Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/yI7snFMJ-MoA-epfKlQk3zwzgDg.roa
File: yI7snFMJ-MoA-epfKlQk3zwzgDg.roa (raw, json)
Hash identifier: 9pDqDe5lWUt39nbKl0JSCeEA3QzVHUQM34rzZ74XLrc=
Subject key identifier: C8:8E:EC:9C:53:09:F8:CA:00:F9:EA:5F:2A:54:24:DF:3C:33:80:38
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E5B
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/yI7snFMJ-MoA-epfKlQk3zwzgDg.roa
Signing time: Wed 29 Sep 2021 02:43:29 +0000
ROA not before: Wed 29 Sep 2021 02:43:29 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4780
IP address blocks: 123.204.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3675 (0xe5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:29 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=C88EEC9C5309F8CA00F9EA5F2A5424DF3C338038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6d:05:1a:4c:0a:75:87:9a:04:43:43:d0:80:
00:f1:ee:3d:f7:ac:2a:58:c5:e4:45:fa:00:8c:c7:
26:0b:f8:38:5f:17:35:89:87:56:17:f2:4e:04:58:
e5:8b:a3:14:bc:c4:5a:b4:24:6d:e7:02:4f:43:72:
87:44:7c:f1:7e:3d:d7:1b:0a:99:6d:ab:9d:7a:c6:
49:dd:00:28:26:79:25:04:9a:b7:70:4c:3a:2f:a5:
df:52:83:59:f3:a1:ab:35:a5:f4:d3:e6:e8:2a:b0:
8d:29:2f:6d:d8:cd:c5:b5:8d:58:e1:49:92:91:ce:
2e:94:43:46:8b:2c:97:ff:7c:20:1d:64:3f:d9:dc:
4e:cc:05:10:f4:4b:41:19:31:8d:76:1c:b8:df:31:
2d:66:17:42:04:22:c8:27:4a:ca:79:fe:57:9e:3a:
22:98:6c:ce:e4:aa:f6:39:3c:53:54:21:a2:45:21:
f0:c3:f1:c2:a7:7a:14:4d:23:04:a8:7f:39:39:a0:
91:35:78:27:33:c7:81:34:96:b2:69:22:9c:73:b1:
62:84:72:79:61:3e:8f:6d:1b:ff:dc:08:4e:7b:3c:
a4:a3:24:c7:a0:a2:8f:ba:6f:37:43:22:b3:e0:8c:
a6:63:8a:45:00:3e:00:94:b3:50:3c:1c:8d:2e:5f:
86:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:8E:EC:9C:53:09:F8:CA:00:F9:EA:5F:2A:54:24:DF:3C:33:80:38
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/yI7snFMJ-MoA-epfKlQk3zwzgDg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.204.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:bc:a1:72:54:13:a0:9c:b5:72:65:d5:fe:8d:1b:9b:ee:07:
d5:ae:18:1f:7e:0d:c6:6b:72:b2:d3:5e:30:b7:2b:8d:ae:64:
7d:e3:4c:ba:f3:ba:84:5c:07:81:23:e8:95:27:5b:7a:60:74:
d4:d1:94:ff:ac:87:69:4f:d5:d1:44:ef:e3:f5:e1:45:23:01:
93:ad:fe:04:d2:17:c1:ee:c8:74:0a:d7:83:89:d3:a4:ef:df:
95:33:c8:39:e9:95:78:de:6e:91:6e:39:e6:95:2e:b0:c8:65:
0f:a0:4a:ff:53:0f:73:00:8f:bd:23:8d:0a:dc:c2:09:50:ce:
57:a8:03:77:d9:b3:91:a6:0b:3f:67:f3:83:a2:48:b5:7e:45:
aa:6c:24:0f:75:34:e7:a9:5d:1e:5f:28:80:b6:0f:4b:de:e9:
2c:87:33:4b:09:1f:c1:00:9d:5e:b3:8a:b5:48:9e:85:63:f7:
26:d5:64:f5:e7:40:bc:c3:92:33:dd:ba:51:ed:7a:9c:d0:41:
0a:2e:95:eb:ea:dc:27:cf:7e:0c:55:9b:51:2e:e8:a5:40:1c:
0e:4d:af:21:75:a9:b5:8a:20:ab:1f:b4:db:95:54:09:c4:a9:
d8:ee:df:c7:48:38:b8:2f:85:11:e2:9f:1a:2e:e6:6f:88:ba:
29:91:6c:11
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDlswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzMjlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEM4OEVFQzlDNTMwOUY4
Q0EwMEY5RUE1RjJBNTQyNERGM0MzMzgwMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsbQUaTAp1h5oEQ0PQgADx7j33rCpYxeRF+gCMxyYL+DhfFzWJ
h1YX8k4EWOWLoxS8xFq0JG3nAk9DcodEfPF+PdcbCpltq516xkndACgmeSUEmrdw
TDovpd9Sg1nzoas1pfTT5ugqsI0pL23YzcW1jVjhSZKRzi6UQ0aLLJf/fCAdZD/Z
3E7MBRD0S0EZMY12HLjfMS1mF0IEIsgnSsp5/leeOiKYbM7kqvY5PFNUIaJFIfDD
8cKnehRNIwSofzk5oJE1eCczx4E0lrJpIpxzsWKEcnlhPo9tG//cCE57PKSjJMeg
oo+6bzdDIrPgjKZjikUAPgCUs1A8HI0uX4YzAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUyI7snFMJ+MoA+epfKlQk3zwzgDgwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveUk3c25GTUotTW9BLWVwZktsUWsz
end6Z0RnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHvMMA0G
CSqGSIb3DQEBCwUAA4IBAQBDvKFyVBOgnLVyZdX+jRub7gfVrhgffg3Ga3Ky014w
tyuNrmR940y687qEXAeBI+iVJ1t6YHTU0ZT/rIdpT9XRRO/j9eFFIwGTrf4E0hfB
7sh0CteDidOk79+VM8g56ZV43m6RbjnmlS6wyGUPoEr/Uw9zAI+9I40K3MIJUM5X
qAN32bORpgs/Z/ODoki1fkWqbCQPdTTnqV0eXyiAtg9L3ukshzNLCR/BAJ1es4q1
SJ6FY/cm1WT150C8w5Iz3bpR7Xqc0EEKLpXr6twnz34MVZtRLuilQBwOTa8hdam1
iiCrH7TblVQJxKnY7t/HSDi4L4UR4p8aLuZviLopkWwR
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:13 2023 by rpki-client on console-fra.rpki-client.org