Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/PPfhYwhdzMauupCL7zr1NNIcD0M.roa
File: PPfhYwhdzMauupCL7zr1NNIcD0M.roa (raw, json)
Hash identifier: phjXR5d5ExP6atV1tH1qDEGdEzfNecSF+aqXDNgT7m8=
Subject key identifier: 3C:F7:E1:63:08:5D:CC:C6:AE:BA:90:8B:EF:3A:F5:34:D2:1C:0F:43
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C5D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/PPfhYwhdzMauupCL7zr1NNIcD0M.roa
Signing time: Sun 07 Feb 2021 11:35:51 +0000
ROA not before: Sun 07 Feb 2021 11:35:51 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 222.251.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3165 (0xc5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:35:51 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3CF7E163085DCCC6AEBA908BEF3AF534D21C0F43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9b:a7:b0:07:c9:c7:26:2b:81:5b:56:f1:15:
68:23:ab:78:0d:22:27:79:fb:07:a6:26:ff:43:bf:
d4:cd:53:33:24:82:37:49:63:7c:8a:3a:2f:97:a4:
62:f3:f3:4e:07:65:a3:e1:31:b4:8c:cb:8f:8e:3d:
3b:32:25:75:81:8b:29:0c:b9:67:98:67:1e:57:d6:
4d:d8:64:66:53:99:9d:f5:37:57:7a:5c:65:45:f5:
a9:70:21:85:be:ba:96:ff:2f:4f:43:9e:09:53:19:
8c:ef:6c:e8:e6:cc:d7:2a:d4:4a:df:86:f4:fc:16:
0e:49:27:f9:57:1b:1d:0f:38:45:4c:fa:c0:4a:c4:
08:97:19:2f:be:80:2b:0b:1e:e4:8e:cb:77:04:e4:
7a:3e:3a:a4:a5:ef:9b:7e:eb:55:25:79:02:ec:08:
67:72:62:0c:d3:4e:7f:a2:85:26:7b:29:0f:9c:c4:
75:00:92:ba:a5:6f:96:f2:fc:67:ba:40:f7:90:b1:
35:d2:41:32:14:08:eb:99:75:c1:28:38:a4:f8:26:
db:b0:68:f2:bf:d3:42:9a:75:35:fc:e0:cd:97:cc:
ef:55:8a:df:0e:09:09:91:40:3d:93:fc:cd:42:ff:
de:2d:ff:04:7c:0b:c0:0f:cb:b5:83:a5:4f:cb:84:
3b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F7:E1:63:08:5D:CC:C6:AE:BA:90:8B:EF:3A:F5:34:D2:1C:0F:43
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/PPfhYwhdzMauupCL7zr1NNIcD0M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.251.0.0/17
Signature Algorithm: sha256WithRSAEncryption
85:8a:2d:78:a8:a8:27:f2:21:9f:36:ec:77:5e:cb:60:7f:65:
0a:da:cd:a5:53:40:97:96:7b:ed:44:1d:d3:6e:a8:8b:17:87:
2e:98:e4:49:df:88:d2:cc:62:44:33:b2:3b:bc:cd:3d:30:76:
5a:90:08:d2:89:6e:4f:69:9f:3b:16:71:11:7b:e2:e3:4a:76:
5e:1c:99:dd:29:41:7f:fe:b4:a1:d2:eb:83:5e:a9:d3:6e:c4:
9a:e0:10:bd:04:9d:d2:50:3d:c9:36:0e:1c:4a:48:f5:6d:62:
b9:87:06:22:fc:ab:14:b9:a0:1f:75:2a:57:ce:51:3a:d7:96:
41:04:e4:3c:03:a3:fb:ed:c0:76:77:e1:83:a3:19:97:82:45:
00:24:03:6e:38:02:7a:64:42:15:3d:b1:e1:47:d9:f6:7d:4b:
1d:ab:fe:32:0a:c2:93:82:87:32:f3:85:0f:8a:80:91:87:2a:
db:37:0a:cd:fd:6f:e7:2f:83:1a:57:3b:8c:ba:bf:f0:66:d5:
88:8d:1e:7e:8e:57:19:73:e6:40:27:86:d4:82:05:9f:0f:5d:
85:0d:b0:8d:bd:3f:22:79:bd:b3:9b:28:4e:ee:63:1c:4f:f7:
6f:89:3c:fd:b0:4d:ea:6d:99:90:61:8a:e0:da:da:e9:99:99:
bb:85:79:f6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDF0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM1NTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNDRjdFMTYzMDg1REND
QzZBRUJBOTA4QkVGM0FGNTM0RDIxQzBGNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0m6ewB8nHJiuBW1bxFWgjq3gNIid5+wemJv9Dv9TNUzMkgjdJ
Y3yKOi+XpGLz804HZaPhMbSMy4+OPTsyJXWBiykMuWeYZx5X1k3YZGZTmZ31N1d6
XGVF9alwIYW+upb/L09DnglTGYzvbOjmzNcq1ErfhvT8Fg5JJ/lXGx0POEVM+sBK
xAiXGS++gCsLHuSOy3cE5Ho+OqSl75t+61UleQLsCGdyYgzTTn+ihSZ7KQ+cxHUA
krqlb5by/Ge6QPeQsTXSQTIUCOuZdcEoOKT4JtuwaPK/00KadTX84M2XzO9Vit8O
CQmRQD2T/M1C/94t/wR8C8APy7WDpU/LhDuPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPPfhYwhdzMauupCL7zr1NNIcD0MwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUFBmaFl3aGR6TWF1dXBDTDd6cjFO
TkljRDBNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB977ADAN
BgkqhkiG9w0BAQsFAAOCAQEAhYoteKioJ/Ihnzbsd17LYH9lCtrNpVNAl5Z77UQd
026oixeHLpjkSd+I0sxiRDOyO7zNPTB2WpAI0oluT2mfOxZxEXvi40p2XhyZ3SlB
f/60odLrg16p027EmuAQvQSd0lA9yTYOHEpI9W1iuYcGIvyrFLmgH3UqV85ROteW
QQTkPAOj++3Adnfhg6MZl4JFACQDbjgCemRCFT2x4UfZ9n1LHav+MgrCk4KHMvOF
D4qAkYcq2zcKzf1v5y+DGlc7jLq/8GbViI0efo5XGXPmQCeG1IIFnw9dhQ2wjb0/
Inm9s5soTu5jHE/3b4k8/bBN6m2ZkGGK4Nra6ZmZu4V59g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org