Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/IbKsPfFTP0Y2tTox8NQSZVZ0hnQ.roa
File: IbKsPfFTP0Y2tTox8NQSZVZ0hnQ.roa (raw, json)
Hash identifier: VwBKDJVOkiuvPVGRxubhxQW5yOS3OldyeGbHMqJYEa4=
Subject key identifier: 21:B2:AC:3D:F1:53:3F:46:36:B5:3A:31:F0:D4:12:65:56:74:86:74
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 097B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/IbKsPfFTP0Y2tTox8NQSZVZ0hnQ.roa
Signing time: Tue 29 Sep 2020 10:01:53 +0000
ROA not before: Tue 29 Sep 2020 10:01:53 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9311
IP address blocks: 210.200.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2427 (0x97b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:53 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=21B2AC3DF1533F4636B53A31F0D4126556748674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0a:9d:7d:0b:ba:67:90:08:ea:42:42:af:a0:
9a:c9:c3:cc:e5:aa:bc:26:8e:f7:bc:b6:11:43:3d:
a0:16:70:e3:a8:a9:89:17:79:29:a2:b0:f1:69:4d:
83:1a:48:35:1b:17:f7:14:44:74:5d:0a:e3:76:29:
76:02:9a:83:d6:52:a4:af:96:7c:fb:2e:82:84:df:
4d:c6:f3:b6:cf:59:7e:22:18:6f:73:d7:95:83:c8:
8e:4e:d0:e9:75:10:13:f3:d2:62:7a:7d:ad:43:c4:
e2:54:ae:57:30:7c:84:32:c2:d1:2f:81:15:14:03:
96:b8:9b:40:58:d6:88:1d:8a:3e:5d:5b:a9:a0:5f:
55:10:0e:4c:b7:b8:e9:90:10:21:ca:a7:34:77:d7:
b9:3a:e7:92:ee:ac:a2:9b:35:fe:5a:bc:87:c4:42:
fb:5f:27:d8:4a:38:fa:a3:17:35:56:4f:cc:0f:71:
54:f7:8f:06:07:99:54:c5:2c:9b:1d:85:0d:95:83:
f0:aa:b3:d8:51:30:1a:eb:42:09:cd:0b:fb:d7:10:
6c:3a:77:f4:b4:55:71:db:48:4f:57:45:57:f3:45:
4d:6e:05:e5:f0:5b:c4:f1:57:9b:27:48:1e:36:2c:
7a:a8:2b:a4:03:46:d5:9b:ee:7e:4b:a6:34:f8:94:
dc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B2:AC:3D:F1:53:3F:46:36:B5:3A:31:F0:D4:12:65:56:74:86:74
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/IbKsPfFTP0Y2tTox8NQSZVZ0hnQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.192.0/18
Signature Algorithm: sha256WithRSAEncryption
40:e4:d6:14:af:d6:20:92:e4:d0:c4:e7:f1:7e:6c:92:b2:5a:
af:77:cf:95:fe:6b:60:60:51:26:14:b5:c4:20:aa:d2:b3:ac:
c0:36:c4:5e:b2:20:f3:a9:b5:a0:58:00:5f:b6:cd:fb:09:16:
9d:e7:de:67:2a:75:07:6e:b4:b8:89:42:00:2d:23:08:98:43:
80:ca:33:00:59:96:5c:30:0c:e5:fb:0f:d5:0e:e3:dd:77:89:
11:7a:b0:3c:f3:db:e7:ef:98:f0:6e:1e:ad:3a:44:92:4b:4f:
94:be:ce:28:0b:d5:d6:56:20:45:5e:15:21:59:37:4c:da:03:
e2:cc:31:5e:10:3e:62:9b:3c:3b:aa:14:17:7a:f4:84:79:d5:
ab:7f:e4:e9:1d:3b:2e:17:6c:5c:5b:44:eb:33:47:0c:38:c5:
3f:79:f2:d7:a5:7d:a6:4d:5d:c2:d7:cf:3d:e1:d3:50:e0:98:
8a:b9:1a:25:76:2e:0c:c3:66:36:34:ed:e2:6e:02:cd:07:ec:
8c:f1:01:a5:da:e2:42:72:93:14:14:85:98:91:ba:6f:2e:7c:
88:47:ab:7b:c9:cc:e0:b7:4d:a2:24:a0:2e:46:26:55:05:e5:
4d:88:83:ef:a4:2e:cb:ff:c1:ff:8e:34:67:3c:97:5d:e6:49:
f6:72:42:5e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCXswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDIxQjJBQzNERjE1MzNG
NDYzNkI1M0EzMUYwRDQxMjY1NTY3NDg2NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjCp19C7pnkAjqQkKvoJrJw8zlqrwmjve8thFDPaAWcOOoqYkX
eSmisPFpTYMaSDUbF/cURHRdCuN2KXYCmoPWUqSvlnz7LoKE303G87bPWX4iGG9z
15WDyI5O0Ol1EBPz0mJ6fa1DxOJUrlcwfIQywtEvgRUUA5a4m0BY1ogdij5dW6mg
X1UQDky3uOmQECHKpzR317k655LurKKbNf5avIfEQvtfJ9hKOPqjFzVWT8wPcVT3
jwYHmVTFLJsdhQ2Vg/Cqs9hRMBrrQgnNC/vXEGw6d/S0VXHbSE9XRVfzRU1uBeXw
W8TxV5snSB42LHqoK6QDRtWb7n5LpjT4lNxjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUIbKsPfFTP0Y2tTox8NQSZVZ0hnQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSWJLc1BmRlRQMFkydFRveDhOUVNa
VlowaG5RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQOTWFK/WIJLk0MTn8X5skrJar3fPlf5rYGBRJhS1
xCCq0rOswDbEXrIg86m1oFgAX7bN+wkWnefeZyp1B260uIlCAC0jCJhDgMozAFmW
XDAM5fsP1Q7j3XeJEXqwPPPb5++Y8G4erTpEkktPlL7OKAvV1lYgRV4VIVk3TNoD
4swxXhA+Yps8O6oUF3r0hHnVq3/k6R07LhdsXFtE6zNHDDjFP3ny16V9pk1dwtfP
PeHTUOCYirkaJXYuDMNmNjTt4m4CzQfsjPEBpdriQnKTFBSFmJG6by58iEere8nM
4LdNoiSgLkYmVQXlTYiD76Quy//B/440ZzyXXeZJ9nJCXg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org