Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/r4kj-qP3A91-KiQFpPVH2goQ9rk.roa
File: r4kj-qP3A91-KiQFpPVH2goQ9rk.roa (raw, json)
Hash identifier: ZjWOvPVHq9P0lvxwPdEVGQ32MpxT4WV+2n+8fhSxstw=
Subject key identifier: AF:89:23:FA:A3:F7:03:DD:7E:2A:24:05:A4:F5:47:DA:0A:10:F6:B9
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0CDF
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/r4kj-qP3A91-KiQFpPVH2goQ9rk.roa
Signing time: Sun 07 Feb 2021 11:45:40 +0000
ROA not before: Sun 07 Feb 2021 11:45:40 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 122.146.104.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3295 (0xcdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 11:45:40 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=AF8923FAA3F703DD7E2A2405A4F547DA0A10F6B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e4:cc:fb:d6:8f:cb:28:04:4e:3d:7c:db:b4:
b1:84:89:8c:3c:68:49:3a:52:18:5d:8f:45:e8:21:
8d:24:da:46:23:b6:68:4e:0c:60:9e:cc:e2:9a:b3:
8b:22:47:50:29:fb:6c:4b:b5:bd:a1:9e:af:67:29:
64:e6:99:36:4f:04:c7:16:2e:05:71:5e:ee:41:54:
de:79:19:75:6d:89:65:f4:0b:5e:7e:3d:e5:bf:1c:
d8:02:7f:60:41:1d:f2:7c:a5:3a:32:b3:d5:e4:72:
40:c1:e1:06:26:f4:01:07:23:54:8c:fc:1c:c5:23:
e6:05:1c:a3:38:76:94:17:ce:4e:bf:2f:06:9e:c6:
bf:e3:7e:d1:e8:b9:f3:f6:eb:6a:ef:85:3b:0b:ac:
52:60:d5:f9:b9:2f:c4:f5:99:e0:dc:c7:e6:31:ec:
59:97:85:ab:f3:8a:10:17:f6:98:bf:15:fa:c3:39:
10:bd:c7:9b:88:aa:20:e4:1c:a3:af:6f:83:18:d1:
aa:23:1a:24:12:c3:fb:13:cb:18:83:12:af:0b:f0:
fc:be:15:11:c4:bd:9a:bf:be:ca:f7:0d:23:85:57:
d8:9a:08:66:3f:5c:45:f9:a7:a7:47:d5:de:05:1f:
be:e6:81:00:c5:47:ac:59:04:0e:4d:8b:66:66:cc:
66:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:89:23:FA:A3:F7:03:DD:7E:2A:24:05:A4:F5:47:DA:0A:10:F6:B9
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/r4kj-qP3A91-KiQFpPVH2goQ9rk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.146.104.0/22
Signature Algorithm: sha256WithRSAEncryption
87:7b:38:51:6b:21:ed:c8:39:77:62:35:2f:12:04:3e:51:e5:
48:12:d1:20:10:79:63:3c:ee:ef:a9:05:8f:0d:fc:d0:6b:25:
c7:91:c2:66:a9:ea:8c:8b:ac:d6:9f:87:0f:fa:b3:78:c5:1a:
8d:de:e3:92:1c:5e:0a:d1:75:b8:e7:be:e5:7b:45:38:20:10:
76:a0:d5:3b:1a:42:fa:95:10:31:27:69:2f:48:9d:fd:b2:44:
b3:24:6c:0f:e2:26:9c:06:92:5e:8c:23:83:2f:d8:8e:e3:e4:
d4:c6:5b:4c:cb:d6:70:5f:7f:c3:b6:70:e0:45:1f:22:ee:ef:
12:d9:c1:7f:5e:00:21:70:b6:d5:56:70:37:e0:c8:b4:cc:8a:
45:b4:f6:c5:ae:3e:5b:8b:7d:9c:35:0e:8c:6f:b1:1d:91:30:
1d:61:86:9f:14:fb:c5:2b:2a:04:9c:db:93:93:4d:02:08:d0:
4d:f1:e2:c3:fa:fa:c2:77:f1:31:ec:0d:f3:6d:e6:7d:7c:74:
64:74:31:73:de:7e:56:02:76:bc:33:49:17:0a:74:e3:95:2b:
25:f4:02:9e:43:56:84:0a:77:17:88:29:50:19:91:1d:cc:cc:
4f:e9:74:d2:7f:46:bf:ca:e6:2f:49:51:37:a1:af:ec:fe:21:
07:bc:db:79
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcx
MTQ1NDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFGODkyM0ZBQTNGNzAz
REQ3RTJBMjQwNUE0RjU0N0RBMEExMEY2QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb5Mz71o/LKAROPXzbtLGEiYw8aEk6Uhhdj0XoIY0k2kYjtmhO
DGCezOKas4siR1Ap+2xLtb2hnq9nKWTmmTZPBMcWLgVxXu5BVN55GXVtiWX0C15+
PeW/HNgCf2BBHfJ8pToys9XkckDB4QYm9AEHI1SM/BzFI+YFHKM4dpQXzk6/Lwae
xr/jftHoufP262rvhTsLrFJg1fm5L8T1meDcx+Yx7FmXhavzihAX9pi/FfrDORC9
x5uIqiDkHKOvb4MY0aojGiQSw/sTyxiDEq8L8Py+FRHEvZq/vsr3DSOFV9iaCGY/
XEX5p6dH1d4FH77mgQDFR6xZBA5Ni2ZmzGY3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUr4kj+qP3A91+KiQFpPVH2goQ9rkwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcjRrai1xUDNBOTEtS2lRRnBQVkgy
Z29ROXJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnqSaDAN
BgkqhkiG9w0BAQsFAAOCAQEAh3s4UWsh7cg5d2I1LxIEPlHlSBLRIBB5Yzzu76kF
jw380Gslx5HCZqnqjIus1p+HD/qzeMUajd7jkhxeCtF1uOe+5XtFOCAQdqDVOxpC
+pUQMSdpL0id/bJEsyRsD+ImnAaSXowjgy/YjuPk1MZbTMvWcF9/w7Zw4EUfIu7v
EtnBf14AIXC21VZwN+DItMyKRbT2xa4+W4t9nDUOjG+xHZEwHWGGnxT7xSsqBJzb
k5NNAgjQTfHiw/r6wnfxMewN823mfXx0ZHQxc95+VgJ2vDNJFwp045UrJfQCnkNW
hAp3F4gpUBmRHczMT+l00n9Gv8rmL0lRN6Gv7P4hB7zbeQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:13 2023 by rpki-client on console-fra.rpki-client.org