Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/NsJR3NI23PrWeyfJMhzpxXFq4P4.roa
File: NsJR3NI23PrWeyfJMhzpxXFq4P4.roa (raw, json)
Hash identifier: KrQ2hDuukRmqe+z9pIWyW547NGIyezTCvqqufZ0HIT4=
Subject key identifier: 36:C2:51:DC:D2:36:DC:FA:D6:7B:27:C9:32:1C:E9:C5:71:6A:E0:FE
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DA7
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NsJR3NI23PrWeyfJMhzpxXFq4P4.roa
Signing time: Wed 29 Sep 2021 02:39:23 +0000
ROA not before: Wed 29 Sep 2021 02:39:23 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7482
IP address blocks: 60.244.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3495 (0xda7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:23 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=36C251DCD236DCFAD67B27C9321CE9C5716AE0FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:f8:39:c2:36:50:d5:9d:22:89:9b:63:c2:0f:
45:ea:b4:df:29:d8:5e:a1:f2:42:57:f8:18:a6:a8:
41:c1:f4:90:62:21:8a:12:75:9f:16:73:55:36:10:
e7:ef:d5:87:96:ce:a8:38:2a:5d:8d:f8:1b:04:0f:
02:66:90:83:f2:92:75:b9:18:ec:4d:a9:a6:bf:fa:
9d:64:ea:9d:6e:17:ae:ef:e7:58:4f:f7:71:37:3c:
ec:57:22:40:f1:13:d9:75:74:44:52:6d:c8:e8:18:
71:6e:00:48:d7:ad:6a:9d:2d:a9:4f:67:94:2e:0f:
0f:6f:b3:33:48:fe:38:b2:72:d7:2e:f0:ee:0c:cc:
51:ef:71:f8:c8:72:18:af:42:4f:c3:38:d5:ed:89:
e3:35:1f:70:f2:03:f9:c1:88:65:1f:e7:23:94:8e:
e0:0f:5b:27:41:16:f3:08:7e:7b:28:07:a9:a0:0b:
2d:8b:a7:dd:04:db:8f:01:8e:85:f9:87:e5:b7:4c:
a3:9f:36:f9:ed:be:ab:59:1e:bc:8d:51:53:d5:56:
0b:41:30:7f:47:16:eb:47:22:e8:d1:62:9c:04:d4:
77:ec:a7:25:17:f9:e3:a7:fd:02:94:65:6c:6e:67:
7b:dc:0e:d5:90:c4:94:fb:4c:b2:43:6a:87:5c:38:
2f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C2:51:DC:D2:36:DC:FA:D6:7B:27:C9:32:1C:E9:C5:71:6A:E0:FE
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NsJR3NI23PrWeyfJMhzpxXFq4P4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.128.0/17
Signature Algorithm: sha256WithRSAEncryption
ab:6d:ba:69:f9:80:4e:5c:33:b7:4a:79:3b:4f:13:a6:b4:f2:
17:9d:24:ec:92:7f:de:a9:f3:02:7e:70:2b:a8:e6:10:33:92:
5e:b7:ef:f9:b7:66:30:f6:d1:84:bf:dd:56:b9:34:dc:f0:a3:
63:e2:dc:32:33:1d:26:a3:74:9d:90:ff:f4:59:99:dc:7b:ae:
70:bf:9d:ab:23:9a:30:fa:f2:a4:b2:89:7a:32:ff:2c:e7:c1:
ea:87:69:f2:47:94:78:cb:6f:cc:a0:cf:45:77:3d:82:bd:1f:
2f:8f:e7:67:ea:1b:51:46:ef:4f:c4:69:cc:68:e7:b6:c1:6c:
07:f7:21:06:3b:a9:21:07:cd:c3:81:10:68:50:7d:55:41:f8:
64:e3:75:95:8f:8a:b2:1c:ed:34:1e:39:5b:bb:35:bc:5e:09:
44:1c:db:a4:c4:c9:04:02:07:06:52:93:f8:85:7b:42:08:07:
70:46:f7:a5:70:c9:b6:65:51:35:d8:8b:56:08:df:13:83:59:
c6:7d:65:0e:80:05:34:fd:7b:64:a2:b3:42:2e:26:e7:c9:5c:
ee:a7:95:f4:d7:57:64:29:9a:ee:78:a0:57:fa:f7:9c:50:cc:
9d:46:88:1e:00:4f:00:fb:70:d1:18:f8:ab:ef:27:61:62:e4:
8b:72:88:6f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MjNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM2QzI1MURDRDIzNkRD
RkFENjdCMjdDOTMyMUNFOUM1NzE2QUUwRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4+DnCNlDVnSKJm2PCD0XqtN8p2F6h8kJX+BimqEHB9JBiIYoS
dZ8Wc1U2EOfv1YeWzqg4Kl2N+BsEDwJmkIPyknW5GOxNqaa/+p1k6p1uF67v51hP
93E3POxXIkDxE9l1dERSbcjoGHFuAEjXrWqdLalPZ5QuDw9vszNI/jiyctcu8O4M
zFHvcfjIchivQk/DONXtieM1H3DyA/nBiGUf5yOUjuAPWydBFvMIfnsoB6mgCy2L
p90E248BjoX5h+W3TKOfNvntvqtZHryNUVPVVgtBMH9HFutHIujRYpwE1HfspyUX
+eOn/QKUZWxuZ3vcDtWQxJT7TLJDaodcOC/fAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNsJR3NI23PrWeyfJMhzpxXFq4P4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTnNKUjNOSTIzUHJXZXlmSk1oenB4
WEZxNFA0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzz0gDAN
BgkqhkiG9w0BAQsFAAOCAQEAq226afmATlwzt0p5O08TprTyF50k7JJ/3qnzAn5w
K6jmEDOSXrfv+bdmMPbRhL/dVrk03PCjY+LcMjMdJqN0nZD/9FmZ3HuucL+dqyOa
MPrypLKJejL/LOfB6odp8keUeMtvzKDPRXc9gr0fL4/nZ+obUUbvT8RpzGjntsFs
B/chBjupIQfNw4EQaFB9VUH4ZON1lY+KshztNB45W7s1vF4JRBzbpMTJBAIHBlKT
+IV7QggHcEb3pXDJtmVRNdiLVgjfE4NZxn1lDoAFNP17ZKKzQi4m58lc7qeV9NdX
ZCma7nigV/r3nFDMnUaIHgBPAPtw0Rj4q+8nYWLki3KIbw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org