Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/qOHqFIa87e3K1d51yfXpKJgdViU.roa
File: qOHqFIa87e3K1d51yfXpKJgdViU.roa (raw, json)
Hash identifier: 3SP0WyoGqA85zYXssHqpqcv8vL9EkFvZCzJqIoqRKnc=
Subject key identifier: A8:E1:EA:14:86:BC:ED:ED:CA:D5:DE:75:C9:F5:E9:28:98:1D:56:25
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0EA5
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qOHqFIa87e3K1d51yfXpKJgdViU.roa
Signing time: Wed 29 Sep 2021 02:43:49 +0000
ROA not before: Wed 29 Sep 2021 02:43:49 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9919
IP address blocks: 122.147.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3749 (0xea5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:49 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A8E1EA1486BCEDEDCAD5DE75C9F5E928981D5625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:f6:8e:e6:cc:74:39:cc:bc:bf:76:9a:ef:
49:2f:51:d3:33:c3:7c:aa:ea:4c:fa:ff:a6:87:30:
ce:9c:7f:5e:1d:50:84:17:2d:64:e7:a3:9b:da:8c:
73:ae:87:6b:a5:07:76:a6:4c:f8:b6:c7:6a:fe:0a:
e7:7b:48:db:bc:0a:35:8a:55:bd:64:26:6c:81:4e:
15:a4:45:ca:ea:0f:5d:83:ee:88:9b:71:71:96:ec:
78:8a:e3:9d:26:11:c7:46:90:49:96:0a:ff:e5:eb:
55:c6:ea:25:9e:f7:ae:bc:1c:2f:1b:ae:4f:88:e1:
15:8e:45:f2:0e:00:9c:a6:cc:ce:b0:3c:cf:79:2b:
75:bc:72:8e:f0:d6:47:a4:73:0b:04:6f:87:14:e0:
d2:3a:34:2b:d7:20:8a:09:27:48:c2:1d:20:e8:4e:
74:85:c3:78:75:46:e6:0c:b6:df:02:44:8e:b3:14:
25:50:b6:61:c1:bf:6c:b4:95:60:e1:88:e0:dc:c8:
01:44:b2:7d:3f:5b:38:96:b8:2a:df:8c:6e:4e:f8:
3a:64:f8:88:10:eb:38:2e:35:6c:d0:06:f0:19:32:
c4:42:a0:9b:7c:92:a0:44:8e:08:8b:ad:80:7c:06:
6b:6e:39:e9:cf:9b:70:fa:48:ac:ec:49:49:ee:f3:
3d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E1:EA:14:86:BC:ED:ED:CA:D5:DE:75:C9:F5:E9:28:98:1D:56:25
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qOHqFIa87e3K1d51yfXpKJgdViU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.192.0/18
Signature Algorithm: sha256WithRSAEncryption
8f:ec:48:f5:2e:0f:f3:e7:f6:ee:9c:a0:b8:f0:7d:ff:60:dd:
76:9f:48:a1:0b:16:58:68:60:db:02:b1:69:45:c3:45:fd:08:
1c:37:82:a8:e7:98:4b:7c:ed:d1:c1:77:1d:af:2b:48:07:0b:
f4:dc:dd:2d:34:9f:f8:5f:75:05:26:b9:05:9b:d7:d9:44:c4:
a6:cf:e9:75:43:61:98:7c:2c:9b:eb:ce:2c:ae:d7:4d:26:8b:
95:44:2e:fb:c0:37:41:7c:4d:7b:ad:82:9c:85:46:ca:17:45:
2a:86:23:1b:2e:da:3c:7f:0c:bf:49:af:29:64:1d:19:35:2f:
d6:e6:98:f9:01:3d:f2:5d:7c:0d:7a:59:29:cf:e7:12:59:f8:
72:20:f0:49:3c:05:62:f9:17:dd:16:02:f0:d7:0e:da:55:ca:
32:c2:99:a0:0b:a0:fd:47:52:82:22:42:91:7f:14:cd:b7:7d:
cb:78:28:5b:76:7f:5b:8e:bc:52:db:a2:b1:0f:df:d6:83:51:
44:66:34:68:09:db:e1:ba:e7:4e:26:01:c8:24:1c:a2:e8:19:
08:58:47:7f:91:35:5a:9f:44:34:c1:fa:1a:4e:12:48:73:cb:
56:b3:17:00:e7:aa:2f:85:0c:dd:71:52:ed:ce:92:f2:8c:b8:
a0:20:2c:96
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDqUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzNDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEE4RTFFQTE0ODZCQ0VE
RURDQUQ1REU3NUM5RjVFOTI4OTgxRDU2MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxOvaO5sx0Ocy8v3aa70kvUdMzw3yq6kz6/6aHMM6cf14dUIQX
LWTno5vajHOuh2ulB3amTPi2x2r+Cud7SNu8CjWKVb1kJmyBThWkRcrqD12D7oib
cXGW7HiK450mEcdGkEmWCv/l61XG6iWe9668HC8brk+I4RWORfIOAJymzM6wPM95
K3W8co7w1kekcwsEb4cU4NI6NCvXIIoJJ0jCHSDoTnSFw3h1RuYMtt8CRI6zFCVQ
tmHBv2y0lWDhiODcyAFEsn0/WziWuCrfjG5O+Dpk+IgQ6zguNWzQBvAZMsRCoJt8
kqBEjgiLrYB8BmtuOenPm3D6SKzsSUnu8z2BAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqOHqFIa87e3K1d51yfXpKJgdViUwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcU9IcUZJYTg3ZTNLMWQ1MXlmWHBL
SmdkVmlVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnqTwDAN
BgkqhkiG9w0BAQsFAAOCAQEAj+xI9S4P8+f27pyguPB9/2Dddp9IoQsWWGhg2wKx
aUXDRf0IHDeCqOeYS3zt0cF3Ha8rSAcL9NzdLTSf+F91BSa5BZvX2UTEps/pdUNh
mHwsm+vOLK7XTSaLlUQu+8A3QXxNe62CnIVGyhdFKoYjGy7aPH8Mv0mvKWQdGTUv
1uaY+QE98l18DXpZKc/nEln4ciDwSTwFYvkX3RYC8NcO2lXKMsKZoAug/UdSgiJC
kX8Uzbd9y3goW3Z/W468UtuisQ/f1oNRRGY0aAnb4brnTiYByCQcougZCFhHf5E1
Wp9ENMH6Gk4SSHPLVrMXAOeqL4UM3XFS7c6S8oy4oCAslg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:01 2023 by rpki-client on console-ams.rpki-client.org