Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/qtQ49nrtccnz4dsMo_q0xUjOSvM.roa
File: qtQ49nrtccnz4dsMo_q0xUjOSvM.roa (raw, json)
Hash identifier: 8KpPBAXdDnebYQZr0JGtIgxEhWAekHLDJh9zYNeO3NM=
Subject key identifier: AA:D4:38:F6:7A:ED:71:C9:F3:E1:DB:0C:A3:FA:B4:C5:48:CE:4A:F3
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0BA6
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qtQ49nrtccnz4dsMo_q0xUjOSvM.roa
Signing time: Sun 07 Feb 2021 06:27:21 +0000
ROA not before: Sun 07 Feb 2021 06:27:21 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 220.228.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2982 (0xba6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 06:27:21 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=AAD438F67AED71C9F3E1DB0CA3FAB4C548CE4AF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:44:a4:fa:30:c6:1c:65:0c:61:8c:a7:39:
84:33:1f:a3:4f:97:ce:3e:16:a6:5f:30:60:4f:82:
99:41:62:9e:f4:2b:b7:2e:e0:8e:0d:a6:3b:83:27:
c8:83:a7:72:97:47:cf:00:b4:96:ff:a0:48:1d:34:
1a:22:3a:07:b7:0f:78:6e:86:53:8d:f7:c1:46:9c:
9e:cd:bc:5a:a8:e1:6d:ed:df:af:8c:c2:63:07:3d:
a8:f2:7c:28:9a:95:72:9c:59:c1:59:62:c7:79:4d:
7e:be:bc:8e:3d:92:1e:71:9b:b9:bc:06:2f:08:28:
94:8d:22:dc:93:3c:c2:3b:26:32:44:02:25:a8:5c:
ee:7b:c6:9e:e4:f6:6c:fa:53:3f:60:a3:22:30:8b:
88:6f:2f:21:ec:d4:69:d1:af:a7:77:7a:74:26:d5:
5b:da:7d:64:f4:ab:d8:c9:9f:7b:59:11:c3:c6:53:
b3:33:7d:72:c0:82:46:58:34:53:2a:e5:79:c2:82:
9c:1f:25:ea:c5:80:a9:84:d9:49:34:0b:f4:4d:f0:
b0:53:64:92:80:72:01:01:b4:ba:92:ba:bf:30:cf:
5d:07:94:1d:ac:4b:6f:72:19:41:8a:64:fa:ae:d2:
bb:5a:18:1e:4d:40:94:50:51:82:a1:39:7e:72:3d:
45:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D4:38:F6:7A:ED:71:C9:F3:E1:DB:0C:A3:FA:B4:C5:48:CE:4A:F3
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qtQ49nrtccnz4dsMo_q0xUjOSvM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
07:e2:0e:80:49:9d:dc:6e:f0:59:d6:71:54:58:28:a6:ee:ea:
1d:8e:c3:9d:f1:63:5a:f8:63:50:2d:b4:f1:4c:89:03:05:29:
dd:48:f6:75:50:cb:8e:0f:33:47:37:5d:4d:1f:95:21:1b:bc:
89:02:f1:12:5f:60:2a:d6:74:9f:7b:37:50:d4:b8:0a:dc:79:
83:90:47:53:7e:a1:6d:b3:ef:90:ad:c3:b8:79:b3:b5:01:fb:
59:0f:5f:e7:17:c8:5d:88:7f:a8:4c:de:c6:e3:fc:b4:44:62:
9e:bc:dd:ac:c7:b7:0f:dc:05:de:32:36:2d:8f:3a:09:06:f0:
ed:12:0a:14:21:71:d1:0b:f9:98:a1:81:42:2b:83:88:ef:36:
3b:1f:12:ce:30:72:02:01:bb:10:be:42:61:99:64:b7:2e:9e:
14:f0:9d:fb:72:af:67:d9:5b:57:3f:2e:95:67:d5:45:28:3c:
50:ec:cd:38:7d:6c:03:7f:50:66:76:31:23:b3:d6:2b:d6:a6:
c4:01:1a:fb:da:79:c9:35:19:ab:b8:cd:92:29:ef:0f:14:3a:
d5:ba:ec:f5:3f:39:c0:2a:c1:db:87:95:91:e8:da:f7:53:e8:
cc:a9:fd:f5:d4:36:24:36:22:9d:3e:5f:4a:74:92:81:11:ef:
77:91:6b:65
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICC6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcw
NjI3MjFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFBRDQzOEY2N0FFRDcx
QzlGM0UxREIwQ0EzRkFCNEM1NDhDRTRBRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC71ESk+jDGHGUMYYynOYQzH6NPl84+FqZfMGBPgplBYp70K7cu
4I4NpjuDJ8iDp3KXR88AtJb/oEgdNBoiOge3D3huhlON98FGnJ7NvFqo4W3t36+M
wmMHPajyfCialXKcWcFZYsd5TX6+vI49kh5xm7m8Bi8IKJSNItyTPMI7JjJEAiWo
XO57xp7k9mz6Uz9goyIwi4hvLyHs1GnRr6d3enQm1VvafWT0q9jJn3tZEcPGU7Mz
fXLAgkZYNFMq5XnCgpwfJerFgKmE2Uk0C/RN8LBTZJKAcgEBtLqSur8wz10HlB2s
S29yGUGKZPqu0rtaGB5NQJRQUYKhOX5yPUUbAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUqtQ49nrtccnz4dsMo/q0xUjOSvMwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcXRRNDlucnRjY256NGRzTW9fcTB4
VWpPU3ZNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAdzkMA0G
CSqGSIb3DQEBCwUAA4IBAQAH4g6ASZ3cbvBZ1nFUWCim7uodjsOd8WNa+GNQLbTx
TIkDBSndSPZ1UMuODzNHN11NH5UhG7yJAvESX2Aq1nSfezdQ1LgK3HmDkEdTfqFt
s++QrcO4ebO1AftZD1/nF8hdiH+oTN7G4/y0RGKevN2sx7cP3AXeMjYtjzoJBvDt
EgoUIXHRC/mYoYFCK4OI7zY7HxLOMHICAbsQvkJhmWS3Lp4U8J37cq9n2VtXPy6V
Z9VFKDxQ7M04fWwDf1BmdjEjs9Yr1qbEARr72nnJNRmruM2SKe8PFDrVuuz1PznA
KsHbh5WR6Nr3U+jMqf311DYkNiKdPl9KdJKBEe93kWtl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:01 2023 by rpki-client on console-ams.rpki-client.org