Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/DRtiZYPkWNy18X5u2Q9aR80JzxM.roa
File: DRtiZYPkWNy18X5u2Q9aR80JzxM.roa (raw, json)
Hash identifier: +faq9GJJ7jkLVOAJlDwCVdlPhJTxc0vs0d+ugMcZ2L4=
Subject key identifier: 0D:1B:62:65:83:E4:58:DC:B5:F1:7E:6E:D9:0F:5A:47:CD:09:CF:13
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E2C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/DRtiZYPkWNy18X5u2Q9aR80JzxM.roa
Signing time: Wed 29 Sep 2021 02:40:03 +0000
ROA not before: Wed 29 Sep 2021 02:40:03 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131142
IP address blocks: 223.22.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3628 (0xe2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:40:03 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=0D1B626583E458DCB5F17E6ED90F5A47CD09CF13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b0:26:e7:f2:ce:e5:04:72:6f:de:b3:32:8c:
9b:7b:4c:f8:20:bf:ea:df:aa:0a:cf:9f:65:56:c3:
01:6b:db:f6:96:84:ca:35:67:0c:c6:e0:a1:16:00:
2f:46:4d:ee:d5:ea:15:8f:70:90:06:af:ce:5d:98:
d9:42:8b:a7:48:2a:7d:57:d8:b0:9e:6f:53:99:cc:
7d:55:0a:3a:49:88:c7:df:6a:26:6c:fd:82:ab:e1:
a6:ad:38:12:da:e0:5d:e9:b2:b2:33:20:e8:49:e2:
15:2e:3a:51:b1:e0:34:4f:84:06:d2:2e:68:20:a1:
5d:7c:cc:79:97:d6:d8:15:7f:9f:d4:60:f8:00:db:
51:7e:7e:b5:ed:e9:9a:70:70:98:0a:2e:62:b0:c0:
4b:16:3f:7c:aa:30:69:17:14:b6:aa:9f:cf:02:d9:
42:88:9f:c6:6e:8d:5a:af:cb:32:e2:31:25:27:9a:
bb:18:2c:cb:89:cc:52:b3:06:46:55:b1:64:fd:6e:
a5:a5:17:8f:46:d9:7b:16:89:b9:9e:94:97:94:a7:
e7:c9:d1:de:38:38:f8:83:da:51:fc:de:c2:64:34:
7c:c6:7e:4b:77:a3:52:b5:01:ae:46:27:0f:a4:f9:
9a:cb:70:03:93:06:e9:8e:ea:15:e1:84:7d:1e:ec:
0c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1B:62:65:83:E4:58:DC:B5:F1:7E:6E:D9:0F:5A:47:CD:09:CF:13
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/DRtiZYPkWNy18X5u2Q9aR80JzxM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.252.0/22
Signature Algorithm: sha256WithRSAEncryption
64:d4:89:12:92:19:5b:dc:01:ae:cb:08:61:eb:cd:14:ec:4e:
be:61:3a:89:78:d9:8d:73:71:b2:61:37:66:22:63:1e:80:43:
bf:c1:32:b7:19:76:4d:d0:24:75:be:b9:d5:d3:82:a5:46:8e:
c0:f2:92:2c:39:2f:de:d9:93:82:02:23:ff:3f:35:bf:68:d8:
65:32:e7:b3:2f:bf:72:83:c3:a8:3a:73:ed:d6:58:9f:1a:23:
0d:fd:e1:a1:74:a0:3c:86:c6:bf:ef:08:83:70:9a:d0:ad:d3:
8b:d6:30:91:0a:d2:7c:52:ef:e5:af:e2:a1:8b:9f:d2:0c:70:
f6:47:e0:10:4e:19:99:05:08:3c:b3:6a:97:73:24:88:88:13:
d0:f7:af:49:55:4b:ad:a5:81:7b:95:87:8e:b6:2c:74:1e:8e:
5e:63:be:59:3f:7a:18:94:d8:f5:72:27:36:15:84:69:04:d9:
11:93:a3:4b:ee:3d:6b:13:91:10:93:97:b8:e0:d5:6b:eb:cc:
55:ed:e9:8a:f3:8b:9d:2f:2c:66:bd:a4:29:de:a0:2a:ff:c5:
50:8c:e9:01:9a:06:48:09:12:5a:26:a6:b4:73:a9:28:bb:4b:
d9:3c:41:c9:8a:99:45:d1:1d:0a:5f:47:55:27:06:ec:41:98:
85:fd:d0:62
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDiwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDBEMUI2MjY1ODNFNDU4
RENCNUYxN0U2RUQ5MEY1QTQ3Q0QwOUNGMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzsCbn8s7lBHJv3rMyjJt7TPggv+rfqgrPn2VWwwFr2/aWhMo1
ZwzG4KEWAC9GTe7V6hWPcJAGr85dmNlCi6dIKn1X2LCeb1OZzH1VCjpJiMffaiZs
/YKr4aatOBLa4F3psrIzIOhJ4hUuOlGx4DRPhAbSLmggoV18zHmX1tgVf5/UYPgA
21F+frXt6ZpwcJgKLmKwwEsWP3yqMGkXFLaqn88C2UKIn8ZujVqvyzLiMSUnmrsY
LMuJzFKzBkZVsWT9bqWlF49G2XsWibmelJeUp+fJ0d44OPiD2lH83sJkNHzGfkt3
o1K1Aa5GJw+k+ZrLcAOTBumO6hXhhH0e7AwxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUDRtiZYPkWNy18X5u2Q9aR80JzxMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvRFJ0aVpZUGtXTnkxOFg1dTJROWFS
ODBKenhNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8W/DAN
BgkqhkiG9w0BAQsFAAOCAQEAZNSJEpIZW9wBrssIYevNFOxOvmE6iXjZjXNxsmE3
ZiJjHoBDv8Eytxl2TdAkdb651dOCpUaOwPKSLDkv3tmTggIj/z81v2jYZTLnsy+/
coPDqDpz7dZYnxojDf3hoXSgPIbGv+8Ig3Ca0K3Ti9YwkQrSfFLv5a/ioYuf0gxw
9kfgEE4ZmQUIPLNql3MkiIgT0PevSVVLraWBe5WHjrYsdB6OXmO+WT96GJTY9XIn
NhWEaQTZEZOjS+49axOREJOXuODVa+vMVe3pivOLnS8sZr2kKd6gKv/FUIzpAZoG
SAkSWiamtHOpKLtL2TxByYqZRdEdCl9HVScG7EGYhf3QYg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org