Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/aOlyF-bGAxnHrVHBJtQYUzlv_DQ.roa
File: aOlyF-bGAxnHrVHBJtQYUzlv_DQ.roa (raw, json)
Hash identifier: b6k7YK2UQOJ3pfRxtWdul/DcgfqS8u9shXe2g0GRer0=
Subject key identifier: 68:E9:72:17:E6:C6:03:19:C7:AD:51:C1:26:D4:18:53:39:6F:FC:34
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E27
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/aOlyF-bGAxnHrVHBJtQYUzlv_DQ.roa
Signing time: Wed 29 Sep 2021 02:40:01 +0000
ROA not before: Wed 29 Sep 2021 02:40:01 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 219.91.0.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3623 (0xe27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:40:01 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=68E97217E6C60319C7AD51C126D41853396FFC34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c0:f7:25:26:2d:0d:32:88:a0:27:db:fe:d8:
34:24:f5:05:a1:d5:5c:69:85:61:ea:7c:b1:70:67:
71:9f:b2:41:f7:0b:8b:03:cf:0e:99:b8:93:04:20:
75:45:ae:73:a2:23:16:90:7b:b4:e9:6e:19:f8:ae:
5d:21:ee:6a:d2:2f:74:d8:7c:9c:6f:32:b8:0b:e7:
99:09:9d:9c:38:1f:03:fc:93:af:37:0c:1b:06:c5:
0d:33:8b:5f:25:46:60:aa:a5:51:3f:3b:1a:94:ba:
5f:de:99:e4:71:4f:ee:65:bc:56:36:3b:11:35:43:
33:af:b9:33:f0:21:7a:d7:6a:21:d6:62:df:40:27:
ea:f2:0e:a0:a3:da:f0:10:5d:2e:1e:cf:45:27:e9:
22:08:98:90:44:cb:65:ee:7c:25:24:20:5b:4a:e0:
eb:be:36:c5:be:06:12:70:9b:7a:60:4c:ca:f2:5b:
41:fd:56:a0:24:71:05:d5:52:6e:f1:06:fc:27:92:
09:fb:6e:7c:d5:1a:46:4f:85:26:07:19:de:c0:cc:
3a:70:65:28:45:7b:0f:79:11:24:f1:c7:41:37:a7:
8a:65:c1:55:44:5d:8d:aa:02:36:93:c0:b7:ea:f5:
2d:18:12:ea:9c:8f:0c:ea:36:96:ff:bd:d7:3a:7f:
a6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E9:72:17:E6:C6:03:19:C7:AD:51:C1:26:D4:18:53:39:6F:FC:34
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/aOlyF-bGAxnHrVHBJtQYUzlv_DQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.91.0.0/18
Signature Algorithm: sha256WithRSAEncryption
21:48:29:16:50:65:bf:c6:14:4e:f3:e3:e5:86:35:dd:c9:d3:
50:fa:ad:dc:a8:72:fb:b3:27:2b:a5:d0:ce:b9:dd:9d:8b:d4:
0e:8d:f9:f2:70:84:a9:5c:35:c2:16:bb:04:ff:7a:7c:88:d5:
a5:0e:51:3f:a7:f1:1a:a3:74:7c:3b:7e:0a:ec:97:e8:f8:3f:
65:7a:1d:2a:a2:2b:5a:06:2e:cb:85:81:b0:90:dd:4c:12:a8:
da:dc:aa:c1:93:fa:2e:86:a4:7f:4b:80:c2:e8:c1:3c:57:97:
0e:3d:65:9d:ed:e4:bd:56:72:93:cf:44:b2:fc:55:6e:8b:ed:
0d:28:d9:c7:4e:5e:cb:2b:cd:d0:ce:b7:0d:51:61:9d:60:83:
68:4a:0c:d0:83:3a:ad:9c:bc:ea:a6:aa:41:56:10:8f:cf:76:
0e:8a:71:e1:3e:4f:e4:08:30:05:ab:8b:9e:be:40:8b:21:df:
94:cc:bf:b6:82:c3:7f:17:ae:eb:37:ab:9f:20:4d:2a:5e:29:
7e:62:4f:ef:b3:b1:f0:d1:4d:84:0c:25:c2:1b:09:71:5c:d6:
c1:b1:87:83:8f:c1:42:4d:eb:85:a6:af:89:61:4f:f7:38:7b:
80:49:79:fb:32:97:e3:e6:be:e0:65:d6:6a:a6:db:ac:f2:0d:
99:f8:4f:0c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDicwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY4RTk3MjE3RTZDNjAz
MTlDN0FENTFDMTI2RDQxODUzMzk2RkZDMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEwPclJi0NMoigJ9v+2DQk9QWh1VxphWHqfLFwZ3GfskH3C4sD
zw6ZuJMEIHVFrnOiIxaQe7Tpbhn4rl0h7mrSL3TYfJxvMrgL55kJnZw4HwP8k683
DBsGxQ0zi18lRmCqpVE/OxqUul/emeRxT+5lvFY2OxE1QzOvuTPwIXrXaiHWYt9A
J+ryDqCj2vAQXS4ez0Un6SIImJBEy2XufCUkIFtK4Ou+NsW+BhJwm3pgTMryW0H9
VqAkcQXVUm7xBvwnkgn7bnzVGkZPhSYHGd7AzDpwZShFew95ESTxx0E3p4plwVVE
XY2qAjaTwLfq9S0YEuqcjwzqNpb/vdc6f6arAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUaOlyF+bGAxnHrVHBJtQYUzlv/DQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvYU9seUYtYkdBeG5IclZIQkp0UVlV
emx2X0RRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBttbADAN
BgkqhkiG9w0BAQsFAAOCAQEAIUgpFlBlv8YUTvPj5YY13cnTUPqt3Khy+7MnK6XQ
zrndnYvUDo358nCEqVw1wha7BP96fIjVpQ5RP6fxGqN0fDt+CuyX6Pg/ZXodKqIr
WgYuy4WBsJDdTBKo2tyqwZP6Loakf0uAwujBPFeXDj1lne3kvVZyk89EsvxVbovt
DSjZx05eyyvN0M63DVFhnWCDaEoM0IM6rZy86qaqQVYQj892Dopx4T5P5AgwBauL
nr5AiyHflMy/toLDfxeu6zernyBNKl4pfmJP77Ox8NFNhAwlwhsJcVzWwbGHg4/B
Qk3rhaaviWFP9zh7gEl5+zKX4+a+4GXWaqbbrPINmfhPDA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org