Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/2Bf8WvlNobN_1hz1NZWCa6xsuEE.roa
File: 2Bf8WvlNobN_1hz1NZWCa6xsuEE.roa (raw, json)
Hash identifier: HaYBZd1Ujrys6SqcMySjIScNUW5bgOqJ+sigp/+bnCk=
Subject key identifier: D8:17:FC:5A:F9:4D:A1:B3:7F:D6:1C:F5:35:95:82:6B:AC:6C:B8:41
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C0F
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2Bf8WvlNobN_1hz1NZWCa6xsuEE.roa
Signing time: Sun 07 Feb 2021 11:34:45 +0000
ROA not before: Sun 07 Feb 2021 11:34:45 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24154
IP address blocks: 210.202.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3087 (0xc0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:34:45 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D817FC5AF94DA1B37FD61CF53595826BAC6CB841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b9:c2:1f:18:b7:08:e2:c5:48:e2:77:f8:36:
f4:1d:07:bf:a4:8a:e8:bb:a1:60:0e:73:2b:2e:e7:
03:8f:35:a7:3d:25:9d:3c:f9:66:39:e5:a5:80:a6:
bc:f2:4a:19:d6:c4:3a:d3:d2:17:30:83:fe:3a:3d:
a2:79:69:df:95:be:48:f4:3b:1e:dc:f7:26:40:28:
13:c6:d0:51:da:f2:bb:27:90:ea:83:9d:e7:b8:cb:
23:80:92:35:c4:da:f2:e2:38:11:ce:80:a7:26:f0:
45:b1:97:1c:3d:97:e9:55:5c:c6:c8:46:fd:69:1c:
cd:67:4e:80:61:f7:0b:ee:69:f3:14:4e:ca:b5:d9:
30:40:d4:cd:63:53:49:71:15:87:c7:fd:11:53:15:
f8:c5:c5:5e:64:5c:24:b1:4e:07:da:4d:b1:a2:91:
2b:db:94:aa:81:3e:82:ad:97:2a:fa:08:11:bf:6e:
74:20:8a:ad:2e:60:1e:34:8f:96:d6:51:e0:c3:8a:
69:1a:ed:62:47:4c:b3:da:77:a7:87:14:95:91:b1:
b9:41:84:24:4e:98:57:c7:3c:f5:24:ec:0d:69:76:
17:fa:01:11:51:96:a3:af:f3:db:95:4b:18:d5:b9:
92:fb:4c:46:95:b4:08:92:19:76:94:9e:b7:d2:f4:
be:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:17:FC:5A:F9:4D:A1:B3:7F:D6:1C:F5:35:95:82:6B:AC:6C:B8:41
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2Bf8WvlNobN_1hz1NZWCa6xsuEE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.48.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:b1:0b:aa:a6:99:3d:93:f9:f7:cb:2c:77:fa:56:92:b4:17:
7f:bb:6c:9f:9e:2d:12:e4:e2:36:8a:6e:e7:3e:ca:0b:a3:75:
5e:53:53:36:f1:e6:43:f2:d8:9d:58:43:96:42:8a:06:78:af:
6a:fe:bf:16:88:8f:54:4e:03:f2:c7:4b:36:77:85:24:bc:74:
2a:97:b2:e1:25:bf:19:b6:eb:d2:2d:7d:b9:86:9c:0c:4c:8d:
d0:d9:29:81:e5:72:79:df:4b:06:41:9f:31:8a:f5:d0:12:07:
76:18:de:9f:d7:e8:57:54:ef:93:9d:b6:63:22:52:62:28:d7:
7a:c4:67:9f:aa:e1:c4:3e:5e:ba:23:2c:c3:01:27:b4:90:4c:
74:b2:0a:05:a0:b1:f8:0e:56:7b:bb:87:59:81:ca:cc:35:01:
f2:82:13:f9:2a:3d:a1:e8:83:bb:9f:c9:5c:28:a3:6b:21:72:
82:ba:be:47:65:ce:45:d5:40:ce:f5:a6:1a:03:de:77:f3:cc:
29:46:16:86:31:61:fd:5c:67:3c:c8:8c:b3:45:46:a5:36:01:
b6:2c:7c:17:d1:25:ff:88:72:74:45:a8:05:db:45:72:39:f0:
49:89:f4:ec:f4:61:3d:f4:15:2d:e5:2d:e6:e7:b2:91:d3:bd:
5c:b6:07:6d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDA8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM0NDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ4MTdGQzVBRjk0REEx
QjM3RkQ2MUNGNTM1OTU4MjZCQUM2Q0I4NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8ucIfGLcI4sVI4nf4NvQdB7+kiui7oWAOcysu5wOPNac9JZ08
+WY55aWAprzyShnWxDrT0hcwg/46PaJ5ad+Vvkj0Ox7c9yZAKBPG0FHa8rsnkOqD
nee4yyOAkjXE2vLiOBHOgKcm8EWxlxw9l+lVXMbIRv1pHM1nToBh9wvuafMUTsq1
2TBA1M1jU0lxFYfH/RFTFfjFxV5kXCSxTgfaTbGikSvblKqBPoKtlyr6CBG/bnQg
iq0uYB40j5bWUeDDimka7WJHTLPad6eHFJWRsblBhCROmFfHPPUk7A1pdhf6ARFR
lqOv89uVSxjVuZL7TEaVtAiSGXaUnrfS9L7/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2Bf8WvlNobN/1hz1NZWCa6xsuEEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMkJmOFd2bE5vYk5fMWh6MU5aV0Nh
NnhzdUVFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9LKMDAN
BgkqhkiG9w0BAQsFAAOCAQEAirELqqaZPZP598ssd/pWkrQXf7tsn54tEuTiNopu
5z7KC6N1XlNTNvHmQ/LYnVhDlkKKBnivav6/FoiPVE4D8sdLNneFJLx0Kpey4SW/
Gbbr0i19uYacDEyN0NkpgeVyed9LBkGfMYr10BIHdhjen9foV1Tvk522YyJSYijX
esRnn6rhxD5euiMswwEntJBMdLIKBaCx+A5We7uHWYHKzDUB8oIT+So9oeiDu5/J
XCijayFygrq+R2XORdVAzvWmGgPed/PMKUYWhjFh/VxnPMiMs0VGpTYBtix8F9El
/4hydEWoBdtFcjnwSYn07PRhPfQVLeUt5ueykdO9XLYHbQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org