Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/CmU0WeZuJ9rkXiH26MjQnNWDlwo.roa
File: CmU0WeZuJ9rkXiH26MjQnNWDlwo.roa (raw, json)
Hash identifier: A4JKYC3cFlruFhJzxxaRPPV0XQsxmzuFH/WZszrhuAs=
Subject key identifier: 0A:65:34:59:E6:6E:27:DA:E4:5E:21:F6:E8:C8:D0:9C:D5:83:97:0A
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DD5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CmU0WeZuJ9rkXiH26MjQnNWDlwo.roa
Signing time: Wed 29 Sep 2021 02:39:37 +0000
ROA not before: Wed 29 Sep 2021 02:39:37 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9311
IP address blocks: 210.200.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3541 (0xdd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:37 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=0A653459E66E27DAE45E21F6E8C8D09CD583970A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3e:c7:12:dd:56:0a:23:bc:a7:88:d8:ab:b9:
a9:22:34:9f:b8:40:32:42:3c:7e:c2:f2:6c:99:2c:
b4:f3:56:8f:a7:e2:1d:f1:8b:67:91:f6:fb:bf:ba:
aa:aa:9d:9b:48:9e:59:89:98:a6:ee:5b:3b:62:b9:
52:92:6d:2b:76:44:74:24:53:30:09:5f:e5:d5:5c:
2f:8f:17:49:e2:bf:b3:2b:eb:1b:99:8d:b5:82:c8:
75:0d:30:98:12:d4:8c:42:b4:8f:53:64:8d:33:05:
36:54:30:6c:b8:4f:d2:fa:b4:8e:5f:69:c7:1e:d1:
6d:78:e3:02:9f:26:7d:4b:3d:32:1c:55:b6:a2:b7:
58:ba:35:c8:3a:2e:bc:31:18:e0:84:1b:58:f1:3d:
51:6e:91:e9:d8:b7:88:59:61:2a:09:5d:66:79:ca:
24:3d:bf:0e:18:94:65:ee:a5:ff:23:3c:80:ea:8c:
b8:e3:f7:d1:65:d1:6e:f4:82:f0:57:dd:04:d1:52:
80:77:04:47:37:f2:66:be:1a:ef:2e:c1:93:2f:fe:
2a:1a:61:69:1a:cd:60:bd:ae:ec:57:bf:77:58:15:
b0:d1:37:77:3c:6d:cc:f1:ed:48:b8:b4:68:e7:c7:
09:c0:1a:da:82:a6:9f:a3:55:5a:67:d5:59:e7:85:
53:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:65:34:59:E6:6E:27:DA:E4:5E:21:F6:E8:C8:D0:9C:D5:83:97:0A
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CmU0WeZuJ9rkXiH26MjQnNWDlwo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.128.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:c5:0b:b9:59:2c:6f:32:f1:0e:2e:50:7c:84:8c:37:bf:4e:
2b:d8:50:a7:c7:ef:4f:46:3d:f2:eb:22:8c:53:3b:a1:1b:72:
35:84:74:8e:22:68:c8:91:a1:64:fe:3a:38:ec:ad:f2:59:43:
13:18:e8:54:9b:56:df:46:c2:b0:10:55:0b:f0:c1:65:7c:89:
b5:96:e5:52:72:12:93:38:e3:ce:da:dc:5a:d9:cf:40:b1:0e:
52:9e:9c:d9:5e:60:ce:1f:6f:fb:ff:c2:11:3c:be:ff:ae:63:
e1:a9:73:a5:02:d7:9d:20:69:a3:98:83:04:b1:c5:d3:64:26:
18:3a:61:c9:d4:ab:44:f6:5a:f7:43:d7:7e:cb:1c:6d:fd:e5:
fb:ed:32:2b:f2:a1:49:51:c5:e5:33:99:28:5b:67:2d:8b:93:
5b:51:9f:2d:4a:13:cd:9c:b2:e9:0f:e9:db:9b:d0:56:60:15:
54:7e:c1:f0:91:c0:4b:d6:52:8a:aa:cb:7d:22:c8:e1:00:51:
7f:0f:99:70:fd:7c:18:03:e5:b2:37:f8:f7:ff:5d:ad:d4:01:
49:04:41:2a:91:51:39:15:4c:a5:6b:ea:ec:57:78:73:44:34:
eb:cb:09:85:6e:f7:1f:87:76:51:1f:03:6b:ec:f5:a0:02:66:
43:11:d3:ed
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDdUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MzdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDBBNjUzNDU5RTY2RTI3
REFFNDVFMjFGNkU4QzhEMDlDRDU4Mzk3MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHPscS3VYKI7yniNiruakiNJ+4QDJCPH7C8myZLLTzVo+n4h3x
i2eR9vu/uqqqnZtInlmJmKbuWztiuVKSbSt2RHQkUzAJX+XVXC+PF0niv7Mr6xuZ
jbWCyHUNMJgS1IxCtI9TZI0zBTZUMGy4T9L6tI5facce0W144wKfJn1LPTIcVbai
t1i6Ncg6LrwxGOCEG1jxPVFukenYt4hZYSoJXWZ5yiQ9vw4YlGXupf8jPIDqjLjj
99Fl0W70gvBX3QTRUoB3BEc38ma+Gu8uwZMv/ioaYWkazWC9ruxXv3dYFbDRN3c8
bczx7Ui4tGjnxwnAGtqCpp+jVVpn1VnnhVMVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCmU0WeZuJ9rkXiH26MjQnNWDlwowHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQ21VMFdlWnVKOXJrWGlIMjZNalFu
TldEbHdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAqsULuVksbzLxDi5QfISMN79OK9hQp8fvT0Y98usi
jFM7oRtyNYR0jiJoyJGhZP46OOyt8llDExjoVJtW30bCsBBVC/DBZXyJtZblUnIS
kzjjztrcWtnPQLEOUp6c2V5gzh9v+//CETy+/65j4alzpQLXnSBpo5iDBLHF02Qm
GDphydSrRPZa90PXfsscbf3l++0yK/KhSVHF5TOZKFtnLYuTW1GfLUoTzZyy6Q/p
25vQVmAVVH7B8JHAS9ZSiqrLfSLI4QBRfw+ZcP18GAPlsjf49/9drdQBSQRBKpFR
ORVMpWvq7Fd4c0Q068sJhW73H4d2UR8Da+z1oAJmQxHT7Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org