Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/oc36vThVsNLMWsRbE8kuFTwrvEs.roa
File: oc36vThVsNLMWsRbE8kuFTwrvEs.roa (raw, json)
Hash identifier: NePd4BHCdZlZHxoHXYLkG/w+6/nMqAO2Q4fqGgv44AE=
Subject key identifier: A1:CD:FA:BD:38:55:B0:D2:CC:5A:C4:5B:13:C9:2E:15:3C:2B:BC:4B
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0ECE
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/oc36vThVsNLMWsRbE8kuFTwrvEs.roa
Signing time: Wed 29 Sep 2021 02:44:00 +0000
ROA not before: Wed 29 Sep 2021 02:44:00 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 136543
IP address blocks: 115.30.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3790 (0xece)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:44:00 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A1CDFABD3855B0D2CC5AC45B13C92E153C2BBC4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:26:a2:63:b0:73:0e:71:31:4f:eb:23:ed:
b3:11:d1:10:8a:fc:2f:aa:6d:2d:65:11:e7:67:93:
b4:9d:b3:c6:59:04:49:4c:a3:64:c4:e2:9e:67:39:
16:a1:34:78:3a:19:ae:5f:ba:a9:b9:b7:d3:1d:4c:
47:46:06:32:e3:c3:72:16:16:df:b5:66:c7:76:96:
33:8d:6e:21:e7:cb:0d:2d:c9:83:3a:40:e9:0a:69:
a9:d8:c9:b7:39:ad:a4:cd:dd:1f:d5:c4:d9:62:46:
3f:69:c0:ff:3c:32:8b:f7:86:a3:c2:85:3d:31:99:
b8:9a:52:d0:d9:95:dc:2e:b4:6c:e5:f6:64:e4:e8:
35:b2:56:a5:df:93:75:16:27:2f:83:a3:07:ff:d3:
68:8e:fc:bc:ad:6f:a8:b9:71:81:6b:5a:90:1f:1b:
f7:78:a0:fb:6b:43:cb:76:15:6f:e2:be:fa:c5:22:
33:39:77:07:bb:fe:c9:5c:0d:24:f1:04:78:b5:b1:
dc:ac:ce:81:c3:01:2b:42:6d:84:80:19:f0:f1:f1:
e9:f6:a1:d5:95:21:24:2c:e5:c2:7d:19:62:76:35:
b0:a1:da:72:d8:6f:c1:58:5f:92:ae:2e:a5:2d:a0:
3c:59:bc:ca:6f:c9:19:c3:9a:86:64:b3:e6:02:bd:
53:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CD:FA:BD:38:55:B0:D2:CC:5A:C4:5B:13:C9:2E:15:3C:2B:BC:4B
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/oc36vThVsNLMWsRbE8kuFTwrvEs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.30.65.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:94:38:bd:0d:f5:76:60:fd:cc:5a:15:f5:1e:29:7e:14:4a:
2e:ea:9e:57:6f:4f:1c:65:ca:7f:a6:e3:05:25:dd:c9:e1:dc:
51:81:3f:d1:af:41:ea:34:ee:6f:3e:62:7c:0d:60:15:b3:7f:
e3:a2:c0:34:f8:16:29:e0:d9:31:6d:c3:d9:ac:a9:d3:f8:b0:
81:47:a0:44:a7:63:f1:43:8d:d8:39:cc:ee:7d:ba:8f:46:f6:
6f:b8:f9:3f:8b:0e:78:3e:ac:e7:0e:ab:81:6c:25:7e:36:5e:
22:31:80:18:aa:f4:90:42:76:3c:de:3b:1b:dd:91:93:2a:f8:
b3:74:fd:f7:6b:fa:cd:4e:a3:bf:65:01:2f:61:67:b4:e5:80:
fa:c1:0f:e6:93:4a:1c:fd:d1:9d:8f:68:ac:03:ce:c2:58:38:
d1:a0:7d:23:07:2d:03:b0:84:0d:c6:1c:b5:49:5b:d6:63:89:
9f:7c:b9:b0:af:8e:d0:4d:e6:ce:a1:0f:bd:9e:63:2b:24:ca:
0c:2d:1c:c1:32:95:51:1d:86:2e:e0:7a:6c:49:56:a6:7e:fa:
db:67:5e:3e:a5:d1:2d:01:26:43:ec:46:8d:12:0b:3d:fa:ea:
fc:d8:6b:d3:8f:b7:c7:fc:94:98:a2:21:d3:96:97:5e:1a:03:
5d:45:29:24
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDs4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQ0MDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEExQ0RGQUJEMzg1NUIw
RDJDQzVBQzQ1QjEzQzkyRTE1M0MyQkJDNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4UyaiY7BzDnExT+sj7bMR0RCK/C+qbS1lEednk7Sds8ZZBElM
o2TE4p5nORahNHg6Ga5fuqm5t9MdTEdGBjLjw3IWFt+1Zsd2ljONbiHnyw0tyYM6
QOkKaanYybc5raTN3R/VxNliRj9pwP88Mov3hqPChT0xmbiaUtDZldwutGzl9mTk
6DWyVqXfk3UWJy+Dowf/02iO/Lytb6i5cYFrWpAfG/d4oPtrQ8t2FW/ivvrFIjM5
dwe7/slcDSTxBHi1sdyszoHDAStCbYSAGfDx8en2odWVISQs5cJ9GWJ2NbCh2nLY
b8FYX5KuLqUtoDxZvMpvyRnDmoZks+YCvVM3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUoc36vThVsNLMWsRbE8kuFTwrvEswHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvb2MzNnZUaFZzTkxNV3NSYkU4a3VG
VHdydkVzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHMeQTAN
BgkqhkiG9w0BAQsFAAOCAQEAS5Q4vQ31dmD9zFoV9R4pfhRKLuqeV29PHGXKf6bj
BSXdyeHcUYE/0a9B6jTubz5ifA1gFbN/46LANPgWKeDZMW3D2ayp0/iwgUegRKdj
8UON2DnM7n26j0b2b7j5P4sOeD6s5w6rgWwlfjZeIjGAGKr0kEJ2PN47G92Rkyr4
s3T992v6zU6jv2UBL2FntOWA+sEP5pNKHP3RnY9orAPOwlg40aB9IwctA7CEDcYc
tUlb1mOJn3y5sK+O0E3mzqEPvZ5jKyTKDC0cwTKVUR2GLuB6bElWpn7622dePqXR
LQEmQ+xGjRILPfrq/Nhr04+3x/yUmKIh05aXXhoDXUUpJA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:01 2023 by rpki-client on console-ams.rpki-client.org