Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/DFt9IjvRaNYO3rPpSXNShuNagLU.roa
File: DFt9IjvRaNYO3rPpSXNShuNagLU.roa (raw, json)
Hash identifier: UHYv2KK7pUn8qK/RBXD7rkAWdt8p91Q/fK6dWL+jBDc=
Subject key identifier: 0C:5B:7D:22:3B:D1:68:D6:0E:DE:B3:E9:49:73:52:86:E3:5A:80:B5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DE6
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/DFt9IjvRaNYO3rPpSXNShuNagLU.roa
Signing time: Wed 29 Sep 2021 02:39:43 +0000
ROA not before: Wed 29 Sep 2021 02:39:43 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 210.202.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3558 (0xde6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:43 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=0C5B7D223BD168D60EDEB3E949735286E35A80B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a0:4c:7b:ac:c8:4e:58:1d:97:9d:a7:ed:cc:
5c:04:5a:ae:be:58:12:84:7c:d4:af:09:df:bf:2b:
b5:4d:1d:7d:d7:c5:42:b2:85:d2:64:f3:31:f4:6d:
2a:ba:b5:75:5e:dd:c6:53:cf:b6:52:2c:b2:47:37:
86:d1:8b:db:0b:c4:57:79:e5:d8:20:e2:3a:16:0a:
6a:2f:a7:91:39:06:da:bd:7f:f3:26:89:a2:9a:03:
f7:cf:af:7e:0b:f9:53:be:7d:10:31:ab:88:9c:42:
7d:33:ef:00:67:8b:9e:f6:c5:c3:b1:d7:33:2f:ec:
91:1b:e4:ab:53:17:47:1d:a9:52:37:56:b1:ad:76:
65:c3:14:30:23:b4:61:28:64:fe:72:59:d7:15:8b:
e9:48:c8:c5:49:e1:19:dc:f0:c8:a6:87:08:07:ed:
bf:fb:e7:d2:ff:7a:9c:5b:db:c4:76:cf:f5:2f:9f:
6c:be:0f:ac:e4:fc:83:2e:c0:94:9d:0f:96:c0:a5:
c0:c6:d9:0c:ca:d3:c7:79:f2:be:ca:24:5e:f9:90:
67:a0:bf:ab:b8:70:ff:a3:db:c9:a8:01:d6:d9:e5:
39:34:90:77:fe:b1:bf:76:f1:d8:1f:15:33:06:25:
69:3a:16:62:b5:43:fd:65:32:83:3c:48:37:fd:66:
63:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:5B:7D:22:3B:D1:68:D6:0E:DE:B3:E9:49:73:52:86:E3:5A:80:B5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/DFt9IjvRaNYO3rPpSXNShuNagLU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.0.0/19
Signature Algorithm: sha256WithRSAEncryption
11:ab:9f:87:fd:b8:4a:38:25:c6:a8:db:48:78:b0:1e:88:7e:
c6:2a:fa:ea:5e:00:aa:29:b8:5f:7d:f8:74:9c:0b:93:ed:31:
dc:ab:2c:ac:7d:d8:f3:60:15:31:82:32:17:93:74:6b:f0:b4:
15:22:0f:51:e1:94:76:31:06:f0:6d:cc:3a:26:76:63:bd:cc:
2e:f6:0b:44:8c:1c:e2:9f:cc:09:4d:20:9d:52:30:9c:e6:6f:
e1:79:34:36:28:95:cf:1d:3b:06:94:ba:f0:a8:8c:dd:2c:33:
82:7d:83:49:67:ad:7c:81:52:00:d8:13:09:5f:14:a0:9c:35:
be:7e:93:dd:6b:80:b5:e0:1b:b8:72:aa:d4:e8:32:dd:41:ea:
19:53:e7:bb:89:ab:63:1b:1b:fb:1e:b9:e5:b4:28:07:cb:da:
84:d7:91:11:cb:40:57:67:8b:80:be:e7:85:77:4a:56:06:6e:
56:85:6b:66:65:2a:e8:75:ea:68:a8:e1:f0:51:60:30:82:eb:
e2:9f:e3:89:f1:c5:7a:51:21:e6:65:39:45:6b:19:a0:13:13:
d6:61:2d:11:36:32:db:24:21:e6:fa:c7:c5:da:8c:6e:07:a1:
b7:81:de:ee:9b:e1:f1:e7:73:0d:1a:0c:ff:b0:1e:e1:d0:b7:
c2:a4:c7:17
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDBDNUI3RDIyM0JEMTY4
RDYwRURFQjNFOTQ5NzM1Mjg2RTM1QTgwQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDoEx7rMhOWB2XnaftzFwEWq6+WBKEfNSvCd+/K7VNHX3XxUKy
hdJk8zH0bSq6tXVe3cZTz7ZSLLJHN4bRi9sLxFd55dgg4joWCmovp5E5Btq9f/Mm
iaKaA/fPr34L+VO+fRAxq4icQn0z7wBni572xcOx1zMv7JEb5KtTF0cdqVI3VrGt
dmXDFDAjtGEoZP5yWdcVi+lIyMVJ4Rnc8MimhwgH7b/759L/epxb28R2z/Uvn2y+
D6zk/IMuwJSdD5bApcDG2QzK08d58r7KJF75kGegv6u4cP+j28moAdbZ5Tk0kHf+
sb928dgfFTMGJWk6FmK1Q/1lMoM8SDf9ZmNTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUDFt9IjvRaNYO3rPpSXNShuNagLUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvREZ0OUlqdlJhTllPM3JQcFNYTlNo
dU5hZ0xVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdLKADAN
BgkqhkiG9w0BAQsFAAOCAQEAEaufh/24SjglxqjbSHiwHoh+xir66l4Aqim4X334
dJwLk+0x3KssrH3Y82AVMYIyF5N0a/C0FSIPUeGUdjEG8G3MOiZ2Y73MLvYLRIwc
4p/MCU0gnVIwnOZv4Xk0NiiVzx07BpS68KiM3Swzgn2DSWetfIFSANgTCV8UoJw1
vn6T3WuAteAbuHKq1Ogy3UHqGVPnu4mrYxsb+x655bQoB8vahNeREctAV2eLgL7n
hXdKVgZuVoVrZmUq6HXqaKjh8FFgMILr4p/jifHFelEh5mU5RWsZoBMT1mEtETYy
2yQh5vrHxdqMbgeht4He7pvh8edzDRoM/7Ae4dC3wqTHFw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org