Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/1JoGQmGprxJBqCAllteEjQe2mOI.roa
File: 1JoGQmGprxJBqCAllteEjQe2mOI.roa (raw, json)
Hash identifier: v1io1uGEAQ+zQFG59+U6hrWSx86a0crCoyWm3/jQtvQ=
Subject key identifier: D4:9A:06:42:61:A9:AF:12:41:A8:20:25:96:D7:84:8D:07:B6:98:E2
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0EC9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/1JoGQmGprxJBqCAllteEjQe2mOI.roa
Signing time: Tue 15 Feb 2022 05:49:51 +0000
ROA not before: Tue 15 Feb 2022 05:49:51 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9922
IP address blocks: 124.218.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3785 (0xec9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 15 05:49:51 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=D49A064261A9AF1241A8202596D7848D07B698E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:08:e5:26:fd:f6:7e:c8:63:37:2c:ab:71:
aa:3c:05:17:5b:8f:fb:37:17:70:33:c6:96:93:21:
e8:3f:b4:90:23:cc:31:a7:f9:9b:41:14:2c:c9:a1:
4b:cb:71:91:c7:d4:2e:80:90:36:90:a9:03:69:e8:
09:30:96:c0:cb:c4:4f:72:7d:4f:a9:fa:73:52:19:
3f:e0:8b:ea:81:1c:e1:78:37:a6:25:4d:38:1a:e5:
ea:59:02:07:80:7a:25:39:fc:74:54:67:dd:62:8f:
62:22:f1:2c:1a:7e:61:ea:ba:11:d3:e9:dc:12:ca:
a4:04:94:50:e0:d2:c6:47:08:26:66:d9:8b:77:f8:
21:6d:05:97:28:fd:4c:18:35:78:31:8c:e9:46:24:
7b:04:05:1f:0c:aa:6d:13:25:69:0f:96:21:2e:81:
8d:62:0c:da:09:28:10:e8:23:ab:6f:ac:18:d8:e7:
35:af:82:a1:8c:1c:b8:84:04:e7:47:be:96:f2:9a:
b8:95:a4:9c:67:e5:46:19:60:79:a0:ca:91:3c:f8:
e4:9b:4f:e0:d7:09:bd:22:08:cd:39:ee:8e:9f:e0:
36:c9:27:2a:f2:22:35:10:b0:5a:66:69:81:b6:4e:
42:18:3f:72:b7:f8:df:81:96:26:61:be:7a:86:b2:
db:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:9A:06:42:61:A9:AF:12:41:A8:20:25:96:D7:84:8D:07:B6:98:E2
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/1JoGQmGprxJBqCAllteEjQe2mOI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.68.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:1b:14:96:97:64:e5:ea:60:82:70:cc:f2:d9:48:ec:23:8f:
6f:37:ea:12:19:f7:3e:75:6a:5b:40:bf:5c:32:df:31:8e:83:
8f:06:bc:a0:bc:05:78:93:2b:9d:bb:e0:ac:69:df:57:88:35:
e0:76:9b:e0:1f:06:5e:dd:e2:fb:89:39:1e:fe:29:c8:92:c5:
2c:2f:66:a6:0a:ee:15:fe:c1:da:3b:a4:e4:6b:0f:fc:89:2c:
71:65:2c:8c:54:da:b6:f7:28:88:94:d6:ee:33:ee:e7:0f:d7:
d8:8d:3a:a2:ad:12:28:62:88:f0:14:e5:ed:c6:59:22:f5:8d:
8f:40:c3:d4:03:19:bd:c0:bf:3e:dc:c1:47:76:8c:21:d4:9e:
9e:50:34:f2:5c:67:8a:e4:a1:3f:f8:0b:27:10:41:f4:20:36:
ef:cb:c2:a0:54:1d:ba:84:40:e5:8f:c5:d4:fb:3c:ad:80:8e:
3a:6a:ae:f9:61:4d:b1:73:1d:c4:84:31:43:1e:94:7e:1f:be:
c5:03:8a:7d:ce:e3:2f:b2:cf:44:5d:83:f2:9a:c2:72:0c:0e:
f7:21:3f:73:a2:f1:49:3e:93:2b:3e:fe:85:b7:79:17:1c:44:
81:01:7e:6f:15:42:ad:5a:46:7c:fd:4e:4c:f1:57:ea:2a:27:
af:d0:ad:e6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDskwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjAyMTUw
NTQ5NTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQ0OUEwNjQyNjFBOUFG
MTI0MUE4MjAyNTk2RDc4NDhEMDdCNjk4RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0VQjlJv32fshjNyyrcao8BRdbj/s3F3AzxpaTIeg/tJAjzDGn
+ZtBFCzJoUvLcZHH1C6AkDaQqQNp6AkwlsDLxE9yfU+p+nNSGT/gi+qBHOF4N6Yl
TTga5epZAgeAeiU5/HRUZ91ij2Ii8SwafmHquhHT6dwSyqQElFDg0sZHCCZm2Yt3
+CFtBZco/UwYNXgxjOlGJHsEBR8Mqm0TJWkPliEugY1iDNoJKBDoI6tvrBjY5zWv
gqGMHLiEBOdHvpbymriVpJxn5UYZYHmgypE8+OSbT+DXCb0iCM057o6f4DbJJyry
IjUQsFpmaYG2TkIYP3K3+N+BliZhvnqGstudAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU1JoGQmGprxJBqCAllteEjQe2mOIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMUpvR1FtR3ByeEpCcUNBbGx0ZUVq
UWUybU9JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnzaRDAN
BgkqhkiG9w0BAQsFAAOCAQEAexsUlpdk5epggnDM8tlI7COPbzfqEhn3PnVqW0C/
XDLfMY6Djwa8oLwFeJMrnbvgrGnfV4g14Hab4B8GXt3i+4k5Hv4pyJLFLC9mpgru
Ff7B2juk5GsP/IkscWUsjFTatvcoiJTW7jPu5w/X2I06oq0SKGKI8BTl7cZZIvWN
j0DD1AMZvcC/PtzBR3aMIdSenlA08lxniuShP/gLJxBB9CA278vCoFQduoRA5Y/F
1Ps8rYCOOmqu+WFNsXMdxIQxQx6Ufh++xQOKfc7jL7LPRF2D8prCcgwO9yE/c6Lx
ST6TKz7+hbd5FxxEgQF+bxVCrVpGfP1OTPFX6ionr9Ct5g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:53 2023 by rpki-client on console-fra.rpki-client.org