Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/7GTtYBAskVpB7gOxMu1xEygl9PA.roa
File: 7GTtYBAskVpB7gOxMu1xEygl9PA.roa (raw, json)
Hash identifier: aLrkMYxLWb7gvvFo+/xR+8RJMhtR5UB2ANq8oIdhN6o=
Subject key identifier: EC:64:ED:60:10:2C:91:5A:41:EE:03:B1:32:ED:71:13:28:25:F4:F0
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DC0
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/7GTtYBAskVpB7gOxMu1xEygl9PA.roa
Signing time: Wed 29 Sep 2021 02:39:31 +0000
ROA not before: Wed 29 Sep 2021 02:39:31 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9311
IP address blocks: 203.79.220.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3520 (0xdc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:31 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=EC64ED60102C915A41EE03B132ED71132825F4F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:61:87:ff:7c:f5:b7:6c:50:94:16:c3:c1:19:
28:45:97:03:94:5b:84:96:92:c3:c4:51:32:90:1a:
22:70:24:21:db:dc:8e:0a:df:db:59:21:8d:a7:f1:
a4:c3:70:1e:1f:2c:0d:62:98:4a:ed:35:98:48:40:
d6:e9:30:80:3b:65:e6:d6:d8:00:d1:de:2a:f1:c4:
9b:94:52:aa:fd:c0:96:ae:f4:2a:ab:b1:df:50:45:
f9:e0:c9:bb:ce:67:25:9e:72:4e:72:49:16:7a:9a:
08:84:52:4e:58:79:80:d7:88:5e:7d:bb:80:bd:b9:
9a:e4:d4:d7:78:1a:13:fa:d0:98:f1:7f:3a:2f:5b:
fb:3b:2a:3c:93:e2:33:f6:6a:a5:bd:94:b4:63:f8:
c3:dd:f7:e5:ac:92:51:9a:37:d8:c3:65:f4:03:78:
69:e9:e4:6e:74:11:67:54:69:ae:c1:bb:4d:77:63:
51:fc:03:99:31:39:80:20:8e:0b:ac:e7:54:60:41:
86:b4:06:22:da:cb:da:2b:d4:a9:f3:9a:63:ff:a9:
bb:f6:f5:ac:b9:dd:af:54:ae:4a:5e:e5:52:6c:60:
c4:91:f7:07:05:82:8a:47:fa:07:59:38:e4:ad:9d:
d3:f9:d2:33:d8:96:95:14:d8:18:7e:a6:35:b6:70:
79:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:64:ED:60:10:2C:91:5A:41:EE:03:B1:32:ED:71:13:28:25:F4:F0
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/7GTtYBAskVpB7gOxMu1xEygl9PA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.220.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:b4:35:95:a2:e8:36:c2:52:97:d2:bf:f9:9c:c9:53:a2:55:
4e:94:db:7c:e4:37:c4:11:ed:05:8b:76:6f:3c:55:42:7c:ce:
66:ff:19:71:32:3d:11:e8:50:9c:a8:2f:07:a5:9a:b0:31:bd:
c4:25:ef:6c:d9:7d:eb:00:bf:16:5b:1f:b2:c6:ba:bc:67:f5:
2d:e1:81:37:af:a3:76:ea:fb:72:67:f4:b9:44:12:50:c2:f2:
d1:a7:7c:04:26:44:c4:dd:fd:ea:52:5e:74:73:ae:36:47:86:
b1:c6:af:d6:7c:25:56:01:8e:d5:dd:48:c6:53:41:9a:03:c5:
81:e2:08:d5:f3:ce:a7:df:d0:84:e7:fc:96:df:7a:8d:f1:f7:
db:18:31:c0:d2:cc:2a:dd:df:b4:a9:11:37:25:37:e2:7c:07:
d8:60:a1:ae:f2:80:2f:a1:53:d6:ef:db:19:43:0f:8c:cd:10:
ec:59:19:e4:d8:c0:50:24:12:dc:e4:13:57:b2:67:7e:74:c1:
6d:b6:a6:ab:68:be:79:3d:9a:b2:e9:e4:98:6e:0e:5d:9a:60:
8a:a3:f6:fd:7c:4c:e8:95:1a:87:63:2e:be:40:87:bb:85:3f:
c7:2b:f3:d7:17:af:82:e8:ea:78:e8:20:3f:3f:31:79:f7:76:
bf:b4:39:ce
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MzFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEVDNjRFRDYwMTAyQzkx
NUE0MUVFMDNCMTMyRUQ3MTEzMjgyNUY0RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3YYf/fPW3bFCUFsPBGShFlwOUW4SWksPEUTKQGiJwJCHb3I4K
39tZIY2n8aTDcB4fLA1imErtNZhIQNbpMIA7ZebW2ADR3irxxJuUUqr9wJau9Cqr
sd9QRfngybvOZyWeck5ySRZ6mgiEUk5YeYDXiF59u4C9uZrk1Nd4GhP60Jjxfzov
W/s7KjyT4jP2aqW9lLRj+MPd9+WsklGaN9jDZfQDeGnp5G50EWdUaa7Bu013Y1H8
A5kxOYAgjgus51RgQYa0BiLay9or1KnzmmP/qbv29ay53a9Urkpe5VJsYMSR9wcF
gopH+gdZOOStndP50jPYlpUU2Bh+pjW2cHn7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU7GTtYBAskVpB7gOxMu1xEygl9PAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvN0dUdFlCQXNrVnBCN2dPeE11MXhF
eWdsOVBBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAstP3DAN
BgkqhkiG9w0BAQsFAAOCAQEAoLQ1laLoNsJSl9K/+ZzJU6JVTpTbfOQ3xBHtBYt2
bzxVQnzOZv8ZcTI9EehQnKgvB6WasDG9xCXvbNl96wC/Flsfssa6vGf1LeGBN6+j
dur7cmf0uUQSUMLy0ad8BCZExN396lJedHOuNkeGscav1nwlVgGO1d1IxlNBmgPF
geII1fPOp9/QhOf8lt96jfH32xgxwNLMKt3ftKkRNyU34nwH2GChrvKAL6FT1u/b
GUMPjM0Q7FkZ5NjAUCQS3OQTV7JnfnTBbbamq2i+eT2asunkmG4OXZpgiqP2/XxM
6JUah2MuvkCHu4U/xyvz1xevgujqeOggPz8xefd2v7Q5zg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-fra.rpki-client.org