Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/3Kkgu91AyJoaDXJnGniumAKW8FE.roa
File: 3Kkgu91AyJoaDXJnGniumAKW8FE.roa (raw, json)
Hash identifier: 7VpmeOI2HTZlKjXjjqJEtOMZuOrJSZxky2c5C9fwbo8=
Subject key identifier: DC:A9:20:BB:DD:40:C8:9A:1A:0D:72:67:1A:78:AE:98:02:96:F0:51
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DD9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3Kkgu91AyJoaDXJnGniumAKW8FE.roa
Signing time: Wed 29 Sep 2021 02:39:38 +0000
ROA not before: Wed 29 Sep 2021 02:39:38 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 210.201.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3545 (0xdd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:38 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DCA920BBDD40C89A1A0D72671A78AE980296F051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a3:23:20:f5:11:cc:53:d9:3a:dc:35:72:0a:
e7:5e:97:27:80:24:9f:dd:9a:e7:c6:4e:cb:e4:6d:
0d:08:66:be:8e:d3:59:fa:67:4b:e2:47:65:bd:1a:
27:9b:c9:79:28:ea:c9:1d:c3:56:62:b5:d2:a2:1a:
6f:ed:6e:c1:ca:39:fb:10:2a:b7:3a:f6:78:be:21:
fe:49:a9:14:51:5b:81:48:3b:cb:d6:8c:ca:59:d4:
98:fd:dc:aa:ec:d3:37:9f:3c:74:eb:d2:d4:3f:12:
15:c2:50:cd:d1:41:8d:6d:c9:4a:3e:02:90:40:f2:
59:f0:91:bd:4a:31:ec:39:52:9d:01:52:13:a7:7e:
d7:ac:62:70:a3:7b:26:aa:66:cc:df:08:be:7f:97:
c9:46:56:3f:e2:cb:85:27:6f:d2:60:f2:32:ff:f1:
89:33:a6:6d:ad:54:27:8a:ee:01:3e:5e:31:87:41:
d6:48:35:39:f4:08:f0:ae:ff:2d:9b:1f:76:e7:75:
17:de:53:5f:68:dd:85:af:3a:76:97:22:61:ad:09:
48:cb:6e:29:c0:21:06:9f:99:ca:7c:b1:d7:0c:43:
76:92:66:f1:82:ff:94:d4:02:89:a9:c8:cc:e1:6b:
c9:18:0a:ff:e8:0a:0d:bb:44:8b:9c:34:e5:5b:66:
96:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A9:20:BB:DD:40:C8:9A:1A:0D:72:67:1A:78:AE:98:02:96:F0:51
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3Kkgu91AyJoaDXJnGniumAKW8FE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:39:89:a3:ac:c2:82:63:7e:9b:25:60:ec:3a:c8:50:99:7f:
8c:ef:a7:d0:e9:0a:46:17:88:fb:5b:0b:9e:81:cf:02:a5:07:
fb:70:f3:ba:87:0f:18:65:9f:01:12:48:9b:dd:e5:a8:f3:6d:
78:28:89:20:f0:f2:0b:62:1f:f8:9e:2b:4d:fa:f7:1f:73:5d:
28:07:46:c4:a7:1a:9c:d5:ed:4a:f1:5f:ce:a4:d5:d7:58:a3:
42:e7:a3:60:a0:6d:8b:2c:b0:ca:f0:1b:1e:c2:e8:d4:dc:36:
22:81:de:a0:fd:11:6b:aa:de:9c:62:25:e8:a0:2d:8e:59:46:
e7:2c:51:a8:39:17:48:83:10:65:c5:39:b0:c8:b8:37:22:89:
23:d2:97:be:f4:f3:21:f5:77:ea:fb:6f:0a:97:01:e4:35:7a:
c5:a1:9d:2a:42:5f:5f:88:5d:b9:48:b7:1a:38:d5:f1:2d:bc:
b0:a1:20:3c:2e:54:88:42:3a:6b:56:32:6d:a5:c1:d0:5b:5a:
02:65:7d:1e:1b:8f:2f:fa:89:a6:85:8b:33:a9:b1:41:7b:c8:
24:34:d2:9f:c8:9f:3c:33:81:0f:66:2c:5b:2a:49:3a:fc:07:
51:26:bf:39:4c:92:97:b2:90:54:82:ad:a2:00:57:f6:c0:97:
65:cf:ca:9d
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MzhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERDQTkyMEJCREQ0MEM4
OUExQTBENzI2NzFBNzhBRTk4MDI5NkYwNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMoyMg9RHMU9k63DVyCudelyeAJJ/dmufGTsvkbQ0IZr6O01n6
Z0viR2W9GiebyXko6skdw1ZitdKiGm/tbsHKOfsQKrc69ni+If5JqRRRW4FIO8vW
jMpZ1Jj93Krs0zefPHTr0tQ/EhXCUM3RQY1tyUo+ApBA8lnwkb1KMew5Up0BUhOn
ftesYnCjeyaqZszfCL5/l8lGVj/iy4Unb9Jg8jL/8Ykzpm2tVCeK7gE+XjGHQdZI
NTn0CPCu/y2bH3bndRfeU19o3YWvOnaXImGtCUjLbinAIQafmcp8sdcMQ3aSZvGC
/5TUAompyMzha8kYCv/oCg27RIucNOVbZpYLAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU3Kkgu91AyJoaDXJnGniumAKW8FEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvM0trZ3U5MUF5Sm9hRFhKbkduaXVt
QUtXOEZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANLJMA0G
CSqGSIb3DQEBCwUAA4IBAQAYOYmjrMKCY36bJWDsOshQmX+M76fQ6QpGF4j7Wwue
gc8CpQf7cPO6hw8YZZ8BEkib3eWo8214KIkg8PILYh/4nitN+vcfc10oB0bEpxqc
1e1K8V/OpNXXWKNC56NgoG2LLLDK8BsewujU3DYigd6g/RFrqt6cYiXooC2OWUbn
LFGoORdIgxBlxTmwyLg3Iokj0pe+9PMh9Xfq+28KlwHkNXrFoZ0qQl9fiF25SLca
ONXxLbywoSA8LlSIQjprVjJtpcHQW1oCZX0eG48v+ommhYszqbFBe8gkNNKfyJ88
M4EPZixbKkk6/AdRJr85TJKXspBUgq2iAFf2wJdlz8qd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org