Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/NrOHRw3x1vCA7xo5xMHoyS1V2bU.roa
File: NrOHRw3x1vCA7xo5xMHoyS1V2bU.roa (raw, json)
Hash identifier: YdU+1o5cdklNpBAhLsl6PJe021SSP3AU6Serj6CF2aw=
Subject key identifier: 36:B3:87:47:0D:F1:D6:F0:80:EF:1A:39:C4:C1:E8:C9:2D:55:D9:B5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DAC
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NrOHRw3x1vCA7xo5xMHoyS1V2bU.roa
Signing time: Wed 29 Sep 2021 02:39:25 +0000
ROA not before: Wed 29 Sep 2021 02:39:25 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 124.218.0.0/16 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3500 (0xdac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:25 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=36B387470DF1D6F080EF1A39C4C1E8C92D55D9B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:03:d4:29:69:9a:6b:c9:c5:89:f6:32:3b:3f:
50:bc:ec:97:49:2e:e2:6d:99:36:55:a9:32:79:e4:
b1:9e:92:0c:ca:1b:f9:0f:79:f8:88:43:de:0a:b6:
7d:fe:ef:b8:df:89:24:71:8c:c4:22:fd:78:7a:93:
0c:97:a0:3e:07:a1:a9:9e:c1:f1:e4:4d:fb:71:22:
dd:c9:9c:83:a5:37:e5:49:7f:c6:66:82:c3:81:30:
99:67:62:28:30:1f:ba:fa:c2:ea:39:3f:5b:ea:dd:
e5:14:e8:fa:68:5d:1d:d2:a6:7b:12:5f:ba:71:a1:
1d:87:b3:7b:4e:06:3d:d2:d7:0d:0b:81:d4:8c:d2:
f2:04:57:e3:9d:7c:1f:2f:6e:70:7f:6a:ab:58:12:
75:82:ef:a6:43:cf:16:f5:fd:6b:ce:db:bb:82:29:
31:27:22:6b:4e:2e:d4:9f:84:f5:0d:87:7c:58:74:
a4:cb:dd:85:6a:89:b7:a8:25:7e:e8:2d:9f:92:f9:
02:46:c4:c9:3b:66:5d:9b:cd:0c:2d:ff:1b:3b:d7:
d5:ea:5e:2b:61:c4:c6:60:de:8d:23:8d:21:a6:24:
a7:9a:25:92:2f:12:d8:97:80:e6:62:e4:a1:29:6c:
80:31:da:a3:22:1d:27:94:2f:3b:a6:b7:e1:0f:24:
70:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B3:87:47:0D:F1:D6:F0:80:EF:1A:39:C4:C1:E8:C9:2D:55:D9:B5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NrOHRw3x1vCA7xo5xMHoyS1V2bU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:89:37:20:80:c0:d9:3c:21:6e:b2:a4:68:83:c7:c4:08:a3:
62:bf:e6:6c:0c:a0:34:80:9e:89:f2:d3:51:9f:31:49:67:12:
06:d7:4d:33:0e:ab:2a:67:ed:f4:b1:d3:52:27:c1:44:c7:27:
f0:a5:51:07:0f:1c:14:cf:af:99:fd:82:71:55:8f:40:14:44:
13:30:f4:6e:0b:82:97:ce:03:06:fb:4e:13:61:3d:f1:af:b2:
05:68:53:b7:39:cf:5c:ec:85:70:a6:35:2e:ca:23:5b:9b:93:
d7:02:6a:a1:b5:03:11:22:a0:0e:e2:6d:5a:03:b1:df:58:17:
8e:1a:d3:ea:2e:04:11:e6:58:71:13:f9:fc:86:62:83:a4:fa:
75:33:1c:1e:49:64:14:e0:74:1d:95:06:87:c1:9c:b7:59:5c:
73:19:89:2c:63:94:a4:2d:96:21:00:7e:bb:e8:ce:ba:36:28:
36:2f:f4:70:55:49:f0:c2:26:b5:01:bd:08:00:3a:9b:02:41:
80:5f:f2:4e:24:bb:52:37:df:78:56:1a:6a:62:b6:ee:7c:33:
23:07:58:19:80:c2:4d:c9:90:e7:51:a5:9b:94:b1:88:89:7b:
43:1e:a5:93:5b:e0:66:07:94:cc:99:0d:35:35:20:ca:fe:1d:
b7:40:c6:73
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDawwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MjVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM2QjM4NzQ3MERGMUQ2
RjA4MEVGMUEzOUM0QzFFOEM5MkQ1NUQ5QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhA9QpaZprycWJ9jI7P1C87JdJLuJtmTZVqTJ55LGekgzKG/kP
efiIQ94Ktn3+77jfiSRxjMQi/Xh6kwyXoD4HoamewfHkTftxIt3JnIOlN+VJf8Zm
gsOBMJlnYigwH7r6wuo5P1vq3eUU6PpoXR3SpnsSX7pxoR2Hs3tOBj3S1w0LgdSM
0vIEV+OdfB8vbnB/aqtYEnWC76ZDzxb1/WvO27uCKTEnImtOLtSfhPUNh3xYdKTL
3YVqibeoJX7oLZ+S+QJGxMk7Zl2bzQwt/xs719XqXithxMZg3o0jjSGmJKeaJZIv
EtiXgOZi5KEpbIAx2qMiHSeULzumt+EPJHDFAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUNrOHRw3x1vCA7xo5xMHoyS1V2bUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTnJPSFJ3M3gxdkNBN3hvNXhNSG95
UzFWMmJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHzaMA0G
CSqGSIb3DQEBCwUAA4IBAQAviTcggMDZPCFusqRog8fECKNiv+ZsDKA0gJ6J8tNR
nzFJZxIG100zDqsqZ+30sdNSJ8FExyfwpVEHDxwUz6+Z/YJxVY9AFEQTMPRuC4KX
zgMG+04TYT3xr7IFaFO3Oc9c7IVwpjUuyiNbm5PXAmqhtQMRIqAO4m1aA7HfWBeO
GtPqLgQR5lhxE/n8hmKDpPp1MxweSWQU4HQdlQaHwZy3WVxzGYksY5SkLZYhAH67
6M66Nig2L/RwVUnwwia1Ab0IADqbAkGAX/JOJLtSN994VhpqYrbufDMjB1gZgMJN
yZDnUaWblLGIiXtDHqWTW+BmB5TMmQ01NSDK/h23QMZz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org