Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/2qg_agBle82MCApJGvdrA0VsxJc.roa
File: 2qg_agBle82MCApJGvdrA0VsxJc.roa (raw, json)
Hash identifier: dsXY4N3BfgjxLRO7B9iJx1IbkcELBq3wN3MERgglr9g=
Subject key identifier: DA:A8:3F:6A:00:65:7B:CD:8C:08:0A:49:1A:F7:6B:03:45:6C:C4:97
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E17
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2qg_agBle82MCApJGvdrA0VsxJc.roa
Signing time: Wed 29 Sep 2021 02:39:57 +0000
ROA not before: Wed 29 Sep 2021 02:39:57 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7482
IP address blocks: 210.58.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3607 (0xe17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:57 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DAA83F6A00657BCD8C080A491AF76B03456CC497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:81:77:a6:73:d0:51:ef:e9:45:8e:75:52:a3:
36:75:d7:3b:91:be:04:47:8c:5d:60:1b:de:18:1a:
e0:6e:cc:3c:8a:c9:5a:6a:60:1c:62:69:02:6b:10:
8a:6e:af:9b:36:e3:00:03:38:64:0b:5b:a7:c1:ff:
2b:fc:63:ee:75:a7:48:f5:3f:2a:86:3d:7c:a3:2e:
db:58:e9:0d:52:d7:22:73:0f:3c:cd:10:68:4b:d4:
1c:f0:c0:9d:3a:49:c1:cf:c0:2f:9b:e1:d8:95:66:
db:38:07:8a:9a:bc:0e:5c:6c:4b:70:79:09:af:11:
39:8e:05:fd:4f:87:2d:2d:cd:ef:59:17:66:da:22:
8d:d7:09:8a:ed:9f:b4:74:cf:43:46:c1:0b:ab:a2:
4c:42:67:59:54:89:16:d6:bc:b1:31:6f:a8:22:4c:
d2:cd:7b:3b:88:e3:0f:bf:3b:b0:31:35:c6:ad:9f:
fd:7b:18:3f:1a:9e:45:d6:d0:16:fb:44:c9:e1:02:
73:96:54:b3:4d:c2:5a:d1:03:71:f9:eb:b1:f6:9d:
47:ea:c9:ce:73:45:f1:60:e9:c7:2a:92:ea:e4:f8:
42:76:76:3f:57:37:34:d6:a9:37:5c:11:5a:36:14:
44:7b:6d:06:90:76:b9:91:e2:ab:a3:e9:09:03:ff:
63:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A8:3F:6A:00:65:7B:CD:8C:08:0A:49:1A:F7:6B:03:45:6C:C4:97
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2qg_agBle82MCApJGvdrA0VsxJc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:0a:d0:89:f0:2f:88:fe:36:b5:42:c4:04:3e:98:f2:a1:b8:
42:ee:94:e5:35:cd:e0:f6:a2:15:4f:4f:ef:6d:a7:a8:c4:c6:
8c:60:eb:ad:df:04:a2:8a:15:f3:e5:55:4e:26:c3:c3:dd:7f:
f8:ae:f1:d7:65:08:b2:22:c4:ab:9f:b5:c4:c2:9b:f3:7a:31:
a4:ce:97:ec:51:3a:8f:06:a8:6e:9e:d6:20:e4:64:d1:5b:a5:
10:98:07:41:91:43:fb:b4:f2:89:fc:7a:eb:2b:6f:56:2f:3f:
c7:74:34:c1:c5:60:9e:c6:65:a8:4a:56:d8:5f:67:12:cc:4a:
63:be:71:21:97:9b:e5:32:6d:ec:f8:e6:41:37:2a:cf:90:75:
68:7a:eb:2b:95:95:7f:2d:5d:f7:eb:5f:c9:99:a2:d7:8f:87:
49:a3:69:96:ab:62:0b:dd:5b:ff:8e:fb:3e:ab:23:f1:f7:0b:
ed:3f:22:49:46:e0:61:a0:e4:f7:6c:ec:f2:93:c3:b2:39:7a:
a8:d9:6f:68:84:44:dd:32:0b:44:0a:7d:3e:b8:e5:57:51:1c:
d4:d7:a8:c0:00:5f:92:7c:93:d2:de:ae:44:57:c0:ae:f2:30:
5b:cf:dd:72:6d:80:48:87:6e:3a:51:25:48:e3:c4:49:db:1a:
67:ff:56:2a
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDhcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERBQTgzRjZBMDA2NTdC
Q0Q4QzA4MEE0OTFBRjc2QjAzNDU2Q0M0OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXgXemc9BR7+lFjnVSozZ11zuRvgRHjF1gG94YGuBuzDyKyVpq
YBxiaQJrEIpur5s24wADOGQLW6fB/yv8Y+51p0j1PyqGPXyjLttY6Q1S1yJzDzzN
EGhL1BzwwJ06ScHPwC+b4diVZts4B4qavA5cbEtweQmvETmOBf1Phy0tze9ZF2ba
Io3XCYrtn7R0z0NGwQurokxCZ1lUiRbWvLExb6giTNLNezuI4w+/O7AxNcatn/17
GD8ankXW0Bb7RMnhAnOWVLNNwlrRA3H567H2nUfqyc5zRfFg6ccqkurk+EJ2dj9X
NzTWqTdcEVo2FER7bQaQdrmR4quj6QkD/2NBAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU2qg/agBle82MCApJGvdrA0VsxJcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMnFnX2FnQmxlODJNQ0FwSkd2ZHJB
MFZzeEpjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANI6MA0G
CSqGSIb3DQEBCwUAA4IBAQA7CtCJ8C+I/ja1QsQEPpjyobhC7pTlNc3g9qIVT0/v
baeoxMaMYOut3wSiihXz5VVOJsPD3X/4rvHXZQiyIsSrn7XEwpvzejGkzpfsUTqP
BqhuntYg5GTRW6UQmAdBkUP7tPKJ/HrrK29WLz/HdDTBxWCexmWoSlbYX2cSzEpj
vnEhl5vlMm3s+OZBNyrPkHVoeusrlZV/LV3361/JmaLXj4dJo2mWq2IL3Vv/jvs+
qyPx9wvtPyJJRuBhoOT3bOzyk8OyOXqo2W9ohETdMgtECn0+uOVXURzU16jAAF+S
fJPS3q5EV8Cu8jBbz91ybYBIh246USVI48RJ2xpn/1Yq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org