Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/9aOhwITPMRJWRjXmbJjbMyCFdA0.roa
File: 9aOhwITPMRJWRjXmbJjbMyCFdA0.roa (raw, json)
Hash identifier: oChdJAlYm5bn0LdVvdRVGBIZ0+dTWCjUMhAM4fLRs80=
Subject key identifier: F5:A3:A1:C0:84:CF:31:12:56:46:35:E6:6C:98:DB:33:20:85:74:0D
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DEC
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/9aOhwITPMRJWRjXmbJjbMyCFdA0.roa
Signing time: Wed 29 Sep 2021 02:39:44 +0000
ROA not before: Wed 29 Sep 2021 02:39:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7482
IP address blocks: 210.202.96.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3564 (0xdec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=F5A3A1C084CF3112564635E66C98DB332085740D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c1:6b:16:3a:fd:53:6c:ee:27:f2:a3:fe:cb:
60:f8:f1:4e:64:55:c9:a4:a2:bb:71:8e:56:b2:de:
df:bc:bf:a0:06:03:bb:71:2b:eb:6f:71:37:1a:23:
db:6f:bb:58:09:17:ec:69:48:23:25:7f:79:0f:cb:
3a:c0:f4:b8:91:eb:bf:ab:fc:73:e6:88:80:82:db:
e2:c5:b8:09:d9:d1:6d:d6:1a:91:42:5a:09:51:44:
9d:a8:e7:85:f3:23:8c:94:60:f8:73:89:f6:c2:2c:
d4:f2:4a:31:18:a8:03:c3:2d:f2:c0:c1:46:aa:eb:
cb:4d:13:57:7c:40:cc:77:c5:0b:19:0e:aa:e1:67:
06:b7:85:58:4e:e6:34:f6:ce:52:07:10:3e:43:63:
d7:cb:9c:eb:70:b2:c4:10:2c:1f:11:71:de:75:2e:
79:26:96:a7:e5:cc:a7:00:e6:89:ed:0a:06:09:c9:
a0:b4:95:18:48:e9:d4:3f:0d:d1:b7:87:3a:d2:3b:
be:ce:31:bf:20:f4:25:52:e7:d9:42:9f:37:cf:cb:
84:1f:3e:9b:f1:14:2b:7b:df:59:1f:37:86:ec:b3:
b0:ff:38:3b:c8:b3:bd:cb:07:a9:ae:b4:a9:c3:cd:
47:68:aa:f6:05:90:71:f5:96:ab:43:31:e4:59:21:
0e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A3:A1:C0:84:CF:31:12:56:46:35:E6:6C:98:DB:33:20:85:74:0D
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/9aOhwITPMRJWRjXmbJjbMyCFdA0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.96.0/20
Signature Algorithm: sha256WithRSAEncryption
44:d8:f0:1c:39:c0:62:7a:f9:42:18:8e:0f:ad:0d:0b:ca:00:
0d:35:33:ba:c7:f0:8d:8b:f5:ea:af:46:23:38:a7:72:ac:55:
73:9a:eb:d4:66:12:88:4c:e9:4c:07:a8:f7:77:d2:0b:4d:0c:
25:37:05:d5:bf:31:d4:72:db:6c:b9:91:85:55:10:56:ab:b0:
3f:1e:f8:2b:18:09:a3:90:8f:28:f4:25:e4:47:28:de:db:f5:
c4:ff:0a:15:85:fe:d1:31:b4:38:d9:2f:1e:f2:c7:bf:1a:54:
42:32:e6:13:8a:db:6a:93:4b:54:1e:7f:83:64:86:46:8f:b7:
af:54:43:a4:2f:dd:26:0d:78:ca:40:3f:24:5d:b8:1c:ea:d1:
6f:38:37:16:5e:7c:17:67:ad:a1:a2:e8:0f:02:b5:8c:58:ce:
bf:5e:98:6a:44:5f:6f:ba:0b:5a:2c:c4:e2:e1:43:43:e3:fc:
ff:ec:9a:5c:51:59:0b:07:3a:c7:1f:1f:31:cf:6c:44:fe:c2:
a5:4a:e8:f6:ed:89:b3:06:12:6c:d6:e3:cf:5c:d8:3b:e4:70:
90:e8:46:76:0f:65:76:bb:e6:05:5a:39:0a:6b:57:92:ce:2e:
15:48:5f:4a:56:6e:48:88:a9:3c:e1:d7:a2:f1:85:79:fd:89:
f8:ac:aa:84
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEY1QTNBMUMwODRDRjMx
MTI1NjQ2MzVFNjZDOThEQjMzMjA4NTc0MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8wWsWOv1TbO4n8qP+y2D48U5kVcmkortxjlay3t+8v6AGA7tx
K+tvcTcaI9tvu1gJF+xpSCMlf3kPyzrA9LiR67+r/HPmiICC2+LFuAnZ0W3WGpFC
WglRRJ2o54XzI4yUYPhzifbCLNTySjEYqAPDLfLAwUaq68tNE1d8QMx3xQsZDqrh
Zwa3hVhO5jT2zlIHED5DY9fLnOtwssQQLB8Rcd51LnkmlqflzKcA5ontCgYJyaC0
lRhI6dQ/DdG3hzrSO77OMb8g9CVS59lCnzfPy4QfPpvxFCt731kfN4bss7D/ODvI
s73LB6mutKnDzUdoqvYFkHH1lqtDMeRZIQ5LAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU9aOhwITPMRJWRjXmbJjbMyCFdA0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvOWFPaHdJVFBNUkpXUmpYbWJKamJN
eUNGZEEwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLKYDAN
BgkqhkiG9w0BAQsFAAOCAQEARNjwHDnAYnr5QhiOD60NC8oADTUzusfwjYv16q9G
IzincqxVc5rr1GYSiEzpTAeo93fSC00MJTcF1b8x1HLbbLmRhVUQVquwPx74KxgJ
o5CPKPQl5Eco3tv1xP8KFYX+0TG0ONkvHvLHvxpUQjLmE4rbapNLVB5/g2SGRo+3
r1RDpC/dJg14ykA/JF24HOrRbzg3Fl58F2etoaLoDwK1jFjOv16YakRfb7oLWizE
4uFDQ+P8/+yaXFFZCwc6xx8fMc9sRP7CpUro9u2JswYSbNbjz1zYO+RwkOhGdg9l
drvmBVo5CmtXks4uFUhfSlZuSIipPOHXovGFef2J+KyqhA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org