Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/T0h-125RqMo8vQObLRMhwAwv64k.roa
File: T0h-125RqMo8vQObLRMhwAwv64k.roa (raw, json)
Hash identifier: xtmU5aA+AL7wX4SJxGyiahd4DtSrhTIXY+GJY0/ndiA=
Subject key identifier: 4F:48:7E:D7:6E:51:A8:CA:3C:BD:03:9B:2D:13:21:C0:0C:2F:EB:89
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0913
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/T0h-125RqMo8vQObLRMhwAwv64k.roa
Signing time: Tue 29 Sep 2020 10:01:26 +0000
ROA not before: Tue 29 Sep 2020 10:01:26 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 222.251.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2323 (0x913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:26 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=4F487ED76E51A8CA3CBD039B2D1321C00C2FEB89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b3:f0:57:5a:92:bd:b5:96:06:cb:01:5d:ed:
54:fd:66:92:fe:7a:39:39:66:53:27:a4:9e:a5:ea:
03:b5:7b:f3:75:77:e1:6b:e8:77:57:e9:ba:f5:86:
c2:3f:1f:7c:a8:05:28:a6:c7:0a:62:8a:ec:8d:35:
c9:0f:0a:0b:4f:c7:9c:3d:25:2d:6a:ef:46:64:93:
b1:3b:c7:39:72:56:02:d8:03:11:28:27:37:62:44:
eb:0c:41:83:ff:23:b2:51:27:df:09:49:0f:85:46:
88:07:cf:c2:ce:d1:ce:80:7f:39:0b:b2:dd:b7:34:
39:c7:7c:1a:60:2b:8a:7c:32:22:54:40:37:57:62:
37:7a:9c:d1:7e:fe:03:96:57:66:4b:4e:0c:de:18:
7c:9f:7c:2a:ae:91:48:ac:a5:d1:04:21:ee:e6:56:
15:db:7b:5d:3d:00:56:db:49:8e:6a:44:31:02:b9:
51:a5:97:85:f9:f2:3f:5b:97:2a:24:8d:18:af:20:
03:fa:de:2c:a1:a1:4e:6e:c5:2c:1b:7c:03:ae:79:
a1:8d:91:85:15:ac:c1:3a:b1:02:1d:ef:df:5a:01:
76:b5:db:b5:2a:d9:6d:43:6d:e2:3d:c2:57:43:a3:
19:3f:25:82:f5:92:95:f5:48:df:ef:54:ad:4d:a2:
9a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:48:7E:D7:6E:51:A8:CA:3C:BD:03:9B:2D:13:21:C0:0C:2F:EB:89
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/T0h-125RqMo8vQObLRMhwAwv64k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.251.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3c:fc:80:7a:41:4d:64:c5:89:2d:99:37:08:27:79:b6:3b:bc:
72:19:61:a3:9f:4d:27:59:31:53:06:dc:10:10:cf:a3:e4:3e:
48:72:c0:62:90:4c:20:82:03:04:65:91:59:23:c1:dd:53:00:
6d:a8:55:b9:1e:30:b0:fe:95:03:03:a1:6f:81:09:55:78:7c:
87:61:85:8d:ec:74:d6:76:91:e7:b1:05:0b:4b:f8:6f:7d:39:
45:e0:c9:81:d4:fb:d1:59:27:66:8e:e9:4d:33:8e:d8:23:fe:
c7:3b:9d:eb:bc:39:bb:25:74:5d:33:b6:be:00:c0:b8:94:9c:
c9:8e:b8:f5:f2:59:52:e5:c5:ce:81:9f:b6:e7:cb:16:97:e0:
98:26:31:aa:7f:3a:1f:77:d0:e4:85:c9:0b:d1:d9:58:ca:81:
4e:88:9a:92:80:ea:91:ec:39:85:5e:1c:54:6c:cd:1f:f5:78:
45:74:2d:a3:43:25:46:28:bd:ff:04:27:c0:a9:61:d4:5e:b5:
da:bf:36:e0:99:c9:21:0d:4f:6c:37:ac:82:b7:69:93:d7:fc:
95:5f:82:64:50:cc:85:31:9f:8f:f6:3d:be:f4:4a:a1:ae:3a:
de:92:24:c0:ab:d7:3b:33:89:bd:48:8c:df:58:b2:fb:de:1f:
94:40:fc:d9
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCRMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMjZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDRGNDg3RUQ3NkU1MUE4
Q0EzQ0JEMDM5QjJEMTMyMUMwMEMyRkVCODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVs/BXWpK9tZYGywFd7VT9ZpL+ejk5ZlMnpJ6l6gO1e/N1d+Fr
6HdX6br1hsI/H3yoBSimxwpiiuyNNckPCgtPx5w9JS1q70Zkk7E7xzlyVgLYAxEo
JzdiROsMQYP/I7JRJ98JSQ+FRogHz8LO0c6AfzkLst23NDnHfBpgK4p8MiJUQDdX
Yjd6nNF+/gOWV2ZLTgzeGHyffCqukUispdEEIe7mVhXbe109AFbbSY5qRDECuVGl
l4X58j9blyokjRivIAP63iyhoU5uxSwbfAOueaGNkYUVrME6sQId799aAXa127Uq
2W1DbeI9wldDoxk/JYL1kpX1SN/vVK1NoppDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUT0h+125RqMo8vQObLRMhwAwv64kwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVDBoLTEyNVJxTW84dlFPYkxSTWh3
QXd2NjRrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB977ADAN
BgkqhkiG9w0BAQsFAAOCAQEAPPyAekFNZMWJLZk3CCd5tju8chlho59NJ1kxUwbc
EBDPo+Q+SHLAYpBMIIIDBGWRWSPB3VMAbahVuR4wsP6VAwOhb4EJVXh8h2GFjex0
1naR57EFC0v4b305ReDJgdT70VknZo7pTTOO2CP+xzud67w5uyV0XTO2vgDAuJSc
yY649fJZUuXFzoGftufLFpfgmCYxqn86H3fQ5IXJC9HZWMqBToiakoDqkew5hV4c
VGzNH/V4RXQto0MlRii9/wQnwKlh1F612r824JnJIQ1PbDesgrdpk9f8lV+CZFDM
hTGfj/Y9vvRKoa463pIkwKvXOzOJvUiM31iy+94flED82Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org