Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/67RrQ19l8wlTV2kLd3sISXrbMsg.roa
File: 67RrQ19l8wlTV2kLd3sISXrbMsg.roa (raw, json)
Hash identifier: /+kvPuQ4lfLJlSr3j7waKfJ52rFAlYlDOyZ9Klov+U4=
Subject key identifier: EB:B4:6B:43:5F:65:F3:09:53:57:69:0B:77:7B:08:49:7A:DB:32:C8
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0ECF
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/67RrQ19l8wlTV2kLd3sISXrbMsg.roa
Signing time: Fri 18 Feb 2022 07:31:11 +0000
ROA not before: Fri 18 Feb 2022 07:31:11 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9922
IP address blocks: 124.218.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3791 (0xecf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 18 07:31:11 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=EBB46B435F65F3095357690B777B08497ADB32C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:32:32:87:2b:c7:b0:35:74:a6:7b:44:1f:b1:
81:3a:d5:c0:38:43:b7:a0:f4:c0:df:be:af:87:ec:
da:e1:e0:81:67:b6:35:e2:a5:8a:ee:df:8f:50:0e:
e9:47:dd:f2:2c:e1:29:7a:0b:67:6c:cd:18:6a:1e:
d6:df:9e:33:d3:d5:e6:dc:5b:9e:6c:19:3c:13:18:
ed:6d:c6:e6:94:d2:15:69:98:9b:c9:6f:7f:6a:86:
3f:fe:56:ef:95:c7:99:91:74:82:47:83:60:38:81:
77:f9:d5:c5:a9:a9:71:5e:7c:f9:b9:f3:b5:de:b7:
c1:f9:b1:09:2c:62:6c:ba:f4:98:54:67:7c:9a:71:
f9:6a:b0:f6:c5:c6:31:1c:88:87:40:12:b0:ba:e8:
80:a1:ae:a8:41:2f:c5:56:68:ad:a5:26:52:74:65:
d6:a8:45:35:8f:5f:e3:49:cc:c5:ee:bf:94:f3:75:
5d:20:41:0c:8c:f8:1b:80:0b:1c:25:30:c5:8f:46:
6b:03:da:ec:5e:4f:dd:f4:12:1d:c8:d7:d9:d1:f3:
2d:28:f0:10:ed:cc:1d:05:f4:9b:d6:4c:5c:28:cf:
df:42:a0:f8:8c:19:3f:75:87:17:88:d8:ee:88:5f:
c5:9d:4f:20:2a:06:c3:d0:60:dd:94:fa:1b:a9:e4:
be:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B4:6B:43:5F:65:F3:09:53:57:69:0B:77:7B:08:49:7A:DB:32:C8
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/67RrQ19l8wlTV2kLd3sISXrbMsg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.80.0/22
Signature Algorithm: sha256WithRSAEncryption
62:9c:1e:52:3e:ef:07:df:89:48:a2:4a:f4:83:20:7e:b3:d3:
6a:f6:f5:e2:0b:ae:14:8f:8b:c5:e5:43:c4:e3:34:2a:81:22:
21:7a:89:04:74:bb:9d:b5:bb:cc:f2:f6:ab:37:30:92:9a:23:
a5:b4:1c:4b:50:1d:66:34:9a:e6:49:f9:aa:05:e2:f7:07:cb:
97:3f:1c:95:26:b4:fe:f5:c3:55:0d:11:e8:8d:79:14:83:d8:
cd:39:a8:6b:b8:ac:28:b5:29:a7:84:5c:27:71:c1:6f:33:93:
61:fc:d3:14:0a:50:fb:eb:49:26:d4:a9:e9:a2:ff:94:75:92:
14:c6:1a:b4:9e:74:1f:bb:b4:bf:d5:42:7d:ba:aa:b7:c2:7c:
98:2c:b6:7b:49:0f:52:d3:81:5c:ea:e2:b0:2c:d1:a4:c7:c5:
fb:1a:2c:12:3f:db:97:f5:ce:e1:7f:cb:11:76:c8:2b:d4:de:
f5:21:12:0d:30:fe:d7:29:ff:17:c2:94:b8:0d:3a:ee:ae:d7:
a9:b8:c2:87:b3:1d:f9:0f:0f:07:79:7e:7e:2d:4d:4d:cb:d1:
ba:79:d7:1f:78:8b:4a:0e:a1:f4:2f:02:b0:4f:33:8c:30:eb:
d7:7a:e3:d0:01:50:7e:c4:2c:cc:bb:eb:78:7c:26:02:65:97:
98:07:d4:8f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDs8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjAyMTgw
NzMxMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEVCQjQ2QjQzNUY2NUYz
MDk1MzU3NjkwQjc3N0IwODQ5N0FEQjMyQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChMjKHK8ewNXSme0QfsYE61cA4Q7eg9MDfvq+H7Nrh4IFntjXi
pYru349QDulH3fIs4Sl6C2dszRhqHtbfnjPT1ebcW55sGTwTGO1txuaU0hVpmJvJ
b39qhj/+Vu+Vx5mRdIJHg2A4gXf51cWpqXFefPm587Xet8H5sQksYmy69JhUZ3ya
cflqsPbFxjEciIdAErC66IChrqhBL8VWaK2lJlJ0ZdaoRTWPX+NJzMXuv5TzdV0g
QQyM+BuACxwlMMWPRmsD2uxeT930Eh3I19nR8y0o8BDtzB0F9JvWTFwoz99CoPiM
GT91hxeI2O6IX8WdTyAqBsPQYN2U+hup5L4fAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU67RrQ19l8wlTV2kLd3sISXrbMsgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvNjdSclExOWw4d2xUVjJrTGQzc0lT
WHJiTXNnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnzaUDAN
BgkqhkiG9w0BAQsFAAOCAQEAYpweUj7vB9+JSKJK9IMgfrPTavb14guuFI+LxeVD
xOM0KoEiIXqJBHS7nbW7zPL2qzcwkpojpbQcS1AdZjSa5kn5qgXi9wfLlz8clSa0
/vXDVQ0R6I15FIPYzTmoa7isKLUpp4RcJ3HBbzOTYfzTFApQ++tJJtSp6aL/lHWS
FMYatJ50H7u0v9VCfbqqt8J8mCy2e0kPUtOBXOrisCzRpMfF+xosEj/bl/XO4X/L
EXbIK9Te9SESDTD+1yn/F8KUuA067q7XqbjCh7Md+Q8PB3l+fi1NTcvRunnXH3iL
Sg6h9C8CsE8zjDDr13rj0AFQfsQszLvreHwmAmWXmAfUjw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org