Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/nQmaOgEXsYJOzBpryxXh93dCaFg.roa
File: nQmaOgEXsYJOzBpryxXh93dCaFg.roa (raw, json)
Hash identifier: icENUITv7YN3GFUrkvDey+Qp34r8tmU/bS+0iyyAXeE=
Subject key identifier: 9D:09:9A:3A:01:17:B1:82:4E:CC:1A:6B:CB:15:E1:F7:77:42:68:58
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0B7D
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nQmaOgEXsYJOzBpryxXh93dCaFg.roa
Signing time: Wed 29 Sep 2021 02:44:15 +0000
ROA not before: Wed 29 Sep 2021 02:44:15 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4780
IP address blocks: 192.72.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2941 (0xb7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Sep 29 02:44:15 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9D099A3A0117B1824ECC1A6BCB15E1F777426858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:77:b2:84:f9:b3:f6:f3:72:c4:9e:fd:30:67:
0c:89:eb:ac:78:6c:c2:19:63:b1:ac:38:d5:78:a8:
0e:a5:76:93:a9:96:de:bc:ce:77:eb:bc:f5:1e:ae:
27:e2:4a:ba:9d:8e:15:2a:fa:d2:48:fb:cc:89:65:
54:56:5d:cf:1a:eb:1e:7d:70:d7:6b:e5:15:52:74:
30:8f:29:c0:4c:5b:9d:7e:05:d2:42:49:73:5e:ff:
a5:74:a5:bf:28:d7:0d:bb:81:85:f5:a6:15:4a:8e:
35:76:65:70:4e:20:c9:73:56:1f:ca:de:9a:8b:6e:
2f:e8:b6:28:10:b5:40:88:b0:b9:27:33:fa:6f:71:
4e:fd:d0:44:64:3e:f4:d2:f0:02:61:e1:54:33:e2:
7f:62:98:44:f9:0c:6a:8b:68:96:ea:09:23:0b:3b:
ee:0b:b1:a3:64:51:94:a2:6c:5c:94:4d:7c:84:f6:
dd:7c:14:28:8f:38:55:a4:f9:05:fa:50:91:de:13:
7f:00:41:60:42:fb:c3:5c:bb:f4:3c:21:92:ec:bf:
01:d1:99:9d:ef:f4:42:51:31:5e:6b:fe:cf:16:40:
1a:ca:d1:1d:65:c5:6a:d2:cf:cc:cb:48:c5:56:08:
91:e0:90:c6:a2:53:8d:69:f9:70:da:0a:50:43:90:
48:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:09:9A:3A:01:17:B1:82:4E:CC:1A:6B:CB:15:E1:F7:77:42:68:58
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nQmaOgEXsYJOzBpryxXh93dCaFg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.128.0/18
Signature Algorithm: sha256WithRSAEncryption
13:38:fb:a0:2f:34:90:96:c7:aa:60:00:96:2d:df:4d:83:53:
3f:07:42:ae:45:31:1a:a9:29:78:06:08:83:ac:92:1c:b6:91:
db:ed:26:92:ba:85:26:bc:64:0e:fb:75:69:83:7b:b1:b4:1b:
1d:30:99:26:7a:d0:da:8a:9b:fa:40:6f:8c:48:bd:f6:fb:0e:
bd:67:fe:e8:e0:12:61:33:20:83:28:21:65:c3:3b:ec:a3:f3:
a0:e1:6f:90:46:d6:49:16:08:f5:eb:b5:bc:2e:22:ce:90:e1:
d5:99:30:67:7e:60:5a:4a:ef:2c:a0:b2:5f:8c:38:cc:f8:e3:
22:c4:62:e1:7b:ec:9d:b7:b2:a0:67:51:51:1e:f1:f3:e7:00:
10:2a:a7:77:aa:d7:96:3d:9f:15:85:17:80:91:05:08:6d:d7:
6d:8e:b8:e8:9b:ce:69:22:62:f3:ac:e5:d2:77:8d:c7:18:d9:
1e:7a:a1:8b:83:4e:72:aa:77:ef:1d:b4:64:7b:0f:1a:e4:bf:
e3:08:f1:4f:e3:40:c2:93:c4:7a:c0:e6:62:61:0c:69:95:69:
1d:b0:e4:bc:cc:8e:4b:af:df:c1:eb:f6:15:65:c2:3e:02:fb:
0f:6a:07:c0:30:2a:37:5d:84:36:67:59:04:86:16:4f:db:9b:
9c:98:99:2c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC30wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMTA5Mjkw
MjQ0MTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlEMDk5QTNBMDExN0Ix
ODI0RUNDMUE2QkNCMTVFMUY3Nzc0MjY4NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjd7KE+bP283LEnv0wZwyJ66x4bMIZY7GsONV4qA6ldpOplt68
znfrvPUerifiSrqdjhUq+tJI+8yJZVRWXc8a6x59cNdr5RVSdDCPKcBMW51+BdJC
SXNe/6V0pb8o1w27gYX1phVKjjV2ZXBOIMlzVh/K3pqLbi/otigQtUCIsLknM/pv
cU790ERkPvTS8AJh4VQz4n9imET5DGqLaJbqCSMLO+4LsaNkUZSibFyUTXyE9t18
FCiPOFWk+QX6UJHeE38AQWBC+8Ncu/Q8IZLsvwHRmZ3v9EJRMV5r/s8WQBrK0R1l
xWrSz8zLSMVWCJHgkMaiU41p+XDaClBDkEjtAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUnQmaOgEXsYJOzBpryxXh93dCaFgwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvblFtYU9nRVhzWUpPekJwcnl4WGg5
M2RDYUZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBsBIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAEzj7oC80kJbHqmAAli3fTYNTPwdCrkUxGqkpeAYI
g6ySHLaR2+0mkrqFJrxkDvt1aYN7sbQbHTCZJnrQ2oqb+kBvjEi99vsOvWf+6OAS
YTMggyghZcM77KPzoOFvkEbWSRYI9eu1vC4izpDh1ZkwZ35gWkrvLKCyX4w4zPjj
IsRi4XvsnbeyoGdRUR7x8+cAECqnd6rXlj2fFYUXgJEFCG3XbY646JvOaSJi86zl
0neNxxjZHnqhi4NOcqp37x20ZHsPGuS/4wjxT+NAwpPEesDmYmEMaZVpHbDkvMyO
S6/fwev2FWXCPgL7D2oHwDAqN12ENmdZBIYWT9ubnJiZLA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:12 2023 by rpki-client on console-fra.rpki-client.org