Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/iczDc-rVsXhnm3470fmn7T-hoc0.roa
File: iczDc-rVsXhnm3470fmn7T-hoc0.roa (raw, json)
Hash identifier: AoMe8bDF7LjHxOCyIWj2xolPEy0Dsj8vyDV2iESbxsY=
Subject key identifier: 89:CC:C3:73:EA:D5:B1:78:67:9B:7E:3B:D1:F9:A7:ED:3F:A1:A1:CD
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0BB0
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/iczDc-rVsXhnm3470fmn7T-hoc0.roa
Signing time: Sun 07 Feb 2021 06:30:06 +0000
ROA not before: Sun 07 Feb 2021 06:30:06 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4780
IP address blocks: 112.104.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2992 (0xbb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 06:30:06 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=89CCC373EAD5B178679B7E3BD1F9A7ED3FA1A1CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:34:ca:04:ca:47:7d:c7:7e:6f:e5:37:10:3a:
bc:41:33:91:9d:f7:ae:76:6f:d2:19:1a:e9:db:64:
43:f6:51:ad:a4:eb:f3:99:22:6c:74:14:c8:72:cc:
31:0d:95:8a:a1:84:69:53:8b:54:37:d5:f4:62:35:
60:24:ba:41:75:7d:47:15:f9:fe:65:b9:25:3c:5f:
c0:08:27:20:86:ac:04:af:1d:d1:be:4d:fa:47:2c:
75:da:00:12:32:09:42:c6:40:d1:ff:8c:30:4b:6a:
47:87:f1:1b:b5:99:fe:eb:5e:e0:e9:4f:5a:ad:02:
01:18:70:b0:2c:4a:2e:2b:fa:d2:81:43:8a:b4:d8:
47:98:52:c4:d0:57:69:37:47:32:2b:5b:f0:a8:29:
d2:18:9b:50:54:2b:fa:df:16:be:0d:db:83:a1:d2:
06:0a:f8:8a:ca:80:1b:ab:88:0e:7e:73:ec:0d:cc:
e8:db:bd:96:d6:a3:20:d6:4b:e2:f2:72:f5:25:76:
ad:ac:7d:3f:0c:4b:12:b7:0e:18:07:49:0a:89:d5:
3a:6a:2d:fb:c5:e9:9d:8f:d0:c9:10:7e:f7:0d:a5:
a3:ad:cb:c9:f8:24:68:1d:fb:8a:b3:7f:1c:c7:b2:
5e:7a:f9:c0:98:e8:a6:a4:b0:a4:2b:c2:c5:23:a4:
e2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CC:C3:73:EA:D5:B1:78:67:9B:7E:3B:D1:F9:A7:ED:3F:A1:A1:CD
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/iczDc-rVsXhnm3470fmn7T-hoc0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.104.0.0/15
Signature Algorithm: sha256WithRSAEncryption
32:92:aa:b0:e2:26:e9:0e:3a:66:e6:4b:f2:0d:93:ce:c9:a2:
73:09:3a:f0:b6:aa:e0:25:41:a6:db:d3:a6:4c:10:1e:d7:e3:
9a:f8:c5:70:8f:02:61:cb:df:dd:57:3f:2c:c5:5f:86:a6:52:
72:6d:65:1c:f8:3f:6d:df:ff:26:03:9d:e5:22:b9:58:14:ec:
6a:e2:c5:ad:da:78:4c:67:89:4d:b9:7f:f2:49:b0:35:65:f3:
8e:d0:3b:04:6f:71:a2:90:c6:42:40:f4:88:7d:25:30:a3:1d:
20:10:78:30:11:2f:50:80:18:06:4d:52:27:25:49:86:74:24:
d0:45:66:49:2a:58:bd:e1:86:07:c6:f9:6f:38:e0:fb:52:7f:
b4:1f:57:92:16:04:1f:ed:34:83:08:21:b9:05:0f:09:b0:03:
c5:02:88:ab:2f:5a:60:08:89:54:07:d8:1a:12:95:75:2f:48:
88:82:ad:e0:82:ca:13:7f:67:d3:0e:51:ad:16:5b:e3:a7:f1:
87:86:a5:30:fd:f0:1f:5f:e7:92:31:6e:04:74:df:5b:2b:96:
57:c8:6d:50:d9:5a:e3:66:69:f9:55:71:cf:ea:fe:33:82:44:
c5:13:9a:6e:1d:07:e0:2e:e9:d4:e9:14:86:d1:38:79:41:6c:
86:b6:0f:29
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICC7AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcw
NjMwMDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg5Q0NDMzczRUFENUIx
Nzg2NzlCN0UzQkQxRjlBN0VEM0ZBMUExQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVNMoEykd9x35v5TcQOrxBM5Gd9652b9IZGunbZEP2Ua2k6/OZ
Imx0FMhyzDENlYqhhGlTi1Q31fRiNWAkukF1fUcV+f5luSU8X8AIJyCGrASvHdG+
TfpHLHXaABIyCULGQNH/jDBLakeH8Ru1mf7rXuDpT1qtAgEYcLAsSi4r+tKBQ4q0
2EeYUsTQV2k3RzIrW/CoKdIYm1BUK/rfFr4N24Oh0gYK+IrKgBuriA5+c+wNzOjb
vZbWoyDWS+LycvUldq2sfT8MSxK3DhgHSQqJ1TpqLfvF6Z2P0MkQfvcNpaOty8n4
JGgd+4qzfxzHsl56+cCY6KaksKQrwsUjpOJVAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUiczDc+rVsXhnm3470fmn7T+hoc0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvaWN6RGMtclZzWGhubTM0NzBmbW43
VC1ob2MwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAXBoMA0G
CSqGSIb3DQEBCwUAA4IBAQAykqqw4ibpDjpm5kvyDZPOyaJzCTrwtqrgJUGm29Om
TBAe1+Oa+MVwjwJhy9/dVz8sxV+GplJybWUc+D9t3/8mA53lIrlYFOxq4sWt2nhM
Z4lNuX/ySbA1ZfOO0DsEb3GikMZCQPSIfSUwox0gEHgwES9QgBgGTVInJUmGdCTQ
RWZJKli94YYHxvlvOOD7Un+0H1eSFgQf7TSDCCG5BQ8JsAPFAoirL1pgCIlUB9ga
EpV1L0iIgq3ggsoTf2fTDlGtFlvjp/GHhqUw/fAfX+eSMW4EdN9bK5ZXyG1Q2Vrj
Zmn5VXHP6v4zgkTFE5puHQfgLunU6RSG0Th5QWyGtg8p
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:12 2023 by rpki-client on console-fra.rpki-client.org