Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/nULZn8bYfh3tpwNWGXe6yxl2ikA.roa
File: nULZn8bYfh3tpwNWGXe6yxl2ikA.roa (raw, json)
Hash identifier: dQ1f/AjGtJ6bP9n+AJwsE8+wE8TC5bFb32ZoC4/BVI0=
Subject key identifier: 9D:42:D9:9F:C6:D8:7E:1D:ED:A7:03:56:19:77:BA:CB:19:76:8A:40
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E90
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nULZn8bYfh3tpwNWGXe6yxl2ikA.roa
Signing time: Wed 29 Sep 2021 02:43:44 +0000
ROA not before: Wed 29 Sep 2021 02:43:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 220.229.66.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3728 (0xe90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9D42D99FC6D87E1DEDA703561977BACB19768A40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a8:15:14:42:98:66:61:ff:78:60:5b:42:2d:
9b:3a:03:20:fc:53:82:64:4b:21:df:91:08:fc:3d:
ac:97:63:22:83:c4:55:87:5b:97:4e:96:0e:08:2e:
57:2f:b5:3b:f2:86:34:27:38:46:6b:19:3c:52:a8:
8b:c1:36:bc:fd:4a:c4:59:39:32:d0:fd:07:cd:86:
6f:2c:77:cb:19:a5:6e:b0:6e:b6:25:19:44:3c:92:
cc:2b:43:31:3c:48:f2:4d:51:0a:63:91:49:20:77:
4f:5d:b2:e4:d1:91:a5:97:63:d0:82:d2:d0:94:e2:
81:ea:27:ea:1b:9b:c4:e3:a5:a4:4b:fb:14:bb:99:
02:86:81:c0:fa:82:73:c2:ce:3d:32:dc:14:5a:23:
4f:aa:88:22:4f:db:dd:83:04:6a:91:50:17:21:95:
a7:0c:1e:1e:4c:d0:7f:24:7e:ef:a9:3c:f7:32:db:
26:18:4d:74:69:56:c6:b2:a0:32:ff:3c:78:57:00:
88:92:e6:de:60:48:4e:01:87:b1:14:42:1b:eb:be:
9f:d7:e6:8b:72:e9:26:d3:a9:cf:8f:3d:cf:e9:58:
01:0e:7b:92:36:e0:5b:02:e6:e9:a1:22:1d:73:96:
12:5a:85:8e:6e:e7:42:55:a4:0c:0a:6f:62:a3:49:
83:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:42:D9:9F:C6:D8:7E:1D:ED:A7:03:56:19:77:BA:CB:19:76:8A:40
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nULZn8bYfh3tpwNWGXe6yxl2ikA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.66.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:cd:9b:8a:a9:01:0a:df:33:38:16:5d:12:5c:36:41:2e:bc:
f6:e9:7e:72:92:bf:cc:65:76:64:cf:63:35:37:69:0f:52:7f:
46:8f:d7:42:a5:f1:6e:06:5a:04:58:4f:e7:fb:b1:ac:41:e5:
fc:58:52:f7:c3:3f:f3:bc:ac:35:d5:ca:a1:b0:e7:88:54:c0:
c6:fa:8f:31:f4:f1:86:22:ae:4c:0b:31:ad:9e:e0:79:55:d8:
d5:20:b2:9b:0c:eb:00:43:1d:af:08:40:ff:b9:a8:11:5e:d3:
53:91:35:a6:5a:86:0f:66:59:ec:86:71:47:38:71:1b:ff:19:
10:d6:ec:e2:1b:45:dc:fd:ed:63:cd:a0:73:95:0b:03:67:9f:
43:d6:15:3e:54:d1:12:68:86:e6:5d:29:cb:d5:81:27:14:71:
60:56:de:36:39:d7:2f:c6:1e:dd:e6:66:83:e0:5f:5b:df:dd:
dc:1f:9b:17:8f:f6:29:3c:4e:27:ab:fe:f2:1a:86:46:b1:79:
93:0f:67:dd:2d:32:62:b7:23:6d:59:d5:ad:bd:70:ec:1e:d3:
9c:07:ac:3b:a3:cf:39:1f:4a:f7:2b:5b:71:ad:43:ad:27:f3:
6e:86:8d:9b:d8:46:b3:9a:b1:06:13:cf:b3:57:46:fc:80:2b:
4e:37:3b:c4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzNDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlENDJEOTlGQzZEODdF
MURFREE3MDM1NjE5NzdCQUNCMTk3NjhBNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNqBUUQphmYf94YFtCLZs6AyD8U4JkSyHfkQj8PayXYyKDxFWH
W5dOlg4ILlcvtTvyhjQnOEZrGTxSqIvBNrz9SsRZOTLQ/QfNhm8sd8sZpW6wbrYl
GUQ8kswrQzE8SPJNUQpjkUkgd09dsuTRkaWXY9CC0tCU4oHqJ+obm8TjpaRL+xS7
mQKGgcD6gnPCzj0y3BRaI0+qiCJP292DBGqRUBchlacMHh5M0H8kfu+pPPcy2yYY
TXRpVsayoDL/PHhXAIiS5t5gSE4Bh7EUQhvrvp/X5oty6SbTqc+PPc/pWAEOe5I2
4FsC5umhIh1zlhJahY5u50JVpAwKb2KjSYPnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUnULZn8bYfh3tpwNWGXe6yxl2ikAwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvblVMWm44YllmaDN0cHdOV0dYZTZ5
eGwyaWtBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdzlQjAN
BgkqhkiG9w0BAQsFAAOCAQEADs2biqkBCt8zOBZdElw2QS689ul+cpK/zGV2ZM9j
NTdpD1J/Ro/XQqXxbgZaBFhP5/uxrEHl/FhS98M/87ysNdXKobDniFTAxvqPMfTx
hiKuTAsxrZ7geVXY1SCymwzrAEMdrwhA/7moEV7TU5E1plqGD2ZZ7IZxRzhxG/8Z
ENbs4htF3P3tY82gc5ULA2efQ9YVPlTREmiG5l0py9WBJxRxYFbeNjnXL8Ye3eZm
g+BfW9/d3B+bF4/2KTxOJ6v+8hqGRrF5kw9n3S0yYrcjbVnVrb1w7B7TnAesO6PP
OR9K9ytbca1DrSfzboaNm9hGs5qxBhPPs1dG/IArTjc7xA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:01 2023 by rpki-client on console-ams.rpki-client.org