Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/yQDECSjG6YBbtL_neuGFQAPWQBs.roa
File: yQDECSjG6YBbtL_neuGFQAPWQBs.roa (raw, json)
Hash identifier: ZbmtNOC2wjeQ9jTNBbdnGnzOIqGs2gd5S3MGKzoJaQE=
Subject key identifier: C9:00:C4:09:28:C6:E9:80:5B:B4:BF:E7:7A:E1:85:40:03:D6:40:1B
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0C99
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/yQDECSjG6YBbtL_neuGFQAPWQBs.roa
Signing time: Sun 07 Feb 2021 11:44:09 +0000
ROA not before: Sun 07 Feb 2021 11:44:09 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18049
IP address blocks: 106.107.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3225 (0xc99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 11:44:09 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C900C40928C6E9805BB4BFE77AE1854003D6401B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:43:33:50:33:6c:ef:0b:ca:fd:83:45:43:50:
f1:9c:9f:57:65:b7:a3:b6:4d:55:80:1f:5e:96:d3:
b4:bc:bf:1e:21:95:e6:db:29:77:c3:82:9f:db:af:
f4:76:7d:e7:2c:e6:e1:01:4f:34:46:23:a3:3d:89:
58:bc:14:f7:40:d8:4a:71:4f:f9:91:2b:b2:9b:0f:
11:45:99:6f:81:a7:b1:e8:e7:cf:b0:85:a0:bb:3f:
6f:09:fd:a1:48:2b:02:58:e1:5a:23:88:f8:4d:94:
e7:75:17:66:02:26:d1:c8:56:14:0b:69:2c:a5:86:
8e:81:5a:3a:d5:d4:2a:e9:18:66:e0:e1:48:aa:5b:
10:52:78:1c:ea:74:d0:b6:3c:e7:22:ee:c5:27:64:
a5:82:38:c1:7a:9c:99:a4:92:b1:08:a9:c9:42:67:
ff:73:12:59:46:76:3f:8b:5d:65:ee:1c:c5:10:7b:
5a:74:9b:cc:c9:32:b7:b5:5c:a4:81:aa:e6:92:8b:
76:4a:12:cb:ab:55:50:60:2a:30:24:8b:09:8c:30:
59:c9:12:af:e0:39:7e:67:a3:86:9e:a4:5f:a3:4f:
19:01:8b:89:73:f2:c2:d2:ca:61:82:97:da:be:7c:
28:78:bd:44:79:8c:a2:07:ab:d2:33:f4:e3:0b:b2:
c2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:00:C4:09:28:C6:E9:80:5B:B4:BF:E7:7A:E1:85:40:03:D6:40:1B
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/yQDECSjG6YBbtL_neuGFQAPWQBs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.107.152.0/21
Signature Algorithm: sha256WithRSAEncryption
a9:dd:32:e2:b7:f6:5c:9f:4b:a1:70:8f:00:30:b4:98:7f:6a:
5f:20:36:db:8c:68:4d:55:78:37:93:97:27:fa:7e:b1:e5:51:
9d:50:86:f5:2a:ea:08:3e:90:77:86:f3:45:5b:62:f1:65:8f:
bd:ad:51:85:36:ad:25:d5:f3:b5:7c:87:7d:d3:da:cc:1a:60:
8c:d6:0f:4d:70:d9:b4:31:9f:bb:39:56:60:0b:58:2e:5f:12:
21:6b:fa:3a:d9:e5:66:28:81:4d:90:51:4c:db:38:26:20:38:
26:74:1d:51:a6:d2:ef:26:7b:fb:3f:a6:aa:b7:3c:7e:c6:33:
d5:49:fc:95:96:e0:16:b7:59:71:de:e7:02:57:6c:c2:dd:99:
63:fb:cb:78:b4:a4:df:16:ff:6d:a5:0e:e9:2c:65:1b:f8:f6:
77:9f:33:57:08:02:e8:50:7d:bb:c8:55:1a:db:59:62:ea:17:
fb:d5:3a:1f:93:2b:74:d3:fb:24:3f:13:7c:bd:91:ae:c3:f3:
cc:5c:14:8c:37:16:8c:b8:9c:63:a1:32:71:bf:a8:97:31:0d:
0c:f9:d8:fe:b4:dc:70:ab:45:21:ee:46:88:bf:ad:b7:23:c6:
9f:5c:22:87:c8:af:04:9d:3d:af:e2:4b:fe:09:b1:15:f5:c0:
67:62:a4:e0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcx
MTQ0MDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM5MDBDNDA5MjhDNkU5
ODA1QkI0QkZFNzdBRTE4NTQwMDNENjQwMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsQzNQM2zvC8r9g0VDUPGcn1dlt6O2TVWAH16W07S8vx4hlebb
KXfDgp/br/R2fecs5uEBTzRGI6M9iVi8FPdA2EpxT/mRK7KbDxFFmW+Bp7Ho58+w
haC7P28J/aFIKwJY4VojiPhNlOd1F2YCJtHIVhQLaSylho6BWjrV1CrpGGbg4Uiq
WxBSeBzqdNC2POci7sUnZKWCOMF6nJmkkrEIqclCZ/9zEllGdj+LXWXuHMUQe1p0
m8zJMre1XKSBquaSi3ZKEsurVVBgKjAkiwmMMFnJEq/gOX5no4aepF+jTxkBi4lz
8sLSymGCl9q+fCh4vUR5jKIHq9Iz9OMLssIDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUyQDECSjG6YBbtL/neuGFQAPWQBswHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveVFERUNTakc2WUJidExfbmV1R0ZR
QVBXUUJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2prmDAN
BgkqhkiG9w0BAQsFAAOCAQEAqd0y4rf2XJ9LoXCPADC0mH9qXyA224xoTVV4N5OX
J/p+seVRnVCG9SrqCD6Qd4bzRVti8WWPva1RhTatJdXztXyHfdPazBpgjNYPTXDZ
tDGfuzlWYAtYLl8SIWv6OtnlZiiBTZBRTNs4JiA4JnQdUabS7yZ7+z+mqrc8fsYz
1Un8lZbgFrdZcd7nAldswt2ZY/vLeLSk3xb/baUO6SxlG/j2d58zVwgC6FB9u8hV
GttZYuoX+9U6H5MrdNP7JD8TfL2RrsPzzFwUjDcWjLicY6Eycb+olzENDPnY/rTc
cKtFIe5GiL+ttyPGn1wih8ivBJ09r+JL/gmxFfXAZ2Kk4A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:13 2023 by rpki-client on console-fra.rpki-client.org