Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/-ZUB5USyO8zB42yUScb9gx2C1-4.roa
File: -ZUB5USyO8zB42yUScb9gx2C1-4.roa (raw, json)
Hash identifier: vvHPlqIHTOaNC1/hfz+4cwNUhFnzuJ63elrUCXKa9pI=
Subject key identifier: F9:95:01:E5:44:B2:3B:CC:C1:E3:6C:94:49:C6:FD:83:1D:82:D7:EE
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0958
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-ZUB5USyO8zB42yUScb9gx2C1-4.roa
Signing time: Tue 29 Sep 2020 10:01:44 +0000
ROA not before: Tue 29 Sep 2020 10:01:44 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 124.219.0.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2392 (0x958)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:44 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F99501E544B23BCCC1E36C9449C6FD831D82D7EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2d:d3:33:55:93:5d:eb:12:8d:f2:f5:49:40:
4e:62:70:d7:6f:64:fe:07:7f:e5:af:bf:62:81:1c:
1f:97:3a:2a:35:e2:b1:09:04:89:f7:6c:db:fb:2e:
64:f2:71:c1:81:f9:11:c7:a7:a9:c1:ea:b5:54:ec:
0a:0d:e4:03:24:b0:fb:97:ae:6c:62:c2:50:6a:6c:
cd:3e:89:22:25:24:b3:59:75:1a:5c:86:41:a3:52:
9e:8c:9f:19:65:77:c6:59:bc:f2:97:9d:d1:9c:44:
78:a0:44:b3:37:82:4e:8d:15:7e:c8:86:92:9e:27:
09:19:40:aa:a0:8b:25:b4:67:cf:6f:0c:78:83:4b:
f9:3f:a3:69:3c:ab:0e:65:b5:63:f0:05:5d:1f:87:
d4:40:db:30:51:0f:a7:13:ba:7c:c2:8b:49:79:f1:
d0:4d:57:60:6e:05:5a:b3:3e:ce:ca:a8:4d:26:cc:
98:be:27:f6:49:3d:d2:f2:8c:03:87:f4:3c:b2:be:
12:d0:66:5d:c0:a1:cb:fa:b7:d7:ec:7d:c0:27:e3:
70:cc:c8:7b:71:8d:b7:cb:1f:96:b6:40:3f:e8:fd:
ac:07:84:29:66:15:b7:87:6a:b9:1f:5d:83:08:b0:
01:44:22:ca:f9:a3:90:46:1e:ce:22:23:3b:c5:ab:
52:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:95:01:E5:44:B2:3B:CC:C1:E3:6C:94:49:C6:FD:83:1D:82:D7:EE
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-ZUB5USyO8zB42yUScb9gx2C1-4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.219.0.0/17
Signature Algorithm: sha256WithRSAEncryption
86:ed:8f:b4:be:60:b0:2a:8b:12:c5:9f:b6:5d:08:8b:45:8a:
24:ad:77:83:11:e9:09:ce:21:25:d0:ca:ad:98:0d:62:30:ba:
92:a7:1a:74:8e:5d:26:c0:61:1c:11:d9:b5:1a:63:de:1b:ad:
49:56:02:15:9c:33:d9:c8:da:42:62:76:38:0b:49:26:64:c7:
be:01:a2:22:e6:00:67:6d:d1:f4:f2:f7:9f:9c:e0:32:3d:5d:
34:8c:d3:ac:33:36:eb:f4:3b:c4:a2:43:32:50:aa:94:65:15:
c7:10:23:51:ac:02:57:8d:52:b5:69:f3:2e:a2:ad:a9:c0:d1:
af:05:3e:09:cd:63:b4:ac:e4:e7:7e:51:51:c4:84:f3:a8:76:
4c:66:11:45:0f:b5:f9:b3:7c:5f:a1:42:26:9e:ef:dd:60:f1:
e9:9b:09:65:b1:2f:fb:28:a7:59:34:7b:78:e9:ec:a4:32:e8:
6c:88:a6:70:ed:84:1a:8e:2c:d5:84:35:e6:78:f5:dc:dc:ad:
1c:c6:1f:55:13:87:90:81:4d:58:64:e1:ae:15:bc:4d:dc:9e:
c5:99:93:3b:ff:ff:30:c6:d2:ad:a6:82:5d:93:b5:79:04:87:
82:16:9b:33:1c:a5:00:e0:ed:b2:f6:9a:95:c9:33:6c:2f:4d:
e8:6f:1d:57
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCVgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY5OTUwMUU1NDRCMjNC
Q0NDMUUzNkM5NDQ5QzZGRDgzMUQ4MkQ3RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPLdMzVZNd6xKN8vVJQE5icNdvZP4Hf+Wvv2KBHB+XOio14rEJ
BIn3bNv7LmTyccGB+RHHp6nB6rVU7AoN5AMksPuXrmxiwlBqbM0+iSIlJLNZdRpc
hkGjUp6Mnxlld8ZZvPKXndGcRHigRLM3gk6NFX7IhpKeJwkZQKqgiyW0Z89vDHiD
S/k/o2k8qw5ltWPwBV0fh9RA2zBRD6cTunzCi0l58dBNV2BuBVqzPs7KqE0mzJi+
J/ZJPdLyjAOH9DyyvhLQZl3Aocv6t9fsfcAn43DMyHtxjbfLH5a2QD/o/awHhClm
FbeHarkfXYMIsAFEIsr5o5BGHs4iIzvFq1JhAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU+ZUB5USyO8zB42yUScb9gx2C1+4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvLVpVQjVVU3lPOHpCNDJ5VVNjYjln
eDJDMS00LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3zbADAN
BgkqhkiG9w0BAQsFAAOCAQEAhu2PtL5gsCqLEsWftl0Ii0WKJK13gxHpCc4hJdDK
rZgNYjC6kqcadI5dJsBhHBHZtRpj3hutSVYCFZwz2cjaQmJ2OAtJJmTHvgGiIuYA
Z23R9PL3n5zgMj1dNIzTrDM26/Q7xKJDMlCqlGUVxxAjUawCV41StWnzLqKtqcDR
rwU+Cc1jtKzk535RUcSE86h2TGYRRQ+1+bN8X6FCJp7v3WDx6ZsJZbEv+yinWTR7
eOnspDLobIimcO2EGo4s1YQ15nj13NytHMYfVROHkIFNWGThrhW8TdyexZmTO///
MMbSraaCXZO1eQSHghabMxylAODtsvaalckzbC9N6G8dVw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org