Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/hP1sxbg97lW_XbLlV9Tc3N0Z03Q.roa
File: hP1sxbg97lW_XbLlV9Tc3N0Z03Q.roa (raw, json)
Hash identifier: I5t2f+5Tko2tycI0lU87LY1jSRGiMlGe0hF9GXXccZ4=
Subject key identifier: 84:FD:6C:C5:B8:3D:EE:55:BF:5D:B2:E5:57:D4:DC:DC:DD:19:D3:74
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0BA2
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/hP1sxbg97lW_XbLlV9Tc3N0Z03Q.roa
Signing time: Sun 07 Feb 2021 06:27:12 +0000
ROA not before: Sun 07 Feb 2021 06:27:12 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4780
IP address blocks: 220.228.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2978 (0xba2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 06:27:12 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=84FD6CC5B83DEE55BF5DB2E557D4DCDCDD19D374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bc:9a:e7:04:97:91:6f:14:b5:5b:2f:fd:be:
af:32:50:94:b5:5e:fb:ad:59:5d:de:b7:d5:05:d6:
96:f4:1f:f7:2a:44:c4:1f:5c:a8:a4:22:93:8b:7a:
3a:fa:c2:05:9e:53:32:f4:5e:c4:17:1a:bf:3f:ff:
1b:45:5c:34:2c:11:d1:2d:de:b2:f7:89:2b:8e:b8:
c0:64:5f:cb:32:b0:6b:ec:93:cb:11:e6:6a:7d:ba:
71:65:84:22:1f:13:9a:11:2b:cb:a6:2a:04:82:e2:
00:03:84:3f:34:c6:57:44:40:eb:28:71:89:f0:88:
9c:d0:83:7b:e5:62:eb:ae:63:c8:74:ca:19:7f:ab:
07:90:fa:df:0c:32:33:6f:bc:11:c9:90:6c:27:16:
35:87:40:3f:9d:a0:cc:c8:79:53:c5:4a:43:a3:cd:
30:1f:18:a0:5c:80:30:25:12:4c:fb:7a:6b:73:00:
5c:14:b0:81:18:69:fe:4f:06:1e:5a:4b:90:06:e0:
ab:bd:ce:0f:f0:46:a3:69:3d:1b:31:20:df:51:4b:
16:7d:e8:84:b8:1d:84:b4:e9:88:bb:39:cc:29:33:
17:86:d8:10:79:2d:dc:73:ea:2a:c0:d2:6b:c5:ed:
75:f6:45:84:1f:b7:76:95:1c:41:fb:4f:d3:a3:10:
60:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FD:6C:C5:B8:3D:EE:55:BF:5D:B2:E5:57:D4:DC:DC:DD:19:D3:74
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/hP1sxbg97lW_XbLlV9Tc3N0Z03Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
92:69:26:6e:73:15:f1:71:8b:cd:2e:0f:45:3b:5e:c3:1c:f9:
a5:31:81:80:4c:cd:85:d9:81:b6:50:8e:24:34:19:c7:e9:60:
35:69:60:ca:33:b8:1b:55:8f:e4:4e:71:44:9f:e9:a2:8e:90:
d3:00:5b:2e:c6:e2:29:71:e7:04:40:ea:84:a9:da:f4:29:46:
f0:93:cf:b3:8b:14:fa:9d:f6:bc:87:43:46:08:23:fa:6a:b2:
b3:28:b3:84:68:34:d3:e1:ed:e5:3d:e1:83:07:5e:c7:c4:0c:
bf:d6:6a:ad:04:de:2f:57:05:ce:0c:b2:ae:a7:b1:7a:ac:b8:
20:24:01:81:e2:aa:4a:c0:69:5f:37:3f:35:08:0e:a2:7e:24:
a2:52:61:e1:68:74:78:0c:a8:a5:44:d2:27:c7:56:48:8d:ce:
32:90:8b:b1:d1:27:35:b0:00:f2:b7:05:9f:f2:0d:21:1a:af:
93:84:92:5e:fe:d1:3a:bd:16:25:9d:a2:3b:7e:1a:ce:62:c6:
6a:2b:db:c9:3b:19:16:b1:c0:2c:24:d8:5a:9e:5c:d7:4b:43:
94:b9:f5:e3:ed:55:30:0f:01:14:27:51:94:a2:ed:d4:c0:5a:
57:2a:91:5d:70:0b:6a:dd:11:d0:ef:2b:4c:57:22:88:86:98:
cf:ef:6d:3d
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICC6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcw
NjI3MTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg0RkQ2Q0M1QjgzREVF
NTVCRjVEQjJFNTU3RDREQ0RDREQxOUQzNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChvJrnBJeRbxS1Wy/9vq8yUJS1XvutWV3et9UF1pb0H/cqRMQf
XKikIpOLejr6wgWeUzL0XsQXGr8//xtFXDQsEdEt3rL3iSuOuMBkX8sysGvsk8sR
5mp9unFlhCIfE5oRK8umKgSC4gADhD80xldEQOsocYnwiJzQg3vlYuuuY8h0yhl/
qweQ+t8MMjNvvBHJkGwnFjWHQD+doMzIeVPFSkOjzTAfGKBcgDAlEkz7emtzAFwU
sIEYaf5PBh5aS5AG4Ku9zg/wRqNpPRsxIN9RSxZ96IS4HYS06Yi7OcwpMxeG2BB5
Ldxz6irA0mvF7XX2RYQft3aVHEH7T9OjEGC1AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUhP1sxbg97lW/XbLlV9Tc3N0Z03QwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvaFAxc3hiZzk3bFdfWGJMbFY5VGMz
TjBaMDNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAdzkMA0G
CSqGSIb3DQEBCwUAA4IBAQCSaSZucxXxcYvNLg9FO17DHPmlMYGATM2F2YG2UI4k
NBnH6WA1aWDKM7gbVY/kTnFEn+mijpDTAFsuxuIpcecEQOqEqdr0KUbwk8+zixT6
nfa8h0NGCCP6arKzKLOEaDTT4e3lPeGDB17HxAy/1mqtBN4vVwXODLKup7F6rLgg
JAGB4qpKwGlfNz81CA6ifiSiUmHhaHR4DKilRNInx1ZIjc4ykIux0Sc1sADytwWf
8g0hGq+ThJJe/tE6vRYlnaI7fhrOYsZqK9vJOxkWscAsJNhanlzXS0OUufXj7VUw
DwEUJ1GUou3UwFpXKpFdcAtq3RHQ7ytMVyKIhpjP7209
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:00 2023 by rpki-client on console-ams.rpki-client.org