Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/d8kZfsMEPSLU4mj7utZ41p2mnIk.roa
File: d8kZfsMEPSLU4mj7utZ41p2mnIk.roa (raw, json)
Hash identifier: /hcwVH2ueleR6nJRWXpt9ioHTvb6aM5snEkuHvhTPm8=
Subject key identifier: 77:C9:19:7E:C3:04:3D:22:D4:E2:68:FB:BA:D6:78:D6:9D:A6:9C:89
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0C6D
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/d8kZfsMEPSLU4mj7utZ41p2mnIk.roa
Signing time: Sun 07 Feb 2021 11:43:21 +0000
ROA not before: Sun 07 Feb 2021 11:43:21 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18049
IP address blocks: 106.105.88.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3181 (0xc6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 11:43:21 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=77C9197EC3043D22D4E268FBBAD678D69DA69C89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:84:33:aa:4d:2c:f8:98:57:d5:8b:d1:34:
f3:47:28:7e:ab:05:19:a9:81:69:b3:ed:0f:a4:8d:
22:d9:4d:1e:ca:1b:4d:46:65:5b:0c:d2:07:df:b5:
1d:7e:4e:00:ac:36:ae:c0:ea:b1:8b:e7:7a:a2:e8:
7c:6d:bd:d2:43:cd:1e:a2:14:8d:7c:7f:d7:99:2f:
63:67:89:47:84:03:96:94:b0:67:08:ff:89:bf:4e:
e0:ad:11:e2:c3:83:68:b4:c8:90:43:b3:b0:e8:98:
f4:72:f3:ba:66:7d:ec:1d:f2:a9:2d:36:b2:b7:f8:
22:dc:15:57:e6:fe:44:9d:41:40:b4:5e:4f:cb:5e:
ce:22:98:9f:86:25:86:68:6b:49:4d:9e:02:6f:9d:
a7:b8:a9:d9:c8:db:59:69:80:48:32:94:f4:db:a8:
13:b3:48:ae:fe:1e:9c:2e:f9:59:09:80:2d:48:22:
d6:e8:56:ed:2b:aa:8f:77:4a:78:6c:3d:64:9b:1c:
e1:8f:08:b8:e8:71:ae:fb:98:7c:ec:1a:76:74:01:
90:7b:dd:f4:25:44:e6:06:96:31:38:77:4e:d4:8e:
9f:e0:43:f3:55:d4:49:ad:88:bc:ca:01:b5:88:9f:
34:ae:62:94:d3:43:c9:45:e9:25:76:a9:91:b0:e4:
6f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C9:19:7E:C3:04:3D:22:D4:E2:68:FB:BA:D6:78:D6:9D:A6:9C:89
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/d8kZfsMEPSLU4mj7utZ41p2mnIk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.88.0/21
Signature Algorithm: sha256WithRSAEncryption
49:70:ca:73:43:18:41:32:54:23:d4:f5:07:e7:8b:5e:85:54:
7a:aa:ff:da:b3:ae:3e:34:55:b3:be:22:5d:02:22:31:0c:51:
68:b8:3c:be:d1:ff:45:33:2a:70:02:41:58:82:e0:0a:82:c1:
03:80:3a:ae:33:f9:ab:82:34:02:a9:ed:ec:24:0c:15:bf:4d:
19:28:39:3d:0d:76:f4:61:6c:91:bd:99:16:87:3a:f3:81:41:
07:4b:8b:b2:6f:3f:b0:0c:aa:19:d8:a9:8e:b1:be:1e:62:43:
4f:e6:dd:79:11:b1:76:a5:80:db:8b:7c:b2:8c:29:f5:b6:85:
3e:a3:55:2e:cb:cf:d4:fb:17:46:a4:30:25:ef:90:d9:16:74:
40:e5:c2:92:dd:3a:c7:40:95:dc:ba:40:2c:91:31:0c:c1:2b:
7e:d2:43:d8:47:b0:15:b6:f1:72:d1:8b:52:ed:74:74:0d:50:
bc:bb:7b:b4:db:b8:ab:40:50:18:ce:5d:c7:90:b1:45:67:84:
76:b9:06:36:f7:d8:46:64:bf:37:1e:e0:3b:f0:71:5b:22:5d:
66:cf:0d:0f:11:e7:e0:c1:ad:b9:a2:b3:75:28:a4:27:a9:e6:
c2:6a:65:c1:14:10:4c:09:d9:8c:8e:d2:fd:9c:a3:b0:b0:b0:
24:18:b7:69
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcx
MTQzMjFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDc3QzkxOTdFQzMwNDNE
MjJENEUyNjhGQkJBRDY3OEQ2OURBNjlDODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw/4Qzqk0s+JhX1YvRNPNHKH6rBRmpgWmz7Q+kjSLZTR7KG01G
ZVsM0gfftR1+TgCsNq7A6rGL53qi6HxtvdJDzR6iFI18f9eZL2NniUeEA5aUsGcI
/4m/TuCtEeLDg2i0yJBDs7DomPRy87pmfewd8qktNrK3+CLcFVfm/kSdQUC0Xk/L
Xs4imJ+GJYZoa0lNngJvnae4qdnI21lpgEgylPTbqBOzSK7+Hpwu+VkJgC1IItbo
Vu0rqo93SnhsPWSbHOGPCLjoca77mHzsGnZ0AZB73fQlROYGljE4d07Ujp/gQ/NV
1EmtiLzKAbWInzSuYpTTQ8lF6SV2qZGw5G+3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUd8kZfsMEPSLU4mj7utZ41p2mnIkwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvZDhrWmZzTUVQU0xVNG1qN3V0WjQx
cDJtbklrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2ppWDAN
BgkqhkiG9w0BAQsFAAOCAQEASXDKc0MYQTJUI9T1B+eLXoVUeqr/2rOuPjRVs74i
XQIiMQxRaLg8vtH/RTMqcAJBWILgCoLBA4A6rjP5q4I0Aqnt7CQMFb9NGSg5PQ12
9GFskb2ZFoc684FBB0uLsm8/sAyqGdipjrG+HmJDT+bdeRGxdqWA24t8sowp9baF
PqNVLsvP1PsXRqQwJe+Q2RZ0QOXCkt06x0CV3LpALJExDMErftJD2EewFbbxctGL
Uu10dA1QvLt7tNu4q0BQGM5dx5CxRWeEdrkGNvfYRmS/Nx7gO/BxWyJdZs8NDxHn
4MGtuaKzdSikJ6nmwmplwRQQTAnZjI7S/ZyjsLCwJBi3aQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:00 2023 by rpki-client on console-ams.rpki-client.org