Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/I0T_T48aDpmROpGzjhm3STmwx7I.roa
File: I0T_T48aDpmROpGzjhm3STmwx7I.roa (raw, json)
Hash identifier: 54GoWO8upm9RFwe2TiBeR0CGlLONH/O3J82HSLAQ0Fw=
Subject key identifier: 23:44:FF:4F:8F:1A:0E:99:91:3A:91:B3:8E:19:B7:49:39:B0:C7:B2
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DC1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/I0T_T48aDpmROpGzjhm3STmwx7I.roa
Signing time: Wed 29 Sep 2021 02:39:31 +0000
ROA not before: Wed 29 Sep 2021 02:39:31 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9311
IP address blocks: 203.79.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3521 (0xdc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:31 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=2344FF4F8F1A0E99913A91B38E19B74939B0C7B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:76:42:15:a1:49:f1:c2:45:7a:e3:c9:86:
66:5f:c6:7a:62:dd:d4:c1:e5:a8:61:b9:d9:99:d1:
3e:16:de:17:5a:20:2a:94:d7:7b:7d:31:be:37:23:
18:38:db:43:3c:2a:93:f7:7b:b0:d1:43:cc:0c:b3:
6a:a2:a0:82:0e:68:72:f1:0c:0f:1c:41:a7:b9:80:
fd:f9:a2:21:51:c7:a5:d5:45:a3:29:56:53:26:ac:
c1:01:62:bf:0e:a0:7e:1f:ae:f8:b2:eb:f2:bf:3f:
26:06:64:35:58:cf:5a:8f:3b:25:b1:ab:e3:58:2c:
e7:64:41:15:8a:de:27:00:ca:54:2f:aa:b8:c3:8f:
bd:65:50:80:a6:7c:f9:88:54:86:e7:47:62:89:c7:
da:d6:10:e6:07:56:ad:c8:80:fa:b1:24:4b:80:a7:
4d:a4:c1:ef:52:37:9f:7c:d6:f7:70:c7:dd:8c:fa:
ca:66:91:da:8c:b0:bb:c6:d6:4a:3e:b8:0d:57:a9:
03:f6:91:b6:ef:5b:ea:7d:a5:79:06:43:87:88:a6:
16:90:fe:74:d0:2d:dc:a2:65:70:7e:3f:5c:e5:27:
18:31:9e:96:a2:92:bc:09:4d:f5:20:66:e5:42:47:
c1:ed:47:78:fe:2d:38:87:4c:fb:a9:51:aa:cd:a1:
f6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:44:FF:4F:8F:1A:0E:99:91:3A:91:B3:8E:19:B7:49:39:B0:C7:B2
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/I0T_T48aDpmROpGzjhm3STmwx7I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.224.0/22
Signature Algorithm: sha256WithRSAEncryption
81:2e:a7:d6:bc:c5:e2:58:ea:e3:c6:bc:ef:e2:43:7e:17:bb:
d5:47:24:7e:dd:ac:03:90:56:fe:53:69:ba:6d:c0:e9:eb:96:
be:c4:1d:da:72:01:6d:88:e0:79:20:62:78:6a:86:7e:a8:06:
cf:c6:a6:e9:77:f5:76:da:da:c0:f7:98:18:6b:c2:f0:79:c1:
f1:99:8b:bd:db:46:7e:9a:3b:c1:eb:a7:0b:b9:69:c6:c3:83:
3a:34:48:8f:7c:fd:c9:37:c3:64:71:8a:34:fb:0f:7b:38:56:
24:57:3c:c2:57:5a:f5:04:e1:dc:49:7a:e2:40:3d:78:8c:2d:
97:11:d3:30:ad:bd:5b:f1:e5:69:72:3f:ee:66:f8:7a:89:83:
7f:35:c1:ae:96:98:32:40:59:38:26:a1:c7:52:fe:b3:a8:78:
33:57:8d:fb:6f:26:60:e3:96:f1:7d:c4:ac:01:8a:44:66:e4:
b5:ab:82:4f:6a:41:b6:a6:73:f8:fb:4d:76:95:e4:ba:42:76:
62:fc:d4:26:ab:93:bb:05:60:ba:43:cf:83:6f:b7:d9:f2:9b:
da:be:66:da:49:d1:01:82:0c:67:99:89:36:92:fc:8c:42:a8:
a5:66:a5:84:7a:b8:05:bb:eb:3e:89:0f:1e:7e:19:61:91:8a:
08:eb:3a:16
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDcEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MzFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDIzNDRGRjRGOEYxQTBF
OTk5MTNBOTFCMzhFMTlCNzQ5MzlCMEM3QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+oXZCFaFJ8cJFeuPJhmZfxnpi3dTB5ahhudmZ0T4W3hdaICqU
13t9Mb43Ixg420M8KpP3e7DRQ8wMs2qioIIOaHLxDA8cQae5gP35oiFRx6XVRaMp
VlMmrMEBYr8OoH4frviy6/K/PyYGZDVYz1qPOyWxq+NYLOdkQRWK3icAylQvqrjD
j71lUICmfPmIVIbnR2KJx9rWEOYHVq3IgPqxJEuAp02kwe9SN5981vdwx92M+spm
kdqMsLvG1ko+uA1XqQP2kbbvW+p9pXkGQ4eIphaQ/nTQLdyiZXB+P1zlJxgxnpai
krwJTfUgZuVCR8HtR3j+LTiHTPupUarNofb3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUI0T/T48aDpmROpGzjhm3STmwx7IwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSTBUX1Q0OGFEcG1ST3BHempobTNT
VG13eDdJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAstP4DAN
BgkqhkiG9w0BAQsFAAOCAQEAgS6n1rzF4ljq48a87+JDfhe71Uckft2sA5BW/lNp
um3A6euWvsQd2nIBbYjgeSBieGqGfqgGz8am6Xf1dtrawPeYGGvC8HnB8ZmLvdtG
fpo7weunC7lpxsODOjRIj3z9yTfDZHGKNPsPezhWJFc8wlda9QTh3El64kA9eIwt
lxHTMK29W/HlaXI/7mb4eomDfzXBrpaYMkBZOCahx1L+s6h4M1eN+28mYOOW8X3E
rAGKRGbktauCT2pBtqZz+PtNdpXkukJ2YvzUJquTuwVgukPPg2+32fKb2r5m2knR
AYIMZ5mJNpL8jEKopWalhHq4BbvrPokPHn4ZYZGKCOs6Fg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-fra.rpki-client.org