Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/hVrHnk1pTmvLx8AALeTsKFrhdo8.roa
File: hVrHnk1pTmvLx8AALeTsKFrhdo8.roa (raw, json)
Hash identifier: Aw8bAA9/EGhhX67brD05aEe7tRMApsI2SO3zgqvf5go=
Subject key identifier: 85:5A:C7:9E:4D:69:4E:6B:CB:C7:C0:00:2D:E4:EC:28:5A:E1:76:8F
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E98
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/hVrHnk1pTmvLx8AALeTsKFrhdo8.roa
Signing time: Wed 29 Sep 2021 02:43:47 +0000
ROA not before: Wed 29 Sep 2021 02:43:47 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9919
IP address blocks: 113.196.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3736 (0xe98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:47 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=855AC79E4D694E6BCBC7C0002DE4EC285AE1768F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:16:27:55:4e:70:92:67:b7:20:b3:26:79:68:
39:be:c4:ce:9b:87:6a:10:df:9f:d1:15:29:7a:45:
4a:31:b3:1c:7b:a6:1a:a2:ab:df:8d:4c:24:8f:d3:
8e:81:09:9b:b4:bb:44:3c:b6:21:d7:a3:df:e3:00:
2e:18:ba:b7:dd:8f:ea:1f:d8:66:cc:c4:4b:25:6f:
e8:b4:a2:7f:c5:a9:44:0a:f7:2f:62:2c:fe:b6:de:
0e:39:dc:93:e9:f5:9f:08:c9:ae:8b:e6:99:98:55:
7d:5e:6b:75:39:aa:e3:c7:a0:65:46:20:20:12:cd:
31:a8:eb:50:bb:7c:e7:40:09:4b:d4:dd:cd:09:0f:
c3:d3:1c:80:8b:d4:2d:9d:27:c8:bb:cc:1a:ba:37:
62:08:b6:12:da:f2:d5:77:52:7f:7d:55:a1:26:08:
81:8c:45:6c:94:f7:96:f7:b7:d4:01:70:c8:4b:aa:
26:ad:4b:7b:f5:65:89:60:53:16:de:d1:4f:0f:19:
be:78:29:20:72:a8:84:a7:7d:d9:6e:f8:74:42:d7:
47:5a:09:c3:a6:5f:19:2a:ff:83:d4:74:7b:c9:60:
22:b8:f3:4b:ae:19:07:35:78:65:58:73:cc:0a:60:
a0:2e:e0:af:4b:ee:50:e3:2c:7c:07:7c:18:43:cc:
98:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5A:C7:9E:4D:69:4E:6B:CB:C7:C0:00:2D:E4:EC:28:5A:E1:76:8F
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/hVrHnk1pTmvLx8AALeTsKFrhdo8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.196.152.0/21
Signature Algorithm: sha256WithRSAEncryption
02:81:89:19:c2:a0:37:e8:68:fd:a6:4b:20:d2:d5:42:ac:5c:
ad:9c:06:15:33:bb:65:04:90:06:f6:38:90:42:ec:df:bd:1b:
75:bb:a8:62:27:a4:62:36:8c:40:56:2a:82:6b:5a:8c:c5:fa:
37:e2:9c:89:e4:b1:35:c0:eb:49:f8:39:98:b3:30:66:a6:38:
f0:07:e8:7e:5f:47:ae:c5:fc:0a:3c:8c:aa:12:2f:d4:8a:ca:
c4:ed:77:67:39:c1:b4:59:a7:d6:6c:89:00:c4:a0:cc:2b:d8:
ea:8b:a6:42:0c:ab:77:2b:70:fd:ac:e6:ae:2f:fa:fe:7f:bd:
7a:a8:2c:07:bc:9a:e6:77:b3:7c:96:fa:f5:ed:ea:e7:0c:b0:
2a:f2:dd:5e:ff:8f:ea:3c:ae:77:ae:53:6d:90:3b:28:1d:e5:
21:71:69:f9:99:b7:3a:a6:c1:40:0b:63:42:04:ed:2a:57:7a:
9b:d2:e9:d5:75:72:66:a2:0f:62:d6:8c:a1:29:3b:55:4e:ec:
b3:c9:8f:8a:59:59:7b:d1:e2:63:ca:b1:46:0f:8f:64:b3:e7:
28:a9:ab:fd:39:fd:d5:83:21:d4:20:7c:12:85:34:ea:9b:d4:
31:67:f6:8f:03:87:65:c5:52:00:50:69:d3:50:ce:32:89:60:
03:61:10:e1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzNDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg1NUFDNzlFNEQ2OTRF
NkJDQkM3QzAwMDJERTRFQzI4NUFFMTc2OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBFidVTnCSZ7cgsyZ5aDm+xM6bh2oQ35/RFSl6RUoxsxx7phqi
q9+NTCSP046BCZu0u0Q8tiHXo9/jAC4Yurfdj+of2GbMxEslb+i0on/FqUQK9y9i
LP623g453JPp9Z8Iya6L5pmYVX1ea3U5quPHoGVGICASzTGo61C7fOdACUvU3c0J
D8PTHICL1C2dJ8i7zBq6N2IIthLa8tV3Un99VaEmCIGMRWyU95b3t9QBcMhLqiat
S3v1ZYlgUxbe0U8PGb54KSByqISnfdlu+HRC10daCcOmXxkq/4PUdHvJYCK480uu
GQc1eGVYc8wKYKAu4K9L7lDjLHwHfBhDzJidAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhVrHnk1pTmvLx8AALeTsKFrhdo8wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvaFZySG5rMXBUbXZMeDhBQUxlVHNL
RnJoZG84LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3HEmDAN
BgkqhkiG9w0BAQsFAAOCAQEAAoGJGcKgN+ho/aZLINLVQqxcrZwGFTO7ZQSQBvY4
kELs370bdbuoYiekYjaMQFYqgmtajMX6N+KcieSxNcDrSfg5mLMwZqY48Afofl9H
rsX8CjyMqhIv1IrKxO13ZznBtFmn1myJAMSgzCvY6oumQgyrdytw/azmri/6/n+9
eqgsB7ya5nezfJb69e3q5wywKvLdXv+P6jyud65TbZA7KB3lIXFp+Zm3OqbBQAtj
QgTtKld6m9Lp1XVyZqIPYtaMoSk7VU7ss8mPillZe9HiY8qxRg+PZLPnKKmr/Tn9
1YMh1CB8EoU06pvUMWf2jwOHZcVSAFBp01DOMolgA2EQ4Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:00 2023 by rpki-client on console-ams.rpki-client.org