Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/QJ_pJFq2iEVxksfk5pSlZt79pkk.roa
File: QJ_pJFq2iEVxksfk5pSlZt79pkk.roa (raw, json)
Hash identifier: dRIz5XL5sdytYNTesKik9BLaZ1+SUaYzYpVc7/ie7qM=
Subject key identifier: 40:9F:E9:24:5A:B6:88:45:71:92:C7:E4:E6:94:A5:66:DE:FD:A6:49
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E59
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/QJ_pJFq2iEVxksfk5pSlZt79pkk.roa
Signing time: Wed 29 Sep 2021 02:40:16 +0000
ROA not before: Wed 29 Sep 2021 02:40:16 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 210.63.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3673 (0xe59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:40:16 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=409FE9245AB688457192C7E4E694A566DEFDA649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9a:0a:b1:01:f4:98:d2:a1:74:be:32:75:3d:
cb:46:0a:5d:1c:5b:0a:b0:8c:03:d9:9e:e5:02:5c:
92:6d:12:98:e8:2c:16:83:31:51:27:2d:b7:4f:08:
51:2e:5c:07:09:a7:27:1f:d8:d2:13:b9:cb:b5:f1:
c8:9b:dd:3b:51:fc:11:4f:16:17:12:16:2d:e8:8c:
c8:5f:af:46:3c:17:d8:c3:15:eb:0c:b2:0f:3d:cf:
8a:24:d8:7d:08:c4:2a:cd:6a:79:0c:f0:2a:bc:fe:
96:75:2b:7c:fa:d6:40:c0:aa:0a:57:59:c3:59:96:
94:20:7c:60:e9:82:ec:d5:d6:34:2b:5b:23:e2:85:
77:e6:9e:02:ea:e9:5b:9a:3e:02:5d:7b:c5:83:35:
96:28:10:ae:29:14:db:96:ce:68:d8:b0:0f:a4:26:
5c:54:12:37:dd:38:3a:f9:be:2b:af:61:a5:24:ba:
c4:7e:e1:13:1e:9b:84:18:48:8b:24:8a:1b:fd:ac:
4f:79:8b:0d:4c:06:56:68:7a:ce:50:3e:df:ca:18:
b9:06:42:a1:9e:7f:2d:df:58:f1:78:6e:97:e0:11:
57:69:9e:40:54:e9:35:77:ca:be:17:2f:de:4a:83:
16:88:43:40:77:f3:21:82:ca:5c:90:bd:26:67:35:
1e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9F:E9:24:5A:B6:88:45:71:92:C7:E4:E6:94:A5:66:DE:FD:A6:49
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/QJ_pJFq2iEVxksfk5pSlZt79pkk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
09:8c:d6:b1:81:bf:2f:27:9a:a3:85:62:d1:d6:1f:2a:d8:33:
4f:f8:ca:bc:80:c9:92:c2:b2:cc:82:ae:db:c1:55:c0:59:ef:
05:00:a1:6f:02:30:0d:c9:c4:0c:fd:4e:2f:5c:9a:0c:b0:85:
e9:5d:86:70:8c:d4:e5:73:ee:e5:2c:8d:a7:82:e0:94:63:fd:
3d:b4:c5:3c:c0:a5:a2:9a:f1:88:cc:23:29:df:e1:38:12:f8:
73:fa:46:18:46:95:2d:5d:c7:e6:19:0c:88:02:b1:5b:b5:56:
f1:d2:93:75:12:30:33:be:02:c8:f9:40:1b:77:57:2c:d3:c0:
c9:93:18:b5:4e:47:44:fd:d2:fd:c3:7a:ab:6f:91:20:6e:35:
24:7b:58:d8:15:1e:e5:be:9c:ab:5a:0d:9f:2c:c5:52:7c:cb:
19:e5:5c:39:6e:d6:09:26:19:e0:43:7d:91:8d:67:ec:51:09:
dc:e1:57:89:5f:28:eb:b0:1a:46:c6:ae:e4:40:a6:b0:e5:b4:
99:89:60:b4:76:17:5c:95:f4:a8:2b:d3:00:13:69:20:59:42:
79:5e:eb:1b:e5:a6:69:dc:f5:65:85:d2:ce:c7:99:3e:ec:a7:
e7:b0:90:bf:ed:ea:c9:32:52:ff:1a:d3:95:8f:51:09:9e:b3:
55:e3:59:2e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDlkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQwOUZFOTI0NUFCNjg4
NDU3MTkyQzdFNEU2OTRBNTY2REVGREE2NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7mgqxAfSY0qF0vjJ1PctGCl0cWwqwjAPZnuUCXJJtEpjoLBaD
MVEnLbdPCFEuXAcJpycf2NITucu18cib3TtR/BFPFhcSFi3ojMhfr0Y8F9jDFesM
sg89z4ok2H0IxCrNankM8Cq8/pZ1K3z61kDAqgpXWcNZlpQgfGDpguzV1jQrWyPi
hXfmngLq6VuaPgJde8WDNZYoEK4pFNuWzmjYsA+kJlxUEjfdODr5viuvYaUkusR+
4RMem4QYSIskihv9rE95iw1MBlZoes5QPt/KGLkGQqGefy3fWPF4bpfgEVdpnkBU
6TV3yr4XL95KgxaIQ0B38yGCylyQvSZnNR7jAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQJ/pJFq2iEVxksfk5pSlZt79pkkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUUpfcEpGcTJpRVZ4a3NmazVwU2xa
dDc5cGtrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtI/6DAN
BgkqhkiG9w0BAQsFAAOCAQEACYzWsYG/Lyeao4Vi0dYfKtgzT/jKvIDJksKyzIKu
28FVwFnvBQChbwIwDcnEDP1OL1yaDLCF6V2GcIzU5XPu5SyNp4LglGP9PbTFPMCl
oprxiMwjKd/hOBL4c/pGGEaVLV3H5hkMiAKxW7VW8dKTdRIwM74CyPlAG3dXLNPA
yZMYtU5HRP3S/cN6q2+RIG41JHtY2BUe5b6cq1oNnyzFUnzLGeVcOW7WCSYZ4EN9
kY1n7FEJ3OFXiV8o67AaRsau5ECmsOW0mYlgtHYXXJX0qCvTABNpIFlCeV7rG+Wm
adz1ZYXSzseZPuyn57CQv+3qyTJS/xrTlY9RCZ6zVeNZLg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org