Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/CGSbOepe83nUrN0UFmwJI__Xqqw.roa
File: CGSbOepe83nUrN0UFmwJI__Xqqw.roa (raw, json)
Hash identifier: 1hYjf/3PikaeIZtmSabqSVVyuFAgKBAr3moKr5MRofI=
Subject key identifier: 08:64:9B:39:EA:5E:F3:79:D4:AC:DD:14:16:6C:09:23:FF:D7:AA:AC
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C97
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CGSbOepe83nUrN0UFmwJI__Xqqw.roa
Signing time: Sun 07 Feb 2021 11:47:02 +0000
ROA not before: Sun 07 Feb 2021 11:47:02 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 210.203.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3223 (0xc97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:47:02 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=08649B39EA5EF379D4ACDD14166C0923FFD7AAAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e1:9a:50:db:d2:38:13:27:65:63:b5:5b:14:
7d:f8:2a:8e:7f:d5:0c:3f:e4:f6:aa:ee:24:1c:d0:
e5:96:68:fa:50:14:0d:2d:00:df:1b:4e:86:dd:aa:
d2:18:c0:4b:35:4e:53:b4:ef:ef:68:79:fa:ce:d3:
da:b3:a0:1d:2e:fe:30:3a:bf:10:58:a8:0a:d9:5d:
83:cd:f2:26:9f:37:95:bd:65:0c:0d:ac:83:da:0f:
04:4c:68:23:a0:d1:55:f3:c9:c2:d1:ca:fa:8f:ef:
97:e9:25:ae:57:02:e4:fa:10:f4:1c:1a:28:1a:e7:
f1:25:ff:48:30:47:b5:8c:90:58:f6:f0:f9:7a:f6:
b6:ef:7e:34:db:2c:c9:0d:2a:eb:2d:7b:db:92:f5:
dc:2f:15:dd:ca:8e:26:ea:be:89:df:72:01:45:b7:
b7:c4:20:22:ee:29:a8:dd:8a:b2:10:7c:c1:c0:25:
25:2e:e1:94:35:6c:cc:68:2f:ff:60:46:cf:12:e8:
82:e5:bc:72:9b:96:67:f2:76:0e:00:db:1f:2f:00:
ce:11:91:6e:d3:f1:6c:7d:55:fe:d4:0e:68:dc:a7:
80:80:b4:4d:6a:92:bd:b5:ed:82:60:d6:42:b5:bd:
30:8a:58:39:75:3e:73:85:fe:74:45:12:47:31:88:
d7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:64:9B:39:EA:5E:F3:79:D4:AC:DD:14:16:6C:09:23:FF:D7:AA:AC
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CGSbOepe83nUrN0UFmwJI__Xqqw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/24
Signature Algorithm: sha256WithRSAEncryption
40:f5:53:3d:54:2d:50:0d:d2:6a:70:76:05:bb:ee:51:b5:3c:
e0:82:40:c5:f6:62:d7:b5:ae:25:32:a6:20:2b:46:2d:b4:4b:
57:4e:00:1d:70:a5:1a:ef:94:e7:75:77:ae:38:03:85:13:f5:
e4:79:3b:71:2b:84:0a:6f:a7:74:b7:bf:4a:b4:46:98:63:0f:
aa:22:21:18:2d:29:b9:96:19:40:5b:f1:d0:c5:47:86:9a:c3:
3b:84:50:d1:b1:62:49:0e:c9:55:f3:7a:dc:83:3b:55:61:ee:
a7:d3:53:5c:80:80:63:98:37:b1:98:2b:8e:37:a0:4f:83:ac:
f1:bc:26:71:3d:75:1b:2c:40:6b:cb:6e:be:ba:f1:d8:95:3f:
c5:1c:e5:65:d0:ca:db:ed:fb:8a:aa:e1:94:4b:f3:36:f9:47:
ae:34:36:21:ca:0e:83:06:33:e7:97:4c:26:20:a0:d9:15:39:
60:07:4a:85:bb:12:3a:d7:4b:9d:74:fb:62:73:e7:71:cf:d4:
0a:95:2c:f3:5b:fb:1f:c0:ec:39:71:8f:59:c3:e6:e2:a7:8c:
bd:49:5a:53:9c:a0:4f:ab:7b:80:fc:e1:9b:27:a1:4b:f3:14:
1d:27:42:f8:ee:15:90:c8:b7:8f:da:8a:13:70:6e:7a:7b:2c:
41:21:eb:31
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDJcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTQ3MDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA4NjQ5QjM5RUE1RUYz
NzlENEFDREQxNDE2NkMwOTIzRkZEN0FBQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ4ZpQ29I4EydlY7VbFH34Ko5/1Qw/5Paq7iQc0OWWaPpQFA0t
AN8bTobdqtIYwEs1TlO07+9oefrO09qzoB0u/jA6vxBYqArZXYPN8iafN5W9ZQwN
rIPaDwRMaCOg0VXzycLRyvqP75fpJa5XAuT6EPQcGiga5/El/0gwR7WMkFj28Pl6
9rbvfjTbLMkNKuste9uS9dwvFd3KjibqvonfcgFFt7fEICLuKajdirIQfMHAJSUu
4ZQ1bMxoL/9gRs8S6ILlvHKblmfydg4A2x8vAM4RkW7T8Wx9Vf7UDmjcp4CAtE1q
kr217YJg1kK1vTCKWDl1PnOF/nRFEkcxiNeFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCGSbOepe83nUrN0UFmwJI//XqqwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQ0dTYk9lcGU4M25Vck4wVUZtd0pJ
X19YcXF3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANLLADAN
BgkqhkiG9w0BAQsFAAOCAQEAQPVTPVQtUA3SanB2BbvuUbU84IJAxfZi17WuJTKm
ICtGLbRLV04AHXClGu+U53V3rjgDhRP15Hk7cSuECm+ndLe/SrRGmGMPqiIhGC0p
uZYZQFvx0MVHhprDO4RQ0bFiSQ7JVfN63IM7VWHup9NTXICAY5g3sZgrjjegT4Os
8bwmcT11GyxAa8tuvrrx2JU/xRzlZdDK2+37iqrhlEvzNvlHrjQ2IcoOgwYz55dM
JiCg2RU5YAdKhbsSOtdLnXT7YnPncc/UCpUs81v7H8DsOXGPWcPm4qeMvUlaU5yg
T6t7gPzhmyehS/MUHSdC+O4VkMi3j9qKE3BuenssQSHrMQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-fra.rpki-client.org