Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/QyMCXEW753a2gjx0nalVIRG7a7o.roa
File: QyMCXEW753a2gjx0nalVIRG7a7o.roa (raw, json)
Hash identifier: ezLWlHUE91Gg9hyXMVmrQuPJWWTjzrfYSwdJG1NmSVA=
Subject key identifier: 43:23:02:5C:45:BB:E7:76:B6:82:3C:74:9D:A9:55:21:11:BB:6B:BA
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C61
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/QyMCXEW753a2gjx0nalVIRG7a7o.roa
Signing time: Sun 07 Feb 2021 11:35:54 +0000
ROA not before: Sun 07 Feb 2021 11:35:54 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 223.22.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3169 (0xc61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:35:54 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=4323025C45BBE776B6823C749DA9552111BB6BBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:01:fe:d6:77:a6:74:62:83:1d:27:60:94:a2:
59:ed:80:5c:87:ed:b1:57:59:e2:1b:6f:a9:04:76:
c7:68:c8:87:74:bc:48:a6:be:4f:fd:e6:f0:ee:c6:
1f:4b:2b:54:06:44:c1:03:8e:16:a6:6a:24:32:4f:
27:80:74:fb:af:8b:33:f3:7c:c8:93:01:ce:a9:52:
9c:9e:27:67:07:cc:fa:3f:34:2e:7f:18:03:e5:6d:
07:f6:59:27:c9:55:a8:98:6b:92:7f:c3:f8:fd:2a:
f2:cf:1e:23:84:9e:1d:fe:4b:26:22:ef:1c:a1:32:
6d:db:c8:36:0c:15:7a:c3:60:78:5d:7e:c4:4a:bf:
42:f6:38:b7:a6:b6:1a:63:96:70:d6:68:45:c3:a7:
11:2e:61:26:d9:a5:23:31:7c:f3:f3:a0:e0:95:66:
31:2f:02:ad:a1:93:65:cd:fc:52:45:2e:16:c1:94:
2e:b8:4f:64:03:0c:ca:71:d9:d7:85:42:0a:b5:ae:
92:65:b3:c0:2a:08:56:60:50:18:be:ff:05:00:da:
61:f3:93:35:20:4e:d7:f6:57:92:0e:cc:d9:bd:9c:
cb:15:c9:dd:da:ff:bd:30:42:f6:09:42:4d:f6:00:
01:24:85:8a:36:2d:f9:ac:5f:ca:a2:56:7c:85:2e:
62:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:23:02:5C:45:BB:E7:76:B6:82:3C:74:9D:A9:55:21:11:BB:6B:BA
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/QyMCXEW753a2gjx0nalVIRG7a7o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:f4:7b:d6:8a:ab:ba:ab:c0:31:d4:b7:2a:e2:20:39:99:bf:
5e:e9:c5:a3:ac:b7:b4:0c:ef:19:fa:9c:84:12:93:60:58:f2:
c0:fb:5f:be:68:03:91:18:b0:a4:d4:11:14:8b:c3:a6:5d:54:
e0:08:92:27:d4:b4:3f:2f:da:c6:e5:98:7d:15:84:bd:53:b4:
26:c9:84:4e:3f:35:33:9d:e5:ad:c7:08:37:04:3a:01:99:22:
28:d2:1e:54:ac:43:a2:2b:5d:3f:0e:39:61:b8:41:dd:49:74:
37:91:7c:d3:eb:4e:fa:d5:c6:1a:4c:e0:6f:9e:f0:73:de:db:
e9:da:6d:28:57:22:7a:71:b0:6c:b8:53:32:34:44:45:17:05:
a7:72:5e:1d:20:65:d9:fd:d9:72:b3:a5:c3:5a:03:2f:72:1b:
20:50:14:0b:a7:66:44:4f:1e:3a:6c:28:05:68:55:5b:8a:06:
a4:cb:82:17:14:e6:02:eb:b6:3a:1c:a4:8c:39:7f:0b:57:18:
41:72:93:85:73:c5:c8:99:e9:a5:e8:8e:a9:42:9e:fc:04:dd:
5c:c1:45:50:6c:a7:0d:6f:b7:4d:4e:0c:14:45:24:e6:d8:c8:
46:db:43:97:bd:09:3e:7d:73:2c:ea:10:ff:3d:8c:72:d5:7a:
23:c3:68:47
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM1NTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQzMjMwMjVDNDVCQkU3
NzZCNjgyM0M3NDlEQTk1NTIxMTFCQjZCQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoAf7Wd6Z0YoMdJ2CUolntgFyH7bFXWeIbb6kEdsdoyId0vEim
vk/95vDuxh9LK1QGRMEDjhamaiQyTyeAdPuvizPzfMiTAc6pUpyeJ2cHzPo/NC5/
GAPlbQf2WSfJVaiYa5J/w/j9KvLPHiOEnh3+SyYi7xyhMm3byDYMFXrDYHhdfsRK
v0L2OLemthpjlnDWaEXDpxEuYSbZpSMxfPPzoOCVZjEvAq2hk2XN/FJFLhbBlC64
T2QDDMpx2deFQgq1rpJls8AqCFZgUBi+/wUA2mHzkzUgTtf2V5IOzNm9nMsVyd3a
/70wQvYJQk32AAEkhYo2LfmsX8qiVnyFLmIJAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUQyMCXEW753a2gjx0nalVIRG7a7owHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUXlNQ1hFVzc1M2EyZ2p4MG5hbFZJ
Ukc3YTdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN8WMA0G
CSqGSIb3DQEBCwUAA4IBAQCb9HvWiqu6q8Ax1Lcq4iA5mb9e6cWjrLe0DO8Z+pyE
EpNgWPLA+1++aAORGLCk1BEUi8OmXVTgCJIn1LQ/L9rG5Zh9FYS9U7QmyYROPzUz
neWtxwg3BDoBmSIo0h5UrEOiK10/DjlhuEHdSXQ3kXzT60761cYaTOBvnvBz3tvp
2m0oVyJ6cbBsuFMyNERFFwWncl4dIGXZ/dlys6XDWgMvchsgUBQLp2ZETx46bCgF
aFVbigaky4IXFOYC67Y6HKSMOX8LVxhBcpOFc8XImeml6I6pQp78BN1cwUVQbKcN
b7dNTgwURSTm2MhG20OXvQk+fXMs6hD/PYxy1Xojw2hH
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org