Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/DPKfAQCcVRGn9w_SxblXtpEtckk.roa
File: DPKfAQCcVRGn9w_SxblXtpEtckk.roa (raw, json)
Hash identifier: FPMVKF7BctsrmS2cUoJt8EV+NN5q09R2az6wuunfVio=
Subject key identifier: 0C:F2:9F:01:00:9C:55:11:A7:F7:0F:D2:C5:B9:57:B6:91:2D:72:49
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0988
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/DPKfAQCcVRGn9w_SxblXtpEtckk.roa
Signing time: Tue 29 Sep 2020 10:01:58 +0000
ROA not before: Tue 29 Sep 2020 10:01:58 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24154
IP address blocks: 210.200.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2440 (0x988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:58 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=0CF29F01009C5511A7F70FD2C5B957B6912D7249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:67:cc:bf:7c:b3:a2:0b:4b:62:a6:08:58:fd:
fb:51:23:45:c1:7c:37:f3:c1:37:72:28:89:db:d9:
f9:af:c0:2d:b5:b1:87:22:8d:1c:ee:4d:b1:58:04:
a7:99:12:91:67:a2:9e:bd:1f:ea:a0:35:cc:71:d3:
30:e7:ad:f5:a5:17:94:5e:e0:93:8f:84:39:29:a5:
9b:01:97:e2:d8:a4:37:f2:c3:e2:87:c3:88:c7:d3:
50:84:dd:f7:c5:bb:53:fa:24:38:57:2a:8c:f0:27:
54:ee:be:29:aa:47:92:c7:5b:a8:b9:be:64:f3:4e:
84:25:c1:8b:70:54:70:f3:11:be:4d:59:20:24:09:
99:4d:83:6d:3e:47:da:8f:f7:a7:3a:6b:cb:1c:00:
bb:00:6c:23:a5:59:5d:e4:37:e2:bc:16:4b:72:2f:
58:2e:0d:eb:c8:e8:9d:58:7b:62:fb:6e:2e:0a:e9:
d0:c4:b2:87:d6:c7:92:7f:b0:10:23:5b:5f:d0:15:
d4:f2:0d:d9:73:e6:7c:46:b2:d0:45:25:df:ef:31:
d3:83:e9:bf:82:d7:40:b8:4b:81:86:21:d6:6b:fd:
d7:e2:e2:a0:f9:7d:b3:a3:24:6a:43:54:b1:c0:dc:
1d:7a:01:d2:86:f9:0a:90:82:9c:31:e7:fd:67:79:
0a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F2:9F:01:00:9C:55:11:A7:F7:0F:D2:C5:B9:57:B6:91:2D:72:49
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/DPKfAQCcVRGn9w_SxblXtpEtckk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.8.0/21
Signature Algorithm: sha256WithRSAEncryption
70:28:b3:43:1a:fb:5f:c1:6b:9d:4f:39:f7:5b:17:98:b4:27:
9f:71:c3:2e:7c:81:ce:ca:e0:7c:9c:f6:8b:11:a8:6d:66:ef:
ab:ea:eb:4a:55:e5:20:96:c2:16:2c:ad:29:e3:7f:56:76:90:
05:45:52:b7:30:0a:84:9a:fe:ce:64:ac:cf:20:04:04:55:95:
96:10:7c:53:f5:c1:b1:a4:99:54:5b:71:f6:d6:1c:a7:2f:8d:
ae:c5:8f:db:52:99:82:9a:c1:7a:5e:bf:fe:5b:90:01:18:0c:
7c:5f:78:96:4c:8d:aa:8b:0b:79:83:21:7f:27:43:00:3f:70:
13:76:68:24:28:70:68:3d:35:cc:d2:e9:12:44:7d:bd:64:c7:
56:86:c5:97:fe:28:8e:9d:a1:1e:28:fd:6b:57:ce:da:2d:c3:
3c:23:a1:3a:58:da:dc:8d:26:72:eb:11:25:df:d1:b3:3f:f7:
b6:22:b4:15:c1:ba:6b:d5:2d:3d:c2:d8:ed:c6:bf:75:b6:02:
f4:dd:75:9f:77:90:c8:da:89:07:42:a3:fc:71:0b:3d:21:3b:
f2:a3:2b:25:d0:9c:ba:7b:d0:86:65:87:db:c5:32:d8:7f:b2:
80:5d:f0:73:84:2b:0b:5f:7a:3b:cf:2c:e5:f3:09:25:db:e6:
c5:5a:09:8b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCYgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNThaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBDRjI5RjAxMDA5QzU1
MTFBN0Y3MEZEMkM1Qjk1N0I2OTEyRDcyNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7Z8y/fLOiC0tipghY/ftRI0XBfDfzwTdyKInb2fmvwC21sYci
jRzuTbFYBKeZEpFnop69H+qgNcxx0zDnrfWlF5Re4JOPhDkppZsBl+LYpDfyw+KH
w4jH01CE3ffFu1P6JDhXKozwJ1TuvimqR5LHW6i5vmTzToQlwYtwVHDzEb5NWSAk
CZlNg20+R9qP96c6a8scALsAbCOlWV3kN+K8FktyL1guDevI6J1Ye2L7bi4K6dDE
sofWx5J/sBAjW1/QFdTyDdlz5nxGstBFJd/vMdOD6b+C10C4S4GGIdZr/dfi4qD5
fbOjJGpDVLHA3B16AdKG+QqQgpwx5/1neQpTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUDPKfAQCcVRGn9w/SxblXtpEtckkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvRFBLZkFRQ2NWUkduOXdfU3hibFh0
cEV0Y2trLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9LICDAN
BgkqhkiG9w0BAQsFAAOCAQEAcCizQxr7X8FrnU8591sXmLQnn3HDLnyBzsrgfJz2
ixGobWbvq+rrSlXlIJbCFiytKeN/VnaQBUVStzAKhJr+zmSszyAEBFWVlhB8U/XB
saSZVFtx9tYcpy+NrsWP21KZgprBel6//luQARgMfF94lkyNqosLeYMhfydDAD9w
E3ZoJChwaD01zNLpEkR9vWTHVobFl/4ojp2hHij9a1fO2i3DPCOhOlja3I0mcusR
Jd/Rsz/3tiK0FcG6a9UtPcLY7ca/dbYC9N11n3eQyNqJB0Kj/HELPSE78qMrJdCc
unvQhmWH28Uy2H+ygF3wc4QrC196O88s5fMJJdvmxVoJiw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-fra.rpki-client.org