Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/mrbqHa0xVE9USCAWm1_Lz4OIrI0.roa
File: mrbqHa0xVE9USCAWm1_Lz4OIrI0.roa (raw, json)
Hash identifier: xEN1xxcCI3niccXO87NgTn8vkRF0cTs4Rxec+mgBzME=
Subject key identifier: 9A:B6:EA:1D:AD:31:54:4F:54:48:20:16:9B:5F:CB:CF:83:88:AC:8D
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 08BD
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/mrbqHa0xVE9USCAWm1_Lz4OIrI0.roa
Signing time: Tue 29 Sep 2020 09:52:23 +0000
ROA not before: Tue 29 Sep 2020 09:52:23 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131627
IP address blocks: 220.229.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2237 (0x8bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 09:52:23 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=9AB6EA1DAD31544F544820169B5FCBCF8388AC8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:3a:c5:b2:86:e9:54:f3:43:dc:26:bc:62:
ec:a7:05:8d:ce:ae:0b:22:42:36:5e:fb:47:ba:46:
2b:38:cc:52:74:48:97:66:9a:dd:36:9b:a1:7a:db:
55:27:c1:f3:06:19:a9:df:b2:50:a5:7e:c5:0e:9f:
12:a0:e2:c7:87:42:32:b4:4c:6e:c7:c2:21:4c:2b:
bc:8a:be:e5:d7:3b:25:cd:62:29:1f:f4:a3:73:c2:
86:32:ef:71:d4:05:3b:16:0d:ca:e9:65:c2:96:aa:
fd:53:08:26:8a:0a:29:0b:b9:5a:ad:01:5c:1e:f9:
4e:8c:9d:0f:ac:54:39:27:54:12:6e:9a:9d:cd:12:
24:20:30:4a:38:2e:19:7e:1d:de:59:0e:f2:84:eb:
d5:2f:2d:9c:c1:ff:1a:c1:48:fd:a2:94:c5:61:47:
55:d9:38:a5:d4:a9:6d:dc:ad:50:ef:6e:7e:bd:a9:
5d:28:c7:2a:c3:a0:ec:24:e0:6d:d8:c2:f7:50:c4:
b2:88:c1:9b:5b:e5:e1:28:71:f3:28:16:86:07:0d:
c0:b0:13:b1:48:9d:57:4a:19:b3:53:b5:43:fd:08:
e6:dd:e1:94:35:83:e2:73:7d:53:0c:86:95:4b:d4:
4f:f6:e8:e0:2e:b1:46:b8:51:0c:ac:c6:da:48:21:
a9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B6:EA:1D:AD:31:54:4F:54:48:20:16:9B:5F:CB:CF:83:88:AC:8D
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/mrbqHa0xVE9USCAWm1_Lz4OIrI0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.68.0/22
Signature Algorithm: sha256WithRSAEncryption
80:32:a7:3e:37:10:64:0c:85:17:f7:49:f8:3b:c4:82:6e:64:
0a:02:bd:d5:35:29:0a:16:ea:7a:f1:13:03:99:3a:70:66:fb:
14:a6:8c:b3:71:1a:f2:0d:8e:38:8d:0f:21:fd:e1:3e:15:e6:
69:ca:2f:35:8e:82:0c:f5:39:97:9e:6d:46:cb:44:02:06:0f:
f5:cb:b3:1b:d0:46:d0:8d:26:39:c4:70:78:06:70:36:30:05:
38:e9:fa:16:86:e3:a7:aa:7f:bb:60:19:1c:ab:4f:fc:a9:f6:
81:17:a8:08:05:08:b0:00:e4:4c:f8:62:d7:28:06:76:6a:78:
26:b5:8b:17:ee:04:20:33:2b:d7:26:bf:b0:cc:da:4c:33:eb:
de:45:4f:a4:ed:d3:f9:d8:be:51:34:b8:cb:32:b8:7d:c8:bf:
71:9e:82:e4:b6:c3:7e:f8:86:54:77:6b:db:ba:d5:c2:e3:14:
13:c2:54:09:b9:39:67:c2:b7:e2:da:f0:37:96:cc:31:d7:cc:
67:14:c0:33:a2:f2:82:c4:fe:28:37:f3:76:f6:80:3d:7c:f1:
42:87:3a:c3:3f:16:3e:c8:4a:91:8c:6c:b9:24:c3:d4:5e:15:
ba:10:27:30:f8:a4:bf:2d:52:9e:f7:81:3b:74:18:97:3b:23:
a7:93:5d:bf
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMDA5Mjkw
OTUyMjNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlBQjZFQTFEQUQzMTU0
NEY1NDQ4MjAxNjlCNUZDQkNGODM4OEFDOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2UjrFsobpVPND3Ca8YuynBY3OrgsiQjZe+0e6Ris4zFJ0SJdm
mt02m6F621UnwfMGGanfslClfsUOnxKg4seHQjK0TG7HwiFMK7yKvuXXOyXNYikf
9KNzwoYy73HUBTsWDcrpZcKWqv1TCCaKCikLuVqtAVwe+U6MnQ+sVDknVBJump3N
EiQgMEo4Lhl+Hd5ZDvKE69UvLZzB/xrBSP2ilMVhR1XZOKXUqW3crVDvbn69qV0o
xyrDoOwk4G3YwvdQxLKIwZtb5eEocfMoFoYHDcCwE7FInVdKGbNTtUP9CObd4ZQ1
g+JzfVMMhpVL1E/26OAusUa4UQysxtpIIanNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUmrbqHa0xVE9USCAWm1/Lz4OIrI0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbXJicUhhMHhWRTlVU0NBV20xX0x6
NE9JckkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtzlRDAN
BgkqhkiG9w0BAQsFAAOCAQEAgDKnPjcQZAyFF/dJ+DvEgm5kCgK91TUpChbqevET
A5k6cGb7FKaMs3Ea8g2OOI0PIf3hPhXmacovNY6CDPU5l55tRstEAgYP9cuzG9BG
0I0mOcRweAZwNjAFOOn6Fobjp6p/u2AZHKtP/Kn2gReoCAUIsADkTPhi1ygGdmp4
JrWLF+4EIDMr1ya/sMzaTDPr3kVPpO3T+di+UTS4yzK4fci/cZ6C5LbDfviGVHdr
27rVwuMUE8JUCbk5Z8K34trwN5bMMdfMZxTAM6LygsT+KDfzdvaAPXzxQoc6wz8W
PshKkYxsuSTD1F4VuhAnMPikvy1SnveBO3QYlzsjp5Ndvw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:01 2023 by rpki-client on console-ams.rpki-client.org