Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/TaAjNN_pt8e3MmxL0z3Ok5dUBv8.roa
File: TaAjNN_pt8e3MmxL0z3Ok5dUBv8.roa (raw, json)
Hash identifier: OcI/xiURhv5Ibn+CwAiRDClRHa7Jo3JlNgXsH8aXUm4=
Subject key identifier: 4D:A0:23:34:DF:E9:B7:C7:B7:32:6C:4B:D3:3D:CE:93:97:54:06:FF
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C85
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/TaAjNN_pt8e3MmxL0z3Ok5dUBv8.roa
Signing time: Sun 07 Feb 2021 11:39:55 +0000
ROA not before: Sun 07 Feb 2021 11:39:55 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 16625
IP address blocks: 210.203.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3205 (0xc85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:39:55 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=4DA02334DFE9B7C7B7326C4BD33DCE93975406FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d0:03:30:d6:6e:c5:b3:70:f3:fa:7a:4d:97:
f6:aa:b1:35:92:8d:2f:d1:0d:ee:7d:78:96:91:1d:
25:d4:0e:8f:19:6b:dd:7b:23:24:03:8e:cb:82:41:
37:4e:26:d0:7e:b1:a0:c1:3b:e9:a9:d1:91:e6:ff:
5b:f9:c0:e5:29:50:3a:bb:b2:89:e4:99:85:19:20:
43:3b:e4:ab:2e:9c:aa:15:41:f1:7b:55:e5:7d:5f:
9a:be:a8:8c:0f:8d:dc:fc:ed:c1:6f:3b:10:c8:fc:
cc:22:cf:88:47:94:ea:2e:7e:f3:4e:3f:f1:c3:da:
05:b0:6d:1a:72:90:5f:05:62:8b:a1:fa:a7:2d:1a:
f8:21:fc:bb:9c:f2:86:2c:3f:31:83:97:00:f1:b9:
fa:08:9e:34:53:33:e9:2b:64:1e:aa:1a:df:fa:77:
cb:00:8f:4a:0a:8d:36:54:51:5e:f5:52:9f:2b:1f:
e2:ae:b2:0d:78:60:b4:1a:13:dc:fb:f0:58:54:41:
b3:77:5c:d5:c3:1c:ee:fd:e0:c7:b7:aa:52:98:d1:
cc:80:e1:07:d5:ce:3d:9a:b4:68:78:15:93:f6:c3:
4c:ae:7c:75:1b:d5:30:a5:df:52:2e:68:0e:d0:1c:
7e:5a:49:90:fc:13:e4:c3:a1:91:36:0d:55:04:4b:
dd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A0:23:34:DF:E9:B7:C7:B7:32:6C:4B:D3:3D:CE:93:97:54:06:FF
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/TaAjNN_pt8e3MmxL0z3Ok5dUBv8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.8.0/21
Signature Algorithm: sha256WithRSAEncryption
c1:aa:c7:86:03:27:ad:50:65:88:4f:b0:46:68:53:29:c9:27:
a7:e3:81:ce:c9:6a:ac:c6:d1:91:4c:20:69:8a:6f:71:9c:41:
9a:dd:0d:85:0f:b9:68:df:03:44:06:4e:78:d2:07:2b:ad:1a:
b9:a3:5f:5d:c2:94:53:35:25:41:73:81:33:16:c5:19:04:a9:
4b:27:c7:c4:cf:05:32:b4:12:62:e4:a7:85:59:0e:d4:7c:2e:
00:36:a9:1c:d8:a0:c7:62:18:c0:8d:92:6f:03:c7:83:6c:1b:
44:6a:24:9e:54:43:fd:8b:6d:77:15:64:04:2f:3c:72:96:c4:
1c:26:2d:34:e2:f6:0e:eb:64:da:bd:e1:4d:30:d5:75:bd:6a:
85:f7:b3:35:ed:f8:43:f5:8d:9f:c1:e7:5d:24:62:10:05:48:
ed:ab:c9:47:64:3b:ed:6a:06:7c:9b:64:3a:14:72:ba:cf:c1:
d1:aa:a8:1b:74:1e:a2:10:d7:e8:e5:60:f6:e5:43:1f:2b:6d:
71:22:0d:05:23:ad:d3:54:63:be:b6:95:8f:e6:10:21:04:53:
c7:29:cc:31:d8:90:f2:37:3d:33:f8:c9:80:b2:b6:e2:ad:c2:
9a:38:07:a9:8d:16:ca:64:83:c1:03:12:4a:e7:0a:b6:85:da:
75:7b:c2:fb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM5NTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDREQTAyMzM0REZFOUI3
QzdCNzMyNkM0QkQzM0RDRTkzOTc1NDA2RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDu0AMw1m7Fs3Dz+npNl/aqsTWSjS/RDe59eJaRHSXUDo8Za917
IyQDjsuCQTdOJtB+saDBO+mp0ZHm/1v5wOUpUDq7sonkmYUZIEM75KsunKoVQfF7
VeV9X5q+qIwPjdz87cFvOxDI/Mwiz4hHlOoufvNOP/HD2gWwbRpykF8FYouh+qct
Gvgh/Luc8oYsPzGDlwDxufoInjRTM+krZB6qGt/6d8sAj0oKjTZUUV71Up8rH+Ku
sg14YLQaE9z78FhUQbN3XNXDHO794Me3qlKY0cyA4QfVzj2atGh4FZP2w0yufHUb
1TCl31IuaA7QHH5aSZD8E+TDoZE2DVUES91vAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUTaAjNN/pt8e3MmxL0z3Ok5dUBv8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVGFBak5OX3B0OGUzTW14TDB6M09r
NWRVQnY4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9LLCDAN
BgkqhkiG9w0BAQsFAAOCAQEAwarHhgMnrVBliE+wRmhTKcknp+OBzslqrMbRkUwg
aYpvcZxBmt0NhQ+5aN8DRAZOeNIHK60auaNfXcKUUzUlQXOBMxbFGQSpSyfHxM8F
MrQSYuSnhVkO1HwuADapHNigx2IYwI2SbwPHg2wbRGoknlRD/YttdxVkBC88cpbE
HCYtNOL2Dutk2r3hTTDVdb1qhfezNe34Q/WNn8HnXSRiEAVI7avJR2Q77WoGfJtk
OhRyus/B0aqoG3QeohDX6OVg9uVDHyttcSINBSOt01RjvraVj+YQIQRTxynMMdiQ
8jc9M/jJgLK24q3CmjgHqY0WymSDwQMSSucKtoXadXvC+w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org