:86:e7:ed:b5:c8:
6b:29:49:9d:42:1f:11:0a:ad:db:c7:9e:f2:ea:f7:d7:2a:a2:
4f:b1:56:70:0c:9e:3e:d2:65:1e:18:7b:85:e9:80:83:82:8e:
c3:25:b0:5a:d1:5f:19:b9:da:43:e2:6c:13:cc:8c:28:42:a5:
25:30:22:28:49:7f:1f:eb:68:5a:fc:41:97:6a:00:70:51:c8:
48:fc:ed:97:da:dd:fd:05:95:07:f1:9c:58:bd:b5:f6:77:3d:
60:89:ad:fa:eb:16:ee:3d:1f:63:b9:e9:66:70:50:8b:8e:c8:
36:63:9d:96:b4:18:18:05:c0:3b:56:6d:6a:04:6f:9a:30:29:
9e:d0:89:88:28:ea:6a:9b:4c:71:58:e6:22:06:c7:8c:fe:4d:
0f:b0:42:4b:fa:54:06:a6:77:2d:4c:fc:aa:62:37:d2:c9:0d:
1b:c0:28:77
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDjkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMjBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDcwRDA2NzhGOTlBOTlF
RDVBN0Q0MUMxMTM5MkQxMDJBN0I2NDRFN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlN7eYHL6sSKG0geWz+EwqyttkWtxpy6YCBSflxSzWBDVndVez
o5Y/gqlZg+4OiIkGbj5jKCm4g/yglwcC4GhQC4nnmRlNhQU8WWbxKCyE6ftycpei
iSnrjF762ijIlG0DyHCqYnWrdaZGF6hcVDUq7I5i9VQpJ0AiqStncKstZfUG6GWx
J6bTJZz81NwmLXbnd0m+O1ShvASD+/T4AZ5uFiN53QOWpNN4hcUGzpA+RRA/Nfqh
WTUHFvRT/jGRU9FvY1ao7nSzDrew9tMXjczqdHFKWm3dXetYCRYYGGsxq3AQJVeq
qoZ7PoSxDQwC8q/0obDNAX0ahyDi38riFxWhAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcNBnj5mpntWn1BwROS0QKntkTn8wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvY05Cbmo1bXBudFduMUJ3Uk9TMFFL
bnRrVG44LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB2prgDAN
BgkqhkiG9w0BAQsFAAOCAQEAWRVvUv68J/5U4V8gh8BjtsAurjlh1G+kNcI3M9+s
MZj5tFMAFqkHrJmw5xtVRXBVhmZ8Tcf3QeqPN72fIzmCR6PzXCv4yYKhgtaGUHV9
OgNW9D2xMYbn7bXIaylJnUIfEQqt28ee8ur31yqiT7FWcAyePtJlHhh7hemAg4KO
wyWwWtFfGbnaQ+JsE8yMKEKlJTAiKEl/H+toWvxBl2oAcFHISPztl9rd/QWVB/Gc
WL219nc9YImt+usW7j0fY7npZnBQi47INmOdlrQYGAXAO1ZtagRvmjApntCJiCjq
aptMcVjmIgbHjP5ND7BCS/pUBqZ3LUz8qmI30skNG8Aodw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:12 2023 by rpki-client on console-fra.rpki-client.org