Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/sD1pxWPDmcna8yxQzU5EnlI6Nhk.roa
File: sD1pxWPDmcna8yxQzU5EnlI6Nhk.roa (raw, json)
Hash identifier: I5SVCDchpG+gv8VFbQ+8Obg6Dwepdwl5/jOOdUTD+LI=
Subject key identifier: B0:3D:69:C5:63:C3:99:C9:DA:F3:2C:50:CD:4E:44:9E:52:3A:36:19
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E70
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/sD1pxWPDmcna8yxQzU5EnlI6Nhk.roa
Signing time: Wed 29 Sep 2021 02:43:35 +0000
ROA not before: Wed 29 Sep 2021 02:43:35 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131597
IP address blocks: 106.105.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3696 (0xe70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:35 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=B03D69C563C399C9DAF32C50CD4E449E523A3619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:78:ee:d6:fb:1b:e8:48:9d:e6:b6:6d:b4:eb:
47:4e:ba:05:75:27:3c:2f:3e:d8:ea:3d:25:27:2c:
70:36:4a:ae:6e:32:16:a9:56:ae:13:a1:09:ad:e2:
0b:43:cd:22:95:a5:67:64:50:5d:d6:ed:11:02:fe:
5a:84:ba:e3:69:d6:d3:01:c7:eb:0c:70:5b:1b:e1:
2b:07:d0:4b:39:37:ff:04:c2:4d:6a:51:1c:82:ef:
ea:fc:a0:39:b8:29:d3:ad:cf:dd:00:b3:5b:90:c0:
23:d1:4c:ce:b5:17:e1:e5:0b:0b:e3:f7:1d:8b:af:
29:3a:f3:04:f0:27:4b:e1:ff:86:54:f1:72:e2:81:
96:3f:c8:7d:7b:54:b1:d4:b1:4a:3b:36:d7:5a:1c:
4d:5d:f1:b2:44:1f:c8:b1:f3:5b:e8:e6:18:a3:aa:
6a:29:eb:a0:34:07:92:bf:1d:5a:71:af:e1:1c:7f:
82:35:3d:a0:e9:60:6d:f3:99:46:32:77:f7:39:6c:
3b:02:4f:e6:e0:d3:1c:17:a0:d1:a3:2e:41:09:f6:
91:c7:82:96:03:85:c9:aa:d9:c7:eb:25:fa:d8:18:
26:a4:fc:a2:20:c3:f3:64:84:6e:19:de:17:e1:65:
c0:8d:96:0b:cd:35:1c:2a:36:71:38:18:dc:06:de:
8e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3D:69:C5:63:C3:99:C9:DA:F3:2C:50:CD:4E:44:9E:52:3A:36:19
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/sD1pxWPDmcna8yxQzU5EnlI6Nhk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.224.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:0a:12:6d:67:2f:11:e1:34:5f:08:37:b3:d3:ea:09:58:eb:
ca:7b:3d:a7:21:3a:d3:d4:99:37:ac:a0:90:83:92:de:b4:b6:
db:31:22:82:69:e3:a6:ad:88:f3:9d:3b:e6:d9:1e:dc:1f:27:
26:53:58:9e:7b:eb:3b:a4:76:80:af:ad:f4:a9:82:bb:e4:3b:
63:c5:4c:d3:0f:a3:3f:b3:73:24:f0:d2:7b:8e:64:77:74:9d:
c2:a4:6e:24:fb:28:63:35:8e:15:9c:3b:92:7d:c6:d6:a0:ef:
b8:c7:e3:21:c9:06:e5:e8:51:45:c8:68:fb:d8:63:dd:54:74:
0a:81:95:db:26:5a:e4:35:62:eb:c9:6f:0e:15:28:44:3a:db:
82:77:ef:69:56:58:19:f2:01:a0:2b:4c:81:e1:65:19:a7:ed:
62:d7:9e:83:af:51:cd:b7:70:74:d3:68:b4:5f:78:ad:b8:9b:
ca:be:85:b4:06:60:0e:cb:97:74:9e:d5:2e:45:25:ed:76:5f:
fb:a7:e5:df:a1:ff:81:9b:2a:4c:f5:b1:27:bc:96:88:6d:ad:
2c:45:4d:e3:25:dd:0f:9b:bb:6c:aa:a5:ee:bc:11:72:95:05:
59:ea:d2:32:18:7d:57:7d:83:8e:32:e6:14:44:5b:54:b3:b7:
87:ce:30:c0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMzVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEIwM0Q2OUM1NjNDMzk5
QzlEQUYzMkM1MENENEU0NDlFNTIzQTM2MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmeO7W+xvoSJ3mtm2060dOugV1JzwvPtjqPSUnLHA2Sq5uMhap
Vq4ToQmt4gtDzSKVpWdkUF3W7REC/lqEuuNp1tMBx+sMcFsb4SsH0Es5N/8Ewk1q
URyC7+r8oDm4KdOtz90As1uQwCPRTM61F+HlCwvj9x2Lryk68wTwJ0vh/4ZU8XLi
gZY/yH17VLHUsUo7NtdaHE1d8bJEH8ix81vo5hijqmop66A0B5K/HVpxr+Ecf4I1
PaDpYG3zmUYyd/c5bDsCT+bg0xwXoNGjLkEJ9pHHgpYDhcmq2cfrJfrYGCak/KIg
w/NkhG4Z3hfhZcCNlgvNNRwqNnE4GNwG3o5hAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUsD1pxWPDmcna8yxQzU5EnlI6NhkwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvc0QxcHhXUERtY25hOHl4UXpVNUVu
bEk2TmhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGpp4DAN
BgkqhkiG9w0BAQsFAAOCAQEALQoSbWcvEeE0Xwg3s9PqCVjryns9pyE609SZN6yg
kIOS3rS22zEigmnjpq2I85075tke3B8nJlNYnnvrO6R2gK+t9KmCu+Q7Y8VM0w+j
P7NzJPDSe45kd3SdwqRuJPsoYzWOFZw7kn3G1qDvuMfjIckG5ehRRcho+9hj3VR0
CoGV2yZa5DVi68lvDhUoRDrbgnfvaVZYGfIBoCtMgeFlGaftYteeg69RzbdwdNNo
tF94rbibyr6FtAZgDsuXdJ7VLkUl7XZf+6fl36H/gZsqTPWxJ7yWiG2tLEVN4yXd
D5u7bKql7rwRcpUFWerSMhh9V32DjjLmFERbVLO3h84wwA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:01 2023 by rpki-client on console-ams.rpki-client.org