Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/HpWgQYFGO73V27FmF1uawG9L0UM.roa
File: HpWgQYFGO73V27FmF1uawG9L0UM.roa (raw, json)
Hash identifier: feKJltv9KfZqAquJ38USgjW1+O7PKltMVrmzZG7BrrE=
Subject key identifier: 1E:95:A0:41:81:46:3B:BD:D5:DB:B1:66:17:5B:9A:C0:6F:4B:D1:43
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 092A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HpWgQYFGO73V27FmF1uawG9L0UM.roa
Signing time: Tue 29 Sep 2020 10:01:32 +0000
ROA not before: Tue 29 Sep 2020 10:01:32 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9311
IP address blocks: 210.58.96.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2346 (0x92a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:32 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1E95A04181463BBDD5DBB166175B9AC06F4BD143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:67:e4:d7:70:22:e1:ad:de:d6:4a:1f:20:
04:e3:ee:4d:a0:7a:2d:cc:ca:db:9a:93:76:ca:15:
b7:d1:d8:37:83:d6:60:e1:a0:e9:bd:ed:6d:d8:d1:
4e:a5:13:87:37:7a:46:25:8d:a0:97:e3:cd:a9:62:
ce:d4:c4:8d:71:1f:fa:ef:e5:34:34:0b:66:4a:fa:
ae:b8:49:bc:1d:16:be:26:17:0f:e4:e2:46:aa:73:
09:c8:57:e4:21:6f:d3:72:3a:8a:4a:81:a4:ea:f0:
9e:d4:45:ab:4a:43:85:0d:25:c3:b1:1a:c6:ee:8d:
fb:3c:88:d5:7f:5f:d8:ba:71:b3:d7:4d:f3:3f:54:
a8:01:70:af:ef:29:fe:36:33:c7:be:02:cb:e9:0b:
59:e3:df:a6:40:d9:a9:67:e6:1d:c1:ee:56:0c:ce:
27:f5:88:2a:99:18:7a:2d:92:5f:4d:29:df:aa:7a:
06:7e:42:f8:97:74:d4:2b:da:0b:9d:23:66:f3:16:
a4:b6:38:10:4f:14:2e:85:15:ff:e2:24:24:b5:69:
b4:63:1f:05:b0:0d:83:e5:ba:70:39:0a:3a:c5:97:
e0:9f:02:92:2f:eb:b9:af:2e:94:05:04:72:fb:75:
a8:ee:de:27:54:c4:b2:05:4f:80:2d:9e:b0:78:96:
d5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:95:A0:41:81:46:3B:BD:D5:DB:B1:66:17:5B:9A:C0:6F:4B:D1:43
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HpWgQYFGO73V27FmF1uawG9L0UM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.96.0/21
Signature Algorithm: sha256WithRSAEncryption
69:69:5b:c5:fc:45:4a:8e:82:a1:74:80:ad:c3:42:89:32:49:
ed:09:ce:27:ee:0c:51:77:5b:77:9e:b8:72:fd:72:c8:29:38:
91:b1:29:0e:6f:45:a8:ea:bd:66:e2:58:5a:0a:4e:ec:d4:d3:
53:15:f7:f5:c5:3e:b1:5f:49:7b:9c:b8:f7:a3:9a:cd:6b:c6:
23:57:34:69:fc:c5:01:06:9f:b8:53:74:6e:80:46:09:36:4f:
b9:01:a5:1c:6e:0f:2c:96:45:86:06:87:76:a9:65:1e:04:68:
d5:3d:dd:b1:be:e8:be:f1:49:77:12:71:ce:7c:4b:e8:e1:30:
c0:dc:16:13:cc:b4:38:c9:3a:a2:5d:a7:90:db:b3:81:36:24:
fe:7f:6f:62:86:d9:ba:bf:d7:37:26:ed:2b:e4:09:81:d6:f4:
7b:56:f9:f6:6c:b2:ef:0c:a6:99:f3:77:ca:8d:4d:cb:4e:23:
4f:2a:57:55:cd:1c:b0:f2:a7:9a:12:d1:f4:78:75:4e:2c:26:
40:71:d7:ff:8d:70:70:f1:f5:ad:ef:c3:73:e7:bf:86:88:bf:
f8:0a:c8:fd:ed:4a:56:c1:ca:02:58:3a:f5:5e:5f:fa:15:aa:
16:99:97:22:15:3e:d5:5e:9f:13:7e:61:68:43:d4:fd:c1:3f:
fc:71:cd:84
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCSowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMzJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFFOTVBMDQxODE0NjNC
QkRENURCQjE2NjE3NUI5QUMwNkY0QkQxNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt9Wfk13Ai4a3e1kofIATj7k2gei3Mytuak3bKFbfR2DeD1mDh
oOm97W3Y0U6lE4c3ekYljaCX482pYs7UxI1xH/rv5TQ0C2ZK+q64SbwdFr4mFw/k
4kaqcwnIV+Qhb9NyOopKgaTq8J7URatKQ4UNJcOxGsbujfs8iNV/X9i6cbPXTfM/
VKgBcK/vKf42M8e+AsvpC1nj36ZA2aln5h3B7lYMzif1iCqZGHotkl9NKd+qegZ+
QviXdNQr2gudI2bzFqS2OBBPFC6FFf/iJCS1abRjHwWwDYPlunA5CjrFl+CfApIv
67mvLpQFBHL7daju3idUxLIFT4AtnrB4ltVNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHpWgQYFGO73V27FmF1uawG9L0UMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSHBXZ1FZRkdPNzNWMjdGbUYxdWF3
RzlMMFVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I6YDAN
BgkqhkiG9w0BAQsFAAOCAQEAaWlbxfxFSo6CoXSArcNCiTJJ7QnOJ+4MUXdbd564
cv1yyCk4kbEpDm9FqOq9ZuJYWgpO7NTTUxX39cU+sV9Je5y496OazWvGI1c0afzF
AQafuFN0boBGCTZPuQGlHG4PLJZFhgaHdqllHgRo1T3dsb7ovvFJdxJxznxL6OEw
wNwWE8y0OMk6ol2nkNuzgTYk/n9vYobZur/XNybtK+QJgdb0e1b59myy7wymmfN3
yo1Ny04jTypXVc0csPKnmhLR9Hh1TiwmQHHX/41wcPH1re/Dc+e/hoi/+ArI/e1K
VsHKAlg69V5f+hWqFpmXIhU+1V6fE35haEPU/cE//HHNhA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-fra.rpki-client.org