Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/3Vd87gMgmO66uvGxd74FVEYbOtU.roa
File: 3Vd87gMgmO66uvGxd74FVEYbOtU.roa (raw, json)
Hash identifier: yg6uFYe0fD1r3NBwWuI53K9gkoK/Pt9qvwLAP4tEQT4=
Subject key identifier: DD:57:7C:EE:03:20:98:EE:BA:BA:F1:B1:77:BE:05:54:46:1B:3A:D5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 08FD
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3Vd87gMgmO66uvGxd74FVEYbOtU.roa
Signing time: Tue 29 Sep 2020 10:01:19 +0000
ROA not before: Tue 29 Sep 2020 10:01:19 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 210.58.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2301 (0x8fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:19 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=DD577CEE032098EEBABAF1B177BE0554461B3AD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c2:be:50:63:b7:18:2f:47:83:77:da:06:b7:
a8:aa:6a:18:00:50:80:f1:f4:6e:a0:e8:01:c9:4e:
68:57:37:e8:e1:71:b6:20:d0:6a:d7:a1:57:01:13:
95:0c:d7:04:ee:80:a3:ec:7b:bb:65:a4:88:79:c2:
0f:3c:d9:45:57:83:15:c9:51:fe:38:f1:3f:96:21:
71:fa:1b:63:a8:13:9e:e6:65:c9:ce:c2:bf:a1:88:
7f:6c:ea:19:dd:e4:e1:bc:d5:99:00:3e:a4:7b:8c:
db:c5:7e:41:15:2e:46:cd:fe:46:55:e0:bc:4c:b2:
4d:ff:df:88:b8:75:a4:dc:93:66:89:1b:48:fc:0d:
88:d8:c5:34:1c:48:e4:65:24:56:0f:6f:8c:0e:c8:
7d:41:bc:40:2d:30:9b:d2:3d:a1:09:7a:63:72:aa:
e5:d4:74:4d:c1:39:50:67:65:03:21:29:00:6e:bc:
e1:b8:d9:3a:c9:f6:f5:31:8a:45:75:00:5f:23:41:
15:65:19:96:8b:f5:24:00:c1:43:25:6b:12:f6:3f:
72:22:84:40:9d:19:96:ec:cd:38:1b:bf:5b:57:2e:
6a:f1:5e:c1:8a:ce:df:d9:ea:dc:0b:ee:30:14:ab:
ca:29:0c:4b:8f:c9:9c:2b:88:aa:b3:0f:e1:42:fa:
a1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:57:7C:EE:03:20:98:EE:BA:BA:F1:B1:77:BE:05:54:46:1B:3A:D5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3Vd87gMgmO66uvGxd74FVEYbOtU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.120.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ab:2f:59:53:ec:a4:a8:3c:bb:38:57:a6:3b:f9:43:1b:29:
2c:a3:b1:0e:6f:0a:88:af:80:a9:49:c5:75:cf:d1:75:82:c4:
ce:ce:86:d2:79:84:c5:fd:ff:f0:ba:d2:c8:4d:ac:fa:e8:a3:
ac:76:05:f6:5e:ba:c4:90:95:16:f8:2d:52:80:d4:e6:5e:17:
a6:59:1e:a3:e4:a0:ca:00:66:07:57:ff:db:7c:45:90:6b:0c:
87:71:72:0d:3b:7e:36:a6:e5:21:0c:16:79:d7:06:e3:37:54:
8a:dd:b7:48:f3:4d:7c:cf:ce:e3:61:c7:46:e2:9c:26:07:b3:
4e:9a:79:46:5e:5d:83:21:ab:20:cd:b1:8f:6b:3e:fc:00:a1:
35:f6:e9:8c:bc:d7:57:a0:65:2b:6f:a1:c5:2e:50:ff:cb:8b:
17:b3:b9:29:23:3a:a9:43:43:33:4a:b4:ac:02:42:ea:a7:de:
3a:2e:12:fc:f5:77:db:11:eb:af:8b:73:85:15:7b:e8:46:0d:
8c:2b:37:b6:b7:7a:c0:19:aa:38:df:42:f9:5a:fb:c9:ad:0d:
4e:e4:55:ce:5a:af:d3:77:15:c8:ef:20:54:3d:6f:c8:ad:ec:
89:7b:9e:74:da:0d:65:74:2c:32:db:60:0e:71:49:39:27:be:
f6:52:83:ee
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMTlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERENTc3Q0VFMDMyMDk4
RUVCQUJBRjFCMTc3QkUwNTU0NDYxQjNBRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCewr5QY7cYL0eDd9oGt6iqahgAUIDx9G6g6AHJTmhXN+jhcbYg
0GrXoVcBE5UM1wTugKPse7tlpIh5wg882UVXgxXJUf448T+WIXH6G2OoE57mZcnO
wr+hiH9s6hnd5OG81ZkAPqR7jNvFfkEVLkbN/kZV4LxMsk3/34i4daTck2aJG0j8
DYjYxTQcSORlJFYPb4wOyH1BvEAtMJvSPaEJemNyquXUdE3BOVBnZQMhKQBuvOG4
2TrJ9vUxikV1AF8jQRVlGZaL9SQAwUMlaxL2P3IihECdGZbszTgbv1tXLmrxXsGK
zt/Z6twL7jAUq8opDEuPyZwriKqzD+FC+qGHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3Vd87gMgmO66uvGxd74FVEYbOtUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvM1ZkODdnTWdtTzY2dXZHeGQ3NEZW
RVliT3RVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6eDAN
BgkqhkiG9w0BAQsFAAOCAQEAOKsvWVPspKg8uzhXpjv5QxspLKOxDm8KiK+AqUnF
dc/RdYLEzs6G0nmExf3/8LrSyE2s+uijrHYF9l66xJCVFvgtUoDU5l4Xplkeo+Sg
ygBmB1f/23xFkGsMh3FyDTt+NqblIQwWedcG4zdUit23SPNNfM/O42HHRuKcJgez
Tpp5Rl5dgyGrIM2xj2s+/AChNfbpjLzXV6BlK2+hxS5Q/8uLF7O5KSM6qUNDM0q0
rAJC6qfeOi4S/PV32xHrr4tzhRV76EYNjCs3trd6wBmqON9C+Vr7ya0NTuRVzlqv
03cVyO8gVD1vyK3siXuedNoNZXQsMttgDnFJOSe+9lKD7g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org