Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/hq8GAspr5YbCIFG_ahPkPFi0nEA.roa
File: hq8GAspr5YbCIFG_ahPkPFi0nEA.roa (raw, json)
Hash identifier: K1UopqZ1JY1vCfnFpjloGyUqu7m5qjejhNRwCYMgUcg=
Subject key identifier: 86:AF:06:02:CA:6B:E5:86:C2:20:51:BF:6A:13:E4:3C:58:B4:9C:40
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E20
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/hq8GAspr5YbCIFG_ahPkPFi0nEA.roa
Signing time: Wed 29 Sep 2021 02:43:13 +0000
ROA not before: Wed 29 Sep 2021 02:43:13 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9919
IP address blocks: 203.70.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3616 (0xe20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:13 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=86AF0602CA6BE586C22051BF6A13E43C58B49C40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:7f:e5:0f:db:4a:c3:d4:a2:ff:ea:3b:80:9f:
88:56:0b:7c:b2:ba:6d:b9:ca:6b:7a:23:8d:85:51:
11:73:72:1e:d2:5a:b6:98:9f:3f:3e:29:cb:48:19:
9b:b0:cc:09:d7:ac:ed:fa:6d:b3:45:83:99:90:c1:
f9:ef:2d:cf:41:9b:89:e9:f8:17:64:f2:51:77:e9:
6a:d5:12:5e:08:68:ee:87:f8:61:66:06:a8:e3:a5:
56:9c:47:cd:0c:0a:37:1e:e4:e3:71:ea:6a:34:4c:
3c:ea:9e:bd:47:33:30:c6:6d:26:df:1d:41:f1:51:
b8:c5:7a:c5:bf:a3:b7:c5:6e:1f:ed:ab:1b:64:46:
2a:be:7a:ae:60:e9:05:7a:2e:96:af:00:a7:70:1d:
7b:b6:35:4c:09:9e:f7:ce:ed:b4:4e:15:bb:99:84:
02:03:61:6f:38:3f:99:3b:56:74:cd:87:56:a6:38:
31:83:2a:64:b6:ea:97:dd:cb:79:e8:14:44:00:60:
35:93:ed:d1:cf:38:5a:7a:fe:4d:46:1c:d5:35:0b:
23:a9:55:d6:de:bc:f5:11:1d:6f:f5:22:55:59:85:
bb:81:2b:24:c6:46:a4:24:74:82:32:f3:ff:72:fd:
61:67:fe:ab:ef:6c:90:bb:e6:2f:10:0b:0b:74:df:
5f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AF:06:02:CA:6B:E5:86:C2:20:51:BF:6A:13:E4:3C:58:B4:9C:40
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/hq8GAspr5YbCIFG_ahPkPFi0nEA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:bc:65:00:e3:5b:ef:b8:38:86:da:c0:93:e4:8c:09:8e:59:
43:b6:21:ba:1a:41:f9:aa:aa:c1:ac:30:61:11:d5:2b:28:27:
93:b7:6e:73:f3:82:4c:72:52:83:67:47:f6:bd:96:24:c0:33:
71:ab:3e:8f:04:2a:4f:1c:fc:eb:42:b9:7e:79:59:58:61:4c:
55:a5:83:ae:29:a4:ec:f9:99:08:27:55:a9:f7:2a:f4:0b:4e:
0e:77:4e:5e:d0:d3:92:4a:19:62:b5:45:b9:23:f2:34:dd:b4:
f0:7c:6c:d6:70:5c:39:8e:05:7c:cc:42:33:d2:57:06:a2:42:
91:8f:88:5e:63:46:a3:8f:91:e7:b4:17:1c:96:15:a0:ee:3b:
63:cc:d1:77:62:21:a9:44:65:20:23:04:76:85:1e:ad:f6:18:
48:60:ff:3f:bc:40:d7:66:86:2e:5d:8b:80:31:e8:43:0a:5a:
7b:d3:35:6b:f5:f9:3a:0b:ea:4e:53:0d:b6:6e:4c:0e:5a:b6:
e8:56:4c:b8:1e:69:4b:f9:70:7a:f2:0a:98:bf:9d:be:b9:bc:
7b:f6:96:1e:0d:00:c5:f8:7e:fd:f2:b1:e9:24:76:32:a1:a2:
a0:34:94:70:fd:c1:cc:2b:e6:43:eb:4e:00:c3:05:3d:ac:a1:
e0:39:d2:4d
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMTNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg2QUYwNjAyQ0E2QkU1
ODZDMjIwNTFCRjZBMTNFNDNDNThCNDlDNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsf+UP20rD1KL/6juAn4hWC3yyum25ymt6I42FURFzch7SWraY
nz8+KctIGZuwzAnXrO36bbNFg5mQwfnvLc9Bm4np+Bdk8lF36WrVEl4IaO6H+GFm
BqjjpVacR80MCjce5ONx6mo0TDzqnr1HMzDGbSbfHUHxUbjFesW/o7fFbh/tqxtk
Riq+eq5g6QV6LpavAKdwHXu2NUwJnvfO7bROFbuZhAIDYW84P5k7VnTNh1amODGD
KmS26pfdy3noFEQAYDWT7dHPOFp6/k1GHNU1CyOpVdbevPURHW/1IlVZhbuBKyTG
RqQkdIIy8/9y/WFn/qvvbJC75i8QCwt031/LAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUhq8GAspr5YbCIFG/ahPkPFi0nEAwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvaHE4R0FzcHI1WWJDSUZHX2FoUGtQ
RmkwbkVBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMtGMA0G
CSqGSIb3DQEBCwUAA4IBAQCavGUA41vvuDiG2sCT5IwJjllDtiG6GkH5qqrBrDBh
EdUrKCeTt25z84JMclKDZ0f2vZYkwDNxqz6PBCpPHPzrQrl+eVlYYUxVpYOuKaTs
+ZkIJ1Wp9yr0C04Od05e0NOSShlitUW5I/I03bTwfGzWcFw5jgV8zEIz0lcGokKR
j4heY0ajj5HntBcclhWg7jtjzNF3YiGpRGUgIwR2hR6t9hhIYP8/vEDXZoYuXYuA
MehDClp70zVr9fk6C+pOUw22bkwOWrboVky4HmlL+XB68gqYv52+ubx79pYeDQDF
+H798rHpJHYyoaKgNJRw/cHMK+ZD604AwwU9rKHgOdJN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:00 2023 by rpki-client on console-ams.rpki-client.org