Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/NfD8OGyU1Qqn_LoyJD54aLJHbkI.roa
File: NfD8OGyU1Qqn_LoyJD54aLJHbkI.roa (raw, json)
Hash identifier: Qd2QvfcvQhrw3VQK1k+oUHw30K99c0/mxhMIS8qz56E=
Subject key identifier: 35:F0:FC:38:6C:94:D5:0A:A7:FC:BA:32:24:3E:78:68:B2:47:6E:42
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C01
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NfD8OGyU1Qqn_LoyJD54aLJHbkI.roa
Signing time: Sun 07 Feb 2021 11:34:34 +0000
ROA not before: Sun 07 Feb 2021 11:34:34 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9311
IP address blocks: 210.201.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3073 (0xc01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:34:34 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=35F0FC386C94D50AA7FCBA32243E7868B2476E42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:08:cd:4e:b1:7a:e7:ad:af:e7:13:71:a8:da:
b0:a0:99:43:4f:c9:94:f7:d5:71:ba:87:8d:f1:bb:
5c:cc:c3:39:0d:da:a8:c5:92:5d:8e:f2:e7:4b:7a:
df:88:44:0f:c6:d5:0c:46:a3:72:fe:68:fd:da:0b:
f9:a5:b3:0c:45:20:8a:7d:6e:4f:62:d3:fd:42:79:
43:7b:57:12:e2:bc:db:5c:7b:01:0d:05:4f:c0:51:
82:2f:60:04:49:21:cf:6f:69:3c:98:b8:c0:b4:e3:
4a:00:0e:72:61:5c:c1:1a:c7:5c:16:97:37:a4:8a:
15:71:1d:19:6e:66:0a:87:cb:1e:69:cc:d0:eb:85:
d5:fd:bb:db:5d:f3:dd:c6:44:ed:86:a0:df:13:3e:
c6:3f:78:17:58:68:bc:a6:7d:71:2a:f9:ba:5c:57:
5d:46:6b:f9:ea:9d:53:e5:b6:b7:d9:82:69:10:e8:
24:c4:9c:06:d8:60:78:cd:d1:3b:f4:82:37:bb:6e:
62:73:1f:e8:e4:c0:4d:ed:4a:ca:87:6d:f7:fd:50:
5b:0c:e6:cd:26:e7:10:6b:36:58:7a:07:e1:78:b4:
08:8c:11:22:31:7b:c2:09:7d:50:f4:92:55:60:f1:
6b:39:14:3f:7b:1a:e1:ec:64:19:ba:ab:a4:36:4b:
42:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F0:FC:38:6C:94:D5:0A:A7:FC:BA:32:24:3E:78:68:B2:47:6E:42
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NfD8OGyU1Qqn_LoyJD54aLJHbkI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.80.0/22
Signature Algorithm: sha256WithRSAEncryption
37:97:31:74:e0:6f:f6:41:c0:1c:13:17:c8:65:57:a8:d1:b1:
84:f4:51:97:b9:53:df:a4:f8:0f:26:20:9b:ee:d6:04:a2:fe:
b9:a3:cd:2e:ae:05:a5:44:a2:e3:f5:35:8b:3f:ce:b3:4e:c7:
44:df:8a:17:4f:b7:d8:85:dd:ed:7b:8d:d8:a1:d8:8a:18:15:
24:c4:f4:96:da:7f:bc:21:38:61:2c:1d:58:6e:51:2f:ab:20:
29:5b:76:de:b0:12:2b:dd:2e:ee:a6:67:f6:cf:38:ea:c9:65:
5d:09:37:65:3b:45:f3:d2:37:b8:76:e7:96:6b:45:5e:b5:14:
1b:e2:fd:92:ee:84:68:bb:aa:cb:ed:7b:ed:74:27:43:8a:0e:
7a:ae:c4:4d:57:54:ae:01:74:24:2a:e5:da:5f:95:98:1c:ad:
13:98:3b:3c:c3:18:cd:76:28:41:96:25:e4:fd:ff:3d:de:6e:
71:93:80:ed:ff:54:7e:dd:42:9b:18:94:98:04:23:4d:ec:d1:
e4:b6:8d:bf:35:b1:a2:99:82:7d:36:39:1b:00:f9:f8:b6:8c:
d1:28:4b:59:45:62:f1:93:89:b5:1f:1b:cf:3b:ec:a2:eb:4c:
ca:44:01:96:4a:04:39:3c:73:9b:8d:9a:05:55:ae:ac:be:76:
ab:da:f1:9f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM0MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM1RjBGQzM4NkM5NEQ1
MEFBN0ZDQkEzMjI0M0U3ODY4QjI0NzZFNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGCM1OsXrnra/nE3Go2rCgmUNPyZT31XG6h43xu1zMwzkN2qjF
kl2O8udLet+IRA/G1QxGo3L+aP3aC/mlswxFIIp9bk9i0/1CeUN7VxLivNtcewEN
BU/AUYIvYARJIc9vaTyYuMC040oADnJhXMEax1wWlzekihVxHRluZgqHyx5pzNDr
hdX9u9td893GRO2GoN8TPsY/eBdYaLymfXEq+bpcV11Ga/nqnVPltrfZgmkQ6CTE
nAbYYHjN0Tv0gje7bmJzH+jkwE3tSsqHbff9UFsM5s0m5xBrNlh6B+F4tAiMESIx
e8IJfVD0klVg8Ws5FD97GuHsZBm6q6Q2S0KnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNfD8OGyU1Qqn/LoyJD54aLJHbkIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTmZEOE9HeVUxUXFuX0xveUpENTRh
TEpIYmtJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLJUDAN
BgkqhkiG9w0BAQsFAAOCAQEAN5cxdOBv9kHAHBMXyGVXqNGxhPRRl7lT36T4DyYg
m+7WBKL+uaPNLq4FpUSi4/U1iz/Os07HRN+KF0+32IXd7XuN2KHYihgVJMT0ltp/
vCE4YSwdWG5RL6sgKVt23rASK90u7qZn9s846sllXQk3ZTtF89I3uHbnlmtFXrUU
G+L9ku6EaLuqy+177XQnQ4oOeq7ETVdUrgF0JCrl2l+VmBytE5g7PMMYzXYoQZYl
5P3/Pd5ucZOA7f9Uft1CmxiUmAQjTezR5LaNvzWxopmCfTY5GwD5+LaM0ShLWUVi
8ZOJtR8bzzvsoutMykQBlkoEOTxzm42aBVWurL52q9rxnw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org