Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/1CAScaCILw0CnWObQMyh--zPX6g.roa
File: 1CAScaCILw0CnWObQMyh--zPX6g.roa (raw, json)
Hash identifier: InbBZw05CFUKwYs1cDjG0ud1m/Mc0wSJSeSsqO7lkqU=
Subject key identifier: D4:20:12:71:A0:88:2F:0D:02:9D:63:9B:40:CC:A1:FB:EC:CF:5F:A8
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 091E
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/1CAScaCILw0CnWObQMyh--zPX6g.roa
Signing time: Tue 29 Sep 2020 10:01:29 +0000
ROA not before: Tue 29 Sep 2020 10:01:29 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 210.203.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2334 (0x91e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:29 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D4201271A0882F0D029D639B40CCA1FBECCF5FA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5c:0d:cd:b8:7e:d5:a4:7a:e6:93:7e:25:c0:
7d:8c:2f:cc:a8:b3:2e:d1:6d:10:1e:af:4c:a0:3c:
0c:5a:99:26:e5:ca:92:e9:c0:30:db:67:79:93:86:
db:c5:ec:c5:75:e6:a6:41:06:cd:8a:ec:2c:24:8f:
c2:43:84:3c:32:4b:93:61:06:5a:5d:9e:94:17:02:
27:c7:16:85:57:f5:0b:94:28:c2:99:8c:f1:fd:bb:
84:68:72:5a:59:8f:3d:46:61:8e:f3:7c:66:4a:1d:
25:bb:e3:47:97:15:2c:c0:63:19:fb:92:b6:81:a3:
dc:7f:7b:1f:40:06:9f:35:13:ef:da:4d:5a:38:5b:
4f:88:fd:b3:7a:b9:56:7a:21:85:a3:60:6a:66:90:
63:3b:ed:a5:13:01:f4:59:b0:22:82:49:43:46:9b:
7b:75:f7:5f:e2:cd:7a:00:85:db:53:d6:e6:12:17:
1f:3f:17:ff:cb:18:e0:19:8e:2e:ec:56:78:98:d3:
29:79:6d:19:f0:f8:4b:4e:3b:76:ea:81:ad:50:dd:
49:54:9d:5b:4a:52:6b:84:e7:d9:fc:9e:95:c6:11:
d9:dc:38:21:81:d5:f6:46:fa:57:02:f2:cb:17:c7:
76:93:e7:74:1a:5a:76:3c:f1:53:da:2c:f6:ab:f0:
08:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:20:12:71:A0:88:2F:0D:02:9D:63:9B:40:CC:A1:FB:EC:CF:5F:A8
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/1CAScaCILw0CnWObQMyh--zPX6g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/24
Signature Algorithm: sha256WithRSAEncryption
59:5b:ec:16:17:d2:eb:b9:d1:ac:94:d3:11:8f:d1:4c:34:fe:
ef:19:25:26:49:19:2e:bb:43:96:d9:2e:93:e8:62:42:1d:d1:
85:d7:e7:aa:be:76:50:46:ce:90:4a:2c:58:c8:3e:d4:f3:1b:
11:3f:c9:f3:65:3b:70:14:90:0b:bc:e9:06:d6:fc:8a:c5:19:
22:d9:19:07:1c:5d:e3:2a:8c:a4:3c:69:ae:34:34:00:fc:14:
a8:94:7a:56:85:0a:05:fd:2c:4c:8c:62:0b:2c:67:78:03:c6:
f9:2a:41:d8:de:0d:4f:0e:51:08:ad:38:4d:36:6a:33:28:ee:
f6:98:b8:53:d2:16:54:61:4e:bc:77:2b:87:89:64:d8:62:06:
0d:16:f7:53:d5:97:38:09:be:2f:57:f1:f4:1e:aa:3c:b7:de:
da:9d:44:7e:d5:83:4f:f8:74:fb:4d:95:99:be:fe:8b:59:75:
52:71:a3:e2:f1:b7:c4:ca:1c:87:42:14:9c:65:5a:f9:5d:34:
8c:ef:8e:e2:bd:b3:fb:9b:50:77:2a:6e:db:dc:38:aa:95:8c:
1f:b1:97:43:18:81:0d:6d:d9:a6:36:a7:04:09:8b:aa:08:57:
35:f3:85:e9:76:86:a7:d5:9d:0f:68:7b:d0:4b:57:49:d6:c8:
b4:be:37:ac
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ0MjAxMjcxQTA4ODJG
MEQwMjlENjM5QjQwQ0NBMUZCRUNDRjVGQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMXA3NuH7VpHrmk34lwH2ML8yosy7RbRAer0ygPAxamSblypLp
wDDbZ3mThtvF7MV15qZBBs2K7Cwkj8JDhDwyS5NhBlpdnpQXAifHFoVX9QuUKMKZ
jPH9u4RoclpZjz1GYY7zfGZKHSW740eXFSzAYxn7kraBo9x/ex9ABp81E+/aTVo4
W0+I/bN6uVZ6IYWjYGpmkGM77aUTAfRZsCKCSUNGm3t191/izXoAhdtT1uYSFx8/
F//LGOAZji7sVniY0yl5bRnw+EtOO3bqga1Q3UlUnVtKUmuE59n8npXGEdncOCGB
1fZG+lcC8ssXx3aT53QaWnY88VPaLPar8AinAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU1CAScaCILw0CnWObQMyh++zPX6gwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMUNBU2NhQ0lMdzBDbldPYlFNeWgt
LXpQWDZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANLLADAN
BgkqhkiG9w0BAQsFAAOCAQEAWVvsFhfS67nRrJTTEY/RTDT+7xklJkkZLrtDltku
k+hiQh3Rhdfnqr52UEbOkEosWMg+1PMbET/J82U7cBSQC7zpBtb8isUZItkZBxxd
4yqMpDxprjQ0APwUqJR6VoUKBf0sTIxiCyxneAPG+SpB2N4NTw5RCK04TTZqMyju
9pi4U9IWVGFOvHcrh4lk2GIGDRb3U9WXOAm+L1fx9B6qPLfe2p1EftWDT/h0+02V
mb7+i1l1UnGj4vG3xMoch0IUnGVa+V00jO+O4r2z+5tQdypu29w4qpWMH7GXQxiB
DW3ZpjanBAmLqghXNfOF6XaGp9WdD2h70EtXSdbItL43rA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:53 2023 by rpki-client on console-fra.rpki-client.org