Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Rh2rrkQ171h1hGKKoiWbuSnXJ_k.roa
File: Rh2rrkQ171h1hGKKoiWbuSnXJ_k.roa (raw, json)
Hash identifier: o+HYFzncBu7fMNAsT7jNedY8M2MtfcCt/3WZuJAxILU=
Subject key identifier: 46:1D:AB:AE:44:35:EF:58:75:84:62:8A:A2:25:9B:B9:29:D7:27:F9
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DB5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Rh2rrkQ171h1hGKKoiWbuSnXJ_k.roa
Signing time: Wed 29 Sep 2021 02:39:28 +0000
ROA not before: Wed 29 Sep 2021 02:39:28 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24154
IP address blocks: 203.207.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3509 (0xdb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:28 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=461DABAE4435EF587584628AA2259BB929D727F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:36:93:bd:5a:af:d9:fd:b8:de:e9:09:e0:37:
c3:e8:4c:10:8f:16:d6:e9:a7:e0:b6:02:2f:3d:90:
f8:9d:fc:83:1f:f0:63:27:58:a9:c8:93:d7:cd:bf:
ed:fc:64:40:ff:8c:83:5e:f3:4f:79:e3:9b:12:ba:
6a:a6:6c:d9:65:2e:74:6c:9c:4e:51:37:ba:c2:f9:
b2:0e:66:08:cd:be:4f:66:41:25:69:9f:24:11:c8:
89:78:93:c5:a1:3f:de:d7:f7:fd:f8:f3:e3:05:ba:
78:f9:ef:03:08:c1:1e:17:d4:46:7f:73:18:49:b9:
e6:26:0d:69:b5:a7:ff:6d:02:c8:1e:97:ed:04:f4:
27:21:0b:71:bb:c8:93:4b:a6:b6:97:87:19:9b:d5:
cc:ce:e2:d4:48:ba:9a:fc:dc:c8:a1:05:6f:f7:a7:
82:39:ec:48:13:9d:07:b8:ac:c4:b9:26:f4:25:ea:
0f:6c:41:70:09:0f:4e:ab:20:95:4b:9e:67:e0:ba:
cf:f9:c8:72:22:aa:74:20:01:66:06:7d:32:de:a6:
7e:a4:4b:d1:e8:d2:52:cd:fb:ae:42:33:e3:02:94:
f0:51:05:63:54:e9:59:d5:32:eb:f5:2e:ce:2e:17:
7f:23:0a:48:0e:3c:b8:45:4a:3d:c0:10:f6:32:37:
ff:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1D:AB:AE:44:35:EF:58:75:84:62:8A:A2:25:9B:B9:29:D7:27:F9
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Rh2rrkQ171h1hGKKoiWbuSnXJ_k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.207.44.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:b2:1f:15:21:5b:90:ba:7d:3f:01:47:ee:df:45:ed:c1:68:
3b:39:ea:7c:20:c5:01:6c:a2:2f:55:e2:86:8b:80:0d:12:98:
ba:34:c9:18:04:6a:79:92:43:33:41:4a:dc:3f:4a:0b:f9:62:
b7:ed:76:64:53:12:af:31:71:91:dc:eb:46:8b:13:33:88:b0:
10:3d:57:df:18:11:82:ad:88:85:aa:35:1a:ce:32:9c:67:97:
88:a3:3a:87:51:86:0f:b1:86:d2:88:7a:56:e3:6a:47:fb:e4:
6d:dd:59:1a:11:8d:33:47:dc:ec:5e:8d:31:95:f3:c9:ce:bc:
6f:27:cc:a0:7a:a1:3c:16:77:31:3e:89:78:69:90:89:1c:d9:
71:3e:79:e2:c8:fc:90:c8:94:68:cf:d2:8b:eb:8b:9f:79:32:
d6:b0:a3:1a:75:04:7c:8e:95:52:1a:36:a7:bd:62:8f:53:f2:
0f:57:ad:b2:61:54:b6:cb:bf:7f:b8:0e:75:de:e8:56:30:40:
7a:6b:4c:64:20:18:7d:9b:ac:20:81:27:b7:ad:10:8b:ce:e5:
8c:64:4a:a1:80:53:f7:c3:88:89:30:a0:de:82:24:7c:08:a1:
e4:8c:84:53:cb:e2:2b:5d:4d:01:b9:7b:10:1e:e6:5f:9f:5f:
a5:86:fe:54
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDbUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MjhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQ2MURBQkFFNDQzNUVG
NTg3NTg0NjI4QUEyMjU5QkI5MjlENzI3RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMNpO9Wq/Z/bje6QngN8PoTBCPFtbpp+C2Ai89kPid/IMf8GMn
WKnIk9fNv+38ZED/jINe809545sSumqmbNllLnRsnE5RN7rC+bIOZgjNvk9mQSVp
nyQRyIl4k8WhP97X9/348+MFunj57wMIwR4X1EZ/cxhJueYmDWm1p/9tAsgel+0E
9CchC3G7yJNLpraXhxmb1czO4tRIupr83MihBW/3p4I57EgTnQe4rMS5JvQl6g9s
QXAJD06rIJVLnmfgus/5yHIiqnQgAWYGfTLepn6kS9Ho0lLN+65CM+MClPBRBWNU
6VnVMuv1Ls4uF38jCkgOPLhFSj3AEPYyN/8hAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQURh2rrkQ171h1hGKKoiWbuSnXJ/kwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUmgycnJrUTE3MWgxaEdLS29pV2J1
U25YSl9rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsvPLDAN
BgkqhkiG9w0BAQsFAAOCAQEAXrIfFSFbkLp9PwFH7t9F7cFoOznqfCDFAWyiL1Xi
houADRKYujTJGARqeZJDM0FK3D9KC/lit+12ZFMSrzFxkdzrRosTM4iwED1X3xgR
gq2Ihao1Gs4ynGeXiKM6h1GGD7GG0oh6VuNqR/vkbd1ZGhGNM0fc7F6NMZXzyc68
byfMoHqhPBZ3MT6JeGmQiRzZcT554sj8kMiUaM/Si+uLn3ky1rCjGnUEfI6VUho2
p71ij1PyD1etsmFUtsu/f7gOdd7oVjBAemtMZCAYfZusIIEnt60Qi87ljGRKoYBT
98OIiTCg3oIkfAih5IyEU8viK11NAbl7EB7mX59fpYb+VA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org