Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/M0xF096O6uoVEu7FM2AfdkJt0J4.roa
File: M0xF096O6uoVEu7FM2AfdkJt0J4.roa (raw, json)
Hash identifier: 2RWmnAdDSiV67U+TYy1RcE6s//LAmJ3AbGV6LWbM1vo=
Subject key identifier: 33:4C:45:D3:DE:8E:EA:EA:15:12:EE:C5:33:60:1F:76:42:6D:D0:9E
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DE5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/M0xF096O6uoVEu7FM2AfdkJt0J4.roa
Signing time: Wed 29 Sep 2021 02:39:42 +0000
ROA not before: Wed 29 Sep 2021 02:39:42 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7482
IP address blocks: 210.201.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3557 (0xde5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:42 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=334C45D3DE8EEAEA1512EEC533601F76426DD09E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:85:86:93:80:a2:77:89:d4:f9:b3:12:6c:52:
fd:0d:18:d3:50:fd:69:e1:fa:8f:85:63:b5:ea:00:
ba:31:f0:31:dc:1c:be:1b:41:bd:ea:fb:47:6c:fa:
29:1e:05:53:7b:48:b9:e7:1c:51:34:42:8b:1c:c5:
e7:4a:17:17:38:86:c6:0b:2a:db:d5:79:e3:df:4f:
a4:c8:6e:0f:ff:7e:97:d5:64:93:11:41:7b:5c:b5:
71:47:f6:91:95:29:80:98:4a:48:fb:ca:1f:b3:bc:
40:ff:ce:98:d5:67:75:ee:3e:17:c4:a5:67:fe:6f:
ee:54:dc:e6:cf:a8:e0:c3:f4:44:69:0d:fe:ec:0e:
c0:a9:c3:72:c3:df:7a:06:43:33:25:73:57:a7:04:
a0:35:f9:a4:82:08:7a:17:6b:a2:62:d0:26:fc:43:
d6:a1:40:61:b3:d2:5f:a2:d5:55:b4:e3:7b:fd:99:
e6:63:f6:84:da:45:9a:4b:2d:c9:57:87:5c:cf:a4:
87:ee:15:7e:8e:5c:e7:f8:18:bb:cc:02:1a:b6:f5:
7e:cc:02:b1:6f:24:f3:c3:62:b9:7a:d4:d8:d4:8b:
1f:72:95:95:a2:6d:4b:1d:4f:47:d7:ab:23:9b:fc:
0b:e8:28:13:8b:1f:b9:1c:4a:74:dc:d2:18:ae:f4:
46:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:4C:45:D3:DE:8E:EA:EA:15:12:EE:C5:33:60:1F:76:42:6D:D0:9E
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/M0xF096O6uoVEu7FM2AfdkJt0J4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.192.0/18
Signature Algorithm: sha256WithRSAEncryption
2f:a6:b0:be:18:23:52:03:2e:aa:e4:cf:91:3a:3b:de:61:98:
55:b8:a9:42:30:6b:cf:dc:ab:1e:da:de:d6:ab:fc:72:38:8a:
07:c4:eb:71:80:6c:e6:53:46:ce:87:83:e8:00:c0:e7:7f:a4:
a1:ac:1f:39:ac:fa:a6:2d:4a:4d:80:84:42:ea:91:94:94:04:
d5:a7:10:33:57:41:51:32:72:1f:3b:53:39:3f:ac:49:97:33:
59:ca:74:ad:ff:05:7e:36:0e:fc:a9:36:3b:f6:85:d0:4e:ec:
a0:d7:ba:e3:eb:a6:10:f8:43:76:22:0f:9e:f2:13:8f:d1:5f:
56:8f:82:de:d0:84:ed:1f:00:ed:6f:5b:ae:67:8e:f1:d7:3a:
f4:58:ec:f8:b2:ba:2c:eb:82:7a:2b:fd:3d:c5:d0:1a:bb:fc:
60:52:06:d8:d1:ca:17:25:5f:f3:d2:9a:3e:38:8c:4b:b8:73:
82:34:16:ea:8b:46:90:2d:3c:35:e9:e6:a7:e5:7c:b1:6d:81:
1e:c8:35:04:6d:75:4e:ab:68:8c:c7:7f:eb:cc:d2:45:b8:bf:
d7:84:33:cd:92:82:de:e2:9d:eb:02:78:95:09:bc:09:49:12:
bb:7a:0c:4c:e4:9e:64:77:ef:5d:f8:ac:36:9d:a2:2b:d6:bb:
b2:51:9d:38
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDeUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDMzNEM0NUQzREU4RUVB
RUExNTEyRUVDNTMzNjAxRjc2NDI2REQwOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZhYaTgKJ3idT5sxJsUv0NGNNQ/Wnh+o+FY7XqALox8DHcHL4b
Qb3q+0ds+ikeBVN7SLnnHFE0QoscxedKFxc4hsYLKtvVeePfT6TIbg//fpfVZJMR
QXtctXFH9pGVKYCYSkj7yh+zvED/zpjVZ3XuPhfEpWf+b+5U3ObPqODD9ERpDf7s
DsCpw3LD33oGQzMlc1enBKA1+aSCCHoXa6Ji0Cb8Q9ahQGGz0l+i1VW043v9meZj
9oTaRZpLLclXh1zPpIfuFX6OXOf4GLvMAhq29X7MArFvJPPDYrl61NjUix9ylZWi
bUsdT0fXqyOb/AvoKBOLH7kcSnTc0hiu9EZ5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUM0xF096O6uoVEu7FM2AfdkJt0J4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTTB4RjA5Nk82dW9WRXU3Rk0yQWZk
a0p0MEo0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLJwDAN
BgkqhkiG9w0BAQsFAAOCAQEAL6awvhgjUgMuquTPkTo73mGYVbipQjBrz9yrHtre
1qv8cjiKB8TrcYBs5lNGzoeD6ADA53+koawfOaz6pi1KTYCEQuqRlJQE1acQM1dB
UTJyHztTOT+sSZczWcp0rf8FfjYO/Kk2O/aF0E7soNe64+umEPhDdiIPnvITj9Ff
Vo+C3tCE7R8A7W9brmeO8dc69Fjs+LK6LOuCeiv9PcXQGrv8YFIG2NHKFyVf89Ka
PjiMS7hzgjQW6otGkC08Nenmp+V8sW2BHsg1BG11TqtojMd/68zSRbi/14QzzZKC
3uKd6wJ4lQm8CUkSu3oMTOSeZHfvXfisNp2iK9a7slGdOA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org