Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/okSY4yRbxxpaUMqICf42ld-9jJo.roa
File: okSY4yRbxxpaUMqICf42ld-9jJo.roa (raw, json)
Hash identifier: abuwikzp4u1OhXwJX0FskVNumxvXghi9YgFI6VLIFmA=
Subject key identifier: A2:44:98:E3:24:5B:C7:1A:5A:50:CA:88:09:FE:36:95:DF:BD:8C:9A
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E42
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/okSY4yRbxxpaUMqICf42ld-9jJo.roa
Signing time: Wed 29 Sep 2021 02:43:22 +0000
ROA not before: Wed 29 Sep 2021 02:43:22 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 112.105.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3650 (0xe42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:22 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A24498E3245BC71A5A50CA8809FE3695DFBD8C9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:16:64:ce:ba:62:42:ad:c2:b7:7e:94:24:59:
22:2a:f1:55:90:b1:55:16:ee:76:5a:66:38:c9:d7:
a5:00:ce:95:64:a6:88:83:23:fe:cb:73:da:72:a9:
b5:5a:90:c2:0c:15:2c:b8:f0:4d:9b:e1:77:60:b1:
0d:39:7e:b4:c7:5e:6a:ee:ec:1e:ab:c6:98:6c:e0:
15:22:ac:7f:a9:b0:90:73:a0:70:c9:2a:e4:64:07:
8c:04:7b:86:83:eb:77:1c:6f:da:2a:32:3d:7f:7d:
bb:4f:1f:74:45:34:fd:f9:58:4f:d2:ef:fb:fd:f1:
b6:af:51:3c:6e:6e:a3:e0:00:80:b2:3d:19:f8:bc:
5a:1b:b1:8f:5d:24:df:20:94:ef:ba:8d:32:cb:6f:
8a:a0:3f:eb:5f:d9:5d:9f:55:87:87:ec:d7:d8:38:
cb:18:38:c0:b5:64:eb:54:11:0e:2f:67:45:2f:78:
99:6d:7d:cf:bf:75:70:ac:8c:4a:34:1e:87:66:17:
6e:19:98:e0:93:c8:7c:8f:51:f8:43:29:0d:6f:01:
f7:93:4f:1e:1a:6a:19:fa:fe:37:66:80:0b:e6:7e:
49:26:b0:39:15:a4:c0:7b:57:61:f0:3d:bd:df:76:
75:ed:4a:04:0e:69:83:13:27:87:b9:9f:68:fa:90:
7e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:44:98:E3:24:5B:C7:1A:5A:50:CA:88:09:FE:36:95:DF:BD:8C:9A
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/okSY4yRbxxpaUMqICf42ld-9jJo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.105.56.0/22
Signature Algorithm: sha256WithRSAEncryption
03:42:5d:ea:cd:11:7d:b9:a1:a8:2c:74:90:33:aa:3b:b6:95:
28:d2:00:e8:3e:57:cb:1d:50:9c:dc:fb:17:17:d4:09:a9:c0:
a8:06:b3:66:fe:b9:f6:91:7b:1d:b5:b4:0b:17:60:18:9a:a6:
51:1d:f9:a9:d6:d2:a6:c5:2e:14:31:9b:d3:3c:13:ff:06:a6:
a5:8e:87:17:b4:f6:7e:b8:07:bd:99:ee:31:3b:67:35:9a:ed:
ae:ab:47:a7:71:b8:dd:3e:4e:05:0e:c6:50:92:7e:3a:d8:bb:
c1:d6:57:5d:8f:61:c8:af:83:70:27:e8:6f:c8:db:2d:67:19:
65:08:1c:50:22:86:2e:e7:9f:74:6a:68:1a:ef:79:3b:ba:0a:
04:c4:82:26:73:6e:12:35:14:cf:a5:e5:fd:55:8f:f6:33:61:
66:aa:c4:92:c2:57:88:46:c7:39:df:43:a9:2e:b4:96:1a:28:
07:e9:0f:d6:44:b7:2e:73:d1:90:c5:29:6f:34:ff:3c:90:79:
5f:22:5d:6c:30:11:86:8d:fe:18:9c:19:c5:ec:7f:0f:20:90:
2c:07:18:9c:80:97:75:40:3d:d4:95:81:30:bb:c5:7d:43:44:
80:63:58:40:fa:4e:fb:e6:22:fc:c3:50:3e:41:8e:9a:f0:7f:
dc:96:4d:dd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMjJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEyNDQ5OEUzMjQ1QkM3
MUE1QTUwQ0E4ODA5RkUzNjk1REZCRDhDOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSFmTOumJCrcK3fpQkWSIq8VWQsVUW7nZaZjjJ16UAzpVkpoiD
I/7Lc9pyqbVakMIMFSy48E2b4XdgsQ05frTHXmru7B6rxphs4BUirH+psJBzoHDJ
KuRkB4wEe4aD63ccb9oqMj1/fbtPH3RFNP35WE/S7/v98bavUTxubqPgAICyPRn4
vFobsY9dJN8glO+6jTLLb4qgP+tf2V2fVYeH7NfYOMsYOMC1ZOtUEQ4vZ0UveJlt
fc+/dXCsjEo0HodmF24ZmOCTyHyPUfhDKQ1vAfeTTx4aahn6/jdmgAvmfkkmsDkV
pMB7V2HwPb3fdnXtSgQOaYMTJ4e5n2j6kH5/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUokSY4yRbxxpaUMqICf42ld+9jJowHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvb2tTWTR5UmJ4eHBhVU1xSUNmNDJs
ZC05akpvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnBpODAN
BgkqhkiG9w0BAQsFAAOCAQEAA0Jd6s0RfbmhqCx0kDOqO7aVKNIA6D5Xyx1QnNz7
FxfUCanAqAazZv659pF7HbW0CxdgGJqmUR35qdbSpsUuFDGb0zwT/wampY6HF7T2
frgHvZnuMTtnNZrtrqtHp3G43T5OBQ7GUJJ+Oti7wdZXXY9hyK+DcCfob8jbLWcZ
ZQgcUCKGLuefdGpoGu95O7oKBMSCJnNuEjUUz6Xl/VWP9jNhZqrEksJXiEbHOd9D
qS60lhooB+kP1kS3LnPRkMUpbzT/PJB5XyJdbDARho3+GJwZxex/DyCQLAcYnICX
dUA91JWBMLvFfUNEgGNYQPpO++Yi/MNQPkGOmvB/3JZN3Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:13 2023 by rpki-client on console-fra.rpki-client.org