Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/y0ZK7PMJXRVkaTiNnDcgiUAlg4A.roa
File: y0ZK7PMJXRVkaTiNnDcgiUAlg4A.roa (raw, json)
Hash identifier: CNB/X9BPdAvQfGu6RtNfFAT/OXba87B2J6WXaCYpKwQ=
Subject key identifier: CB:46:4A:EC:F3:09:5D:15:64:69:38:8D:9C:37:20:89:40:25:83:80
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0CC7
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/y0ZK7PMJXRVkaTiNnDcgiUAlg4A.roa
Signing time: Sun 07 Feb 2021 11:45:06 +0000
ROA not before: Sun 07 Feb 2021 11:45:06 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 220.229.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3271 (0xcc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 11:45:06 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=CB464AECF3095D156469388D9C37208940258380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b1:a5:b5:39:0a:7b:94:c1:89:81:b4:65:fb:
64:64:f5:12:e3:eb:04:14:56:ce:6e:f6:f7:7c:90:
d9:d9:11:bd:9d:b0:9f:13:07:7a:c9:08:62:05:94:
34:7b:2b:bc:e6:19:8a:ec:57:a5:d9:6a:0f:70:11:
87:3b:6b:2f:3d:00:1e:be:77:00:f3:9b:7b:71:d8:
7d:53:f2:13:f7:1f:c9:fd:af:55:4b:27:b2:9d:ae:
c5:76:eb:a6:fa:54:09:0b:43:c8:b4:17:94:db:57:
a8:6c:3a:b2:5d:60:62:d2:c9:81:fb:03:93:bb:44:
0e:65:e0:3c:d9:f9:78:6e:ea:e2:4d:10:b5:be:64:
18:45:ca:b5:32:91:86:1d:f3:d2:8d:e2:73:00:9f:
43:eb:9d:06:0a:80:c1:c5:1a:95:4f:1b:e9:01:32:
f3:ab:6e:fe:c5:2c:90:9e:e1:91:68:cd:2d:60:bd:
a6:ce:fa:f5:95:73:75:f6:97:d3:5f:02:be:a2:c5:
05:3a:1d:5f:fc:d7:19:b2:1c:e0:02:1a:dd:b9:44:
45:01:7f:16:22:eb:84:de:22:cf:18:40:1e:da:95:
6b:95:9c:7a:99:e9:bf:b3:c0:21:ce:7f:dc:fa:5f:
14:76:84:f8:11:b2:da:b3:ee:d6:ea:2d:ee:9b:47:
49:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:46:4A:EC:F3:09:5D:15:64:69:38:8D:9C:37:20:89:40:25:83:80
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/y0ZK7PMJXRVkaTiNnDcgiUAlg4A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.72.0/21
Signature Algorithm: sha256WithRSAEncryption
54:cc:3d:19:40:78:b4:18:c3:ad:d2:12:38:ba:11:7e:e8:a4:
b6:d3:b3:51:e1:1f:4f:40:7e:78:e9:a8:1f:7a:40:45:56:ee:
fb:dd:45:a5:ea:f3:96:40:60:43:84:d7:9d:85:43:5f:ec:b7:
8e:7a:c4:37:7a:3f:af:86:23:5d:02:6d:d5:91:14:d9:5b:7d:
aa:c6:a2:79:71:62:65:31:c3:86:b3:43:2e:e1:92:30:8f:5b:
c7:64:68:70:f2:9d:56:c9:ae:7b:bb:41:fd:19:c4:ff:e0:2c:
26:de:3a:3a:9f:e6:38:ca:5d:b0:36:1e:70:c4:cc:0b:07:5f:
09:7c:98:24:27:79:62:08:1c:53:0b:c3:90:cc:ce:77:70:0f:
25:a4:9a:d9:7b:54:84:df:7a:ce:86:1f:dd:dc:de:46:f6:34:
2c:f9:f9:fb:42:cf:0d:15:cf:e9:b9:4c:a4:97:bc:cf:d4:f2:
45:15:26:96:b1:aa:a1:d3:fe:47:2a:e5:f7:62:df:1a:b8:f0:
16:b7:9e:9f:eb:b8:ad:2b:08:1b:45:95:e5:5e:01:2d:c0:f4:
58:fa:8d:22:7a:6f:ea:94:c7:c8:bd:0a:d1:f4:c2:62:31:7d:
56:4d:2e:06:f0:8a:12:44:36:db:96:07:c9:fe:09:6e:d4:0f:
d6:61:9b:0c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcx
MTQ1MDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENCNDY0QUVDRjMwOTVE
MTU2NDY5Mzg4RDlDMzcyMDg5NDAyNTgzODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2saW1OQp7lMGJgbRl+2Rk9RLj6wQUVs5u9vd8kNnZEb2dsJ8T
B3rJCGIFlDR7K7zmGYrsV6XZag9wEYc7ay89AB6+dwDzm3tx2H1T8hP3H8n9r1VL
J7KdrsV266b6VAkLQ8i0F5TbV6hsOrJdYGLSyYH7A5O7RA5l4DzZ+Xhu6uJNELW+
ZBhFyrUykYYd89KN4nMAn0PrnQYKgMHFGpVPG+kBMvOrbv7FLJCe4ZFozS1gvabO
+vWVc3X2l9NfAr6ixQU6HV/81xmyHOACGt25REUBfxYi64TeIs8YQB7alWuVnHqZ
6b+zwCHOf9z6XxR2hPgRstqz7tbqLe6bR0ldAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUy0ZK7PMJXRVkaTiNnDcgiUAlg4AwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveTBaSzdQTUpYUlZrYVRpTm5EY2dp
VUFsZzRBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9zlSDAN
BgkqhkiG9w0BAQsFAAOCAQEAVMw9GUB4tBjDrdISOLoRfuikttOzUeEfT0B+eOmo
H3pARVbu+91FperzlkBgQ4TXnYVDX+y3jnrEN3o/r4YjXQJt1ZEU2Vt9qsaieXFi
ZTHDhrNDLuGSMI9bx2RocPKdVsmue7tB/RnE/+AsJt46Op/mOMpdsDYecMTMCwdf
CXyYJCd5YggcUwvDkMzOd3APJaSa2XtUhN96zoYf3dzeRvY0LPn5+0LPDRXP6blM
pJe8z9TyRRUmlrGqodP+Ryrl92LfGrjwFreen+u4rSsIG0WV5V4BLcD0WPqNInpv
6pTHyL0K0fTCYjF9Vk0uBvCKEkQ225YHyf4JbtQP1mGbDA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:01 2023 by rpki-client on console-ams.rpki-client.org