Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/3QTXnyhHTCpAE_BIJDxYgI8oH0I.roa
File: 3QTXnyhHTCpAE_BIJDxYgI8oH0I.roa (raw, json)
Hash identifier: ekT2HLcrCPMtXIOQ8vkikUhIm8+MMhnam2i9Nj+57qY=
Subject key identifier: DD:04:D7:9F:28:47:4C:2A:40:13:F0:48:24:3C:58:80:8F:28:1F:42
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DB9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3QTXnyhHTCpAE_BIJDxYgI8oH0I.roa
Signing time: Wed 29 Sep 2021 02:39:29 +0000
ROA not before: Wed 29 Sep 2021 02:39:29 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7482
IP address blocks: 203.79.192.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3513 (0xdb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:29 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DD04D79F28474C2A4013F048243C58808F281F42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5f:76:e0:bf:4d:7b:4d:76:4d:4b:e4:1d:aa:
07:34:db:c9:55:79:7d:99:7a:3b:40:50:e9:e0:83:
d7:6b:14:5a:5c:ab:2e:54:09:8d:c6:22:51:36:d2:
ab:0c:b4:bd:23:d6:57:97:20:ec:a7:60:c0:54:1b:
06:42:14:5b:24:7e:a8:b8:79:3d:82:31:d5:fd:d0:
68:62:16:f3:ec:43:cf:b3:44:6e:48:e1:6f:33:f7:
09:23:e9:5b:65:cb:26:8d:7d:69:f9:cc:b1:40:0d:
d7:e5:ac:71:3f:2d:9a:50:b9:fc:fc:ad:80:a4:a3:
41:99:7b:d9:4c:7a:d7:47:3a:94:70:ab:4a:94:2a:
c7:3b:f6:9e:c5:46:2c:45:f1:1d:a4:22:09:dd:24:
ce:33:5a:2a:5f:13:23:4b:81:65:c5:04:2c:4e:6f:
b9:87:45:40:54:1b:f6:1b:4a:c6:54:df:89:00:ef:
66:de:de:60:ef:d5:3d:c5:d9:82:cb:05:5a:0c:d8:
2e:f5:67:7b:ab:42:14:02:48:fc:41:06:c3:05:d3:
fe:fe:2b:8b:72:8c:7d:5b:2c:f4:44:ad:dc:52:ab:
54:7b:fc:49:31:88:a7:70:36:de:18:b6:9d:d6:59:
4a:b5:f3:2b:68:92:dc:1b:d1:95:f0:b9:6c:17:4b:
c6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:04:D7:9F:28:47:4C:2A:40:13:F0:48:24:3C:58:80:8F:28:1F:42
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3QTXnyhHTCpAE_BIJDxYgI8oH0I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.192.0/22
Signature Algorithm: sha256WithRSAEncryption
16:0a:0f:73:8b:cf:19:a7:97:a3:6d:dc:4d:10:95:f6:8a:b7:
26:6a:57:aa:d9:a5:4e:3a:e8:b4:e4:fe:c0:19:93:02:27:88:
a9:28:db:d7:16:1b:00:01:85:b1:1b:c4:77:b0:c9:4b:13:b4:
67:01:f2:f1:56:d2:cb:fb:04:8c:bb:d5:6e:78:8c:9d:98:b4:
7e:1c:51:9d:79:e7:92:5e:6d:55:90:d4:d0:1a:ea:2a:e9:fe:
2c:32:c5:32:0e:76:bb:75:cb:20:a0:56:91:1e:e3:9b:65:5e:
b6:16:29:13:9d:06:63:0a:6f:1b:b6:42:1e:ee:b5:79:f2:cd:
7b:59:ea:7a:5c:33:0f:57:d2:9d:51:e5:d9:af:e6:c1:80:37:
e5:aa:14:02:50:0c:37:18:a8:88:04:78:27:90:2f:61:3e:94:
f7:e4:cd:59:32:21:5a:e0:85:6a:32:76:a4:fd:30:f6:52:b1:
63:10:8b:1c:74:3f:11:6a:78:a7:9b:69:45:c6:b7:1b:c7:e0:
2e:0c:2d:db:77:d8:91:db:7f:14:94:e1:80:a8:e5:c5:1d:ea:
23:46:41:e4:53:b8:aa:0c:b5:3e:fa:bb:aa:83:b4:69:87:06:
84:f8:6c:dc:5b:83:0b:fd:d6:0b:16:59:df:60:f8:1e:b9:ad:
66:70:0c:61
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDbkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MjlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEREMDRENzlGMjg0NzRD
MkE0MDEzRjA0ODI0M0M1ODgwOEYyODFGNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWX3bgv017TXZNS+Qdqgc028lVeX2ZejtAUOngg9drFFpcqy5U
CY3GIlE20qsMtL0j1leXIOynYMBUGwZCFFskfqi4eT2CMdX90GhiFvPsQ8+zRG5I
4W8z9wkj6VtlyyaNfWn5zLFADdflrHE/LZpQufz8rYCko0GZe9lMetdHOpRwq0qU
Ksc79p7FRixF8R2kIgndJM4zWipfEyNLgWXFBCxOb7mHRUBUG/YbSsZU34kA72be
3mDv1T3F2YLLBVoM2C71Z3urQhQCSPxBBsMF0/7+K4tyjH1bLPRErdxSq1R7/Ekx
iKdwNt4Ytp3WWUq18ytoktwb0ZXwuWwXS8ZRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3QTXnyhHTCpAE/BIJDxYgI8oH0IwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvM1FUWG55aEhUQ3BBRV9CSUpEeFln
SThvSDBJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAstPwDAN
BgkqhkiG9w0BAQsFAAOCAQEAFgoPc4vPGaeXo23cTRCV9oq3JmpXqtmlTjrotOT+
wBmTAieIqSjb1xYbAAGFsRvEd7DJSxO0ZwHy8VbSy/sEjLvVbniMnZi0fhxRnXnn
kl5tVZDU0BrqKun+LDLFMg52u3XLIKBWkR7jm2VethYpE50GYwpvG7ZCHu61efLN
e1nqelwzD1fSnVHl2a/mwYA35aoUAlAMNxioiAR4J5AvYT6U9+TNWTIhWuCFajJ2
pP0w9lKxYxCLHHQ/EWp4p5tpRca3G8fgLgwt23fYkdt/FJThgKjlxR3qI0ZB5FO4
qgy1Pvq7qoO0aYcGhPhs3FuDC/3WCxZZ32D4HrmtZnAMYQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org