Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/HDF_42S21B5HEuH7xZCdNbL_oA0.roa
File: HDF_42S21B5HEuH7xZCdNbL_oA0.roa (raw, json)
Hash identifier: bc2ztmWbmuFOehtnmxZV8obSAZ3UP1DxYFpnousYRKs=
Subject key identifier: 1C:31:7F:E3:64:B6:D4:1E:47:12:E1:FB:C5:90:9D:35:B2:FF:A0:0D
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 094B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HDF_42S21B5HEuH7xZCdNbL_oA0.roa
Signing time: Tue 29 Sep 2020 10:01:40 +0000
ROA not before: Tue 29 Sep 2020 10:01:40 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 7482
IP address blocks: 218.34.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2379 (0x94b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:40 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1C317FE364B6D41E4712E1FBC5909D35B2FFA00D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f0:6f:80:d0:97:ea:d7:c7:81:c8:70:6d:8e:
b1:96:14:25:c0:eb:17:d1:6a:d4:ae:fe:3c:9e:1b:
8d:2a:d9:66:58:60:ac:09:a6:b4:fa:22:7d:5e:dc:
9f:06:dc:9f:71:0c:62:34:7a:30:c7:d7:8a:c2:99:
99:21:c5:04:58:8b:81:84:e0:7b:88:95:f7:d7:cd:
fe:3d:90:fd:3e:d7:17:b3:9a:17:4d:85:6b:12:50:
3a:0d:25:20:4d:72:5c:46:8a:73:d3:a0:ee:2d:4a:
5f:84:d1:ac:f0:5c:13:37:5f:70:f0:7a:2c:02:a6:
54:27:44:d1:7f:03:e3:5b:8f:61:0d:86:37:ad:de:
01:35:8e:58:8d:5b:d8:b6:f7:cb:e9:40:e0:1e:fa:
e4:4b:cf:f5:90:77:54:e3:bf:5e:bc:94:13:0e:44:
01:70:9e:6b:18:c1:93:c3:9f:ca:33:e0:71:42:3a:
5d:27:f2:80:fa:83:ce:a9:dc:d8:19:59:93:0d:3f:
fb:0a:c1:26:0a:c3:d5:97:e8:10:2b:8e:c5:28:94:
87:d0:ae:f8:53:c5:63:10:f7:39:78:69:d9:c0:c1:
81:57:a2:09:75:51:cb:67:3c:45:e1:c1:4e:f6:85:
72:d8:1c:27:d9:3f:5d:a3:51:ee:54:f3:8a:cb:e8:
90:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:31:7F:E3:64:B6:D4:1E:47:12:E1:FB:C5:90:9D:35:B2:FF:A0:0D
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HDF_42S21B5HEuH7xZCdNbL_oA0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:36:9e:c5:e4:6a:34:ca:e6:5a:29:6f:06:3a:ed:f1:1c:91:
54:c7:0c:84:3c:e4:3f:ed:33:12:a6:8b:66:98:a2:14:81:4e:
e3:0c:ec:dd:f5:22:33:db:57:e1:36:1e:77:d0:a3:7a:fa:96:
69:98:8d:ad:a8:00:f0:79:cb:1f:27:62:c5:42:db:e9:16:46:
42:bd:0c:cf:e5:b2:12:66:fa:d3:b6:45:aa:ef:f3:9e:28:0d:
1f:cc:a5:93:97:3b:f5:cf:3c:3b:96:8d:7e:63:0f:11:01:a5:
04:f7:c5:63:1b:2b:ac:b4:73:d3:a4:0f:bc:c8:55:8d:82:88:
b6:43:fc:24:f2:e1:0d:3e:f0:30:f7:71:bf:df:38:0c:55:1c:
79:5d:9a:0c:17:cc:f4:c2:ad:c8:6e:1d:3c:57:b4:ee:f3:8f:
27:16:c2:ea:9c:0f:c4:79:7b:07:4a:66:b5:56:de:fc:1d:fc:
51:9d:93:f5:16:0c:ff:44:5b:fa:c8:5e:80:83:9b:89:24:b0:
02:c5:4a:ef:e6:f1:b4:b6:31:67:55:3c:68:f8:5b:7e:0d:37:
76:59:5f:f6:9f:5c:f6:ac:79:19:b3:db:a7:dc:04:a2:56:d9:
a6:da:0f:15:e6:90:91:47:08:64:cd:ee:cb:4e:ac:4c:d8:49:
4d:6f:98:2d
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCUswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFDMzE3RkUzNjRCNkQ0
MUU0NzEyRTFGQkM1OTA5RDM1QjJGRkEwMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS8G+A0Jfq18eByHBtjrGWFCXA6xfRatSu/jyeG40q2WZYYKwJ
prT6In1e3J8G3J9xDGI0ejDH14rCmZkhxQRYi4GE4HuIlffXzf49kP0+1xezmhdN
hWsSUDoNJSBNclxGinPToO4tSl+E0azwXBM3X3DweiwCplQnRNF/A+Nbj2ENhjet
3gE1jliNW9i298vpQOAe+uRLz/WQd1Tjv168lBMORAFwnmsYwZPDn8oz4HFCOl0n
8oD6g86p3NgZWZMNP/sKwSYKw9WX6BArjsUolIfQrvhTxWMQ9zl4adnAwYFXogl1
UctnPEXhwU72hXLYHCfZP12jUe5U84rL6JBrAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUHDF/42S21B5HEuH7xZCdNbL/oA0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSERGXzQyUzIxQjVIRXVIN3haQ2RO
Ykxfb0EwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANoiMA0G
CSqGSIb3DQEBCwUAA4IBAQBiNp7F5Go0yuZaKW8GOu3xHJFUxwyEPOQ/7TMSpotm
mKIUgU7jDOzd9SIz21fhNh530KN6+pZpmI2tqADwecsfJ2LFQtvpFkZCvQzP5bIS
ZvrTtkWq7/OeKA0fzKWTlzv1zzw7lo1+Yw8RAaUE98VjGyustHPTpA+8yFWNgoi2
Q/wk8uENPvAw93G/3zgMVRx5XZoMF8z0wq3Ibh08V7Tu848nFsLqnA/EeXsHSma1
Vt78HfxRnZP1Fgz/RFv6yF6Ag5uJJLACxUrv5vG0tjFnVTxo+Ft+DTd2WV/2n1z2
rHkZs9un3ASiVtmm2g8V5pCRRwhkze7LTqxM2ElNb5gt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org