Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Y4lWz1n2KhMXuZybSAGnzVz108M.roa
File: Y4lWz1n2KhMXuZybSAGnzVz108M.roa (raw, json)
Hash identifier: ZbCmzc0Knw2hqcGHUgrn/qydXAgIUeI8fo0K9un185A=
Subject key identifier: 63:89:56:CF:59:F6:2A:13:17:B9:9C:9B:48:01:A7:CD:5C:F5:D3:C3
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E0B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Y4lWz1n2KhMXuZybSAGnzVz108M.roa
Signing time: Wed 29 Sep 2021 02:39:54 +0000
ROA not before: Wed 29 Sep 2021 02:39:54 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9311
IP address blocks: 222.156.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3595 (0xe0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:54 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=638956CF59F62A1317B99C9B4801A7CD5CF5D3C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:86:5e:a2:3c:9d:6f:12:0e:7b:77:2f:15:
0f:fe:e2:13:e0:2e:07:89:8c:ec:92:05:bf:0c:10:
d6:04:01:71:da:59:6f:c8:00:35:c6:06:fc:eb:ca:
87:1d:a5:e3:77:b9:f6:9d:ad:f4:b3:8b:1c:24:59:
ed:c4:15:0c:6d:d9:81:4d:5a:a4:41:82:99:af:08:
fb:64:1f:18:f0:53:ee:9a:8f:9c:27:62:c3:ea:1c:
38:65:2f:79:57:5a:0b:6e:5a:0b:86:bb:ee:58:21:
68:c4:db:c1:67:22:c4:c8:cb:71:0e:b1:84:6b:38:
dc:76:2d:ff:1f:be:4d:39:9c:64:e5:12:91:d9:9c:
93:a6:40:4d:98:51:3d:48:c8:99:09:ab:84:83:0e:
c3:ae:d4:aa:bc:85:d1:8f:c3:36:cb:b9:bc:e9:09:
2d:d4:a4:ef:47:5d:20:9b:bc:17:29:8d:29:66:75:
30:9b:1c:04:f4:4f:45:4a:a5:f9:c9:ec:b0:fe:09:
ef:1b:3f:4c:47:bf:83:d6:47:33:6c:85:e5:1c:7e:
dd:fe:47:16:67:21:41:ed:e4:37:e7:66:2b:52:b2:
6d:ac:9b:04:0b:d9:ea:37:26:e4:a1:05:2d:df:08:
e1:61:42:6c:36:35:a6:80:5f:f6:8c:35:3f:02:dd:
96:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:89:56:CF:59:F6:2A:13:17:B9:9C:9B:48:01:A7:CD:5C:F5:D3:C3
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Y4lWz1n2KhMXuZybSAGnzVz108M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.156.247.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:05:b2:d3:a3:87:88:d1:a0:3b:a3:f0:74:5c:1b:d8:e7:9e:
ab:19:39:89:e7:e6:c9:e5:87:bd:50:59:5e:d4:39:ca:99:35:
1c:33:49:f5:01:ea:44:57:e8:ca:34:b5:5b:78:22:fc:95:b7:
50:0f:1c:42:ea:ee:81:65:d9:6b:00:8c:80:55:ac:9a:9d:1e:
5e:11:3f:5f:37:04:39:fb:a3:70:cf:f0:c2:ae:bd:31:44:4a:
7e:f3:11:56:56:96:f1:19:91:dc:c4:f3:a3:6b:ac:6c:86:62:
91:1a:b7:ff:7d:cf:57:80:bb:82:1e:8f:55:06:27:9d:98:45:
87:e3:64:a0:47:a2:43:8e:12:3b:bb:ae:29:76:3f:fc:c9:50:
38:0a:cf:3e:9b:d2:63:67:f6:cf:6f:c9:21:41:2b:3f:6f:10:
d9:45:de:1c:47:6a:7a:5a:f1:bc:d3:7c:04:a9:62:47:44:c5:
c7:e5:83:c0:b8:ec:ce:b2:c8:1e:9b:b3:03:9d:24:bd:e9:54:
43:d8:2e:3a:33:b3:8a:f0:95:b7:92:94:f3:ef:3c:6a:42:ed:
d5:41:cb:1a:7e:d2:cc:d2:db:79:48:77:d7:18:7d:e0:45:b0:
19:2f:ab:ee:64:b9:e7:2e:fc:ac:c4:af:cc:82:bd:c0:d7:8e:
63:c5:fd:26
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDgswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDYzODk1NkNGNTlGNjJB
MTMxN0I5OUM5QjQ4MDFBN0NENUNGNUQzQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3T4ZeojydbxIOe3cvFQ/+4hPgLgeJjOySBb8MENYEAXHaWW/I
ADXGBvzryocdpeN3ufadrfSzixwkWe3EFQxt2YFNWqRBgpmvCPtkHxjwU+6aj5wn
YsPqHDhlL3lXWgtuWguGu+5YIWjE28FnIsTIy3EOsYRrONx2Lf8fvk05nGTlEpHZ
nJOmQE2YUT1IyJkJq4SDDsOu1Kq8hdGPwzbLubzpCS3UpO9HXSCbvBcpjSlmdTCb
HAT0T0VKpfnJ7LD+Ce8bP0xHv4PWRzNsheUcft3+RxZnIUHt5DfnZitSsm2smwQL
2eo3JuShBS3fCOFhQmw2NaaAX/aMNT8C3ZbZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUY4lWz1n2KhMXuZybSAGnzVz108MwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWTRsV3oxbjJLaE1YdVp5YlNBR256
VnoxMDhNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN6c9zAN
BgkqhkiG9w0BAQsFAAOCAQEAKwWy06OHiNGgO6PwdFwb2Oeeqxk5iefmyeWHvVBZ
XtQ5ypk1HDNJ9QHqRFfoyjS1W3gi/JW3UA8cQurugWXZawCMgFWsmp0eXhE/XzcE
OfujcM/wwq69MURKfvMRVlaW8RmR3MTzo2usbIZikRq3/33PV4C7gh6PVQYnnZhF
h+NkoEeiQ44SO7uuKXY//MlQOArPPpvSY2f2z2/JIUErP28Q2UXeHEdqelrxvNN8
BKliR0TFx+WDwLjszrLIHpuzA50kvelUQ9guOjOzivCVt5KU8+88akLt1UHLGn7S
zNLbeUh31xh94EWwGS+r7mS55y78rMSvzIK9wNeOY8X9Jg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org