Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/cMbgK1Fsb6XiZXe2nY7KhzQs0Ic.roa
File: cMbgK1Fsb6XiZXe2nY7KhzQs0Ic.roa (raw, json)
Hash identifier: 52rqrsZyyoMsIP1zkxj43vnApsnJuMFiHyOl3i0WVyE=
Subject key identifier: 70:C6:E0:2B:51:6C:6F:A5:E2:65:77:B6:9D:8E:CA:87:34:2C:D0:87
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 08E3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/cMbgK1Fsb6XiZXe2nY7KhzQs0Ic.roa
Signing time: Tue 29 Sep 2020 10:01:13 +0000
ROA not before: Tue 29 Sep 2020 10:01:13 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 7482
IP address blocks: 2404:0:2000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2275 (0x8e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:13 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=70C6E02B516C6FA5E26577B69D8ECA87342CD087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7c:bb:aa:72:95:09:c8:80:fb:35:65:e0:1a:
13:f5:0f:9e:fa:85:21:b1:8f:08:71:8a:7f:38:06:
57:28:df:2f:43:55:e6:00:3a:c7:91:2d:91:38:4c:
f3:0a:24:b7:c0:fc:ed:aa:19:bb:e7:71:ee:71:57:
27:15:3b:a1:00:c2:ee:b5:26:ea:35:99:1c:dd:3d:
a7:28:e4:41:b5:fb:b3:89:81:23:d6:19:b8:1c:95:
f0:23:e2:68:64:73:42:02:fa:cf:bf:c9:53:ac:6f:
6f:52:d2:52:dc:2d:e0:c1:f0:b9:9d:04:76:d9:e6:
ea:61:41:5a:24:01:99:72:9d:f6:c4:fe:02:55:ce:
07:cc:0c:d2:4a:29:f9:80:bc:56:a4:a3:e1:d3:9c:
38:d3:5e:54:f6:ed:8f:e2:4f:56:b4:c9:28:aa:4d:
20:35:42:68:e9:32:e3:c9:c2:6e:ed:2f:6c:6d:72:
b9:90:9b:17:ea:5e:a1:80:76:d0:1d:ae:4a:c3:39:
da:d1:ca:c1:70:65:da:18:d0:e1:24:04:3a:94:28:
6e:63:59:74:d9:f6:ba:3e:60:bd:20:73:97:3d:f7:
80:7a:f9:93:95:31:c3:a1:cc:69:13:24:1f:1b:a1:
04:4b:74:76:02:6a:6e:02:ba:47:ca:ec:e9:d4:99:
cf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C6:E0:2B:51:6C:6F:A5:E2:65:77:B6:9D:8E:CA:87:34:2C:D0:87
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/cMbgK1Fsb6XiZXe2nY7KhzQs0Ic.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:0:2000::/36
Signature Algorithm: sha256WithRSAEncryption
6a:58:8e:ee:83:3c:6c:11:c3:4e:3b:19:3d:c9:aa:65:c9:2f:
b0:71:93:d4:95:f7:35:e8:c8:ff:82:ac:cf:bc:3d:12:8a:c2:
7d:c2:b2:9c:83:f9:d6:4c:46:4f:e9:0a:ca:52:ac:18:f4:28:
ec:30:4e:1c:b8:09:e0:31:0c:c4:2d:52:e6:1b:e0:79:e1:a2:
e7:ba:51:65:2b:6b:ca:05:45:a0:35:43:50:ff:bd:b9:2b:61:
2c:70:3f:19:71:83:5e:1b:41:8f:2e:7b:c5:8f:39:54:1e:ff:
5b:82:10:f8:6e:7f:8a:dc:5f:d0:0c:64:ed:2f:6e:60:62:c1:
8b:0a:2f:d3:b9:13:12:16:ae:62:38:f8:65:b4:72:da:0b:06:
a2:54:e9:3e:f6:1b:6f:d6:9e:58:36:4a:69:ed:60:a3:0a:d9:
ae:48:c4:e4:5f:71:39:7f:ba:1f:50:8c:e0:57:62:0f:7f:1e:
d4:a3:30:14:49:f3:07:fb:13:7d:f2:00:14:d7:0e:19:ba:69:
7e:59:b3:8e:bc:d8:0c:c5:8f:21:5d:04:8b:86:a4:03:cc:cd:
fd:95:d5:28:e0:8a:42:3c:cd:2a:fd:29:76:0c:d3:51:21:24:
30:79:25:8d:8a:6e:4c:9a:78:13:30:1d:20:50:5c:06:96:f2:
51:1b:41:60
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCOMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDcwQzZFMDJCNTE2QzZG
QTVFMjY1NzdCNjlEOEVDQTg3MzQyQ0QwODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0fLuqcpUJyID7NWXgGhP1D576hSGxjwhxin84Blco3y9DVeYA
OseRLZE4TPMKJLfA/O2qGbvnce5xVycVO6EAwu61Juo1mRzdPaco5EG1+7OJgSPW
GbgclfAj4mhkc0IC+s+/yVOsb29S0lLcLeDB8LmdBHbZ5uphQVokAZlynfbE/gJV
zgfMDNJKKfmAvFako+HTnDjTXlT27Y/iT1a0ySiqTSA1QmjpMuPJwm7tL2xtcrmQ
mxfqXqGAdtAdrkrDOdrRysFwZdoY0OEkBDqUKG5jWXTZ9ro+YL0gc5c994B6+ZOV
McOhzGkTJB8boQRLdHYCam4CukfK7OnUmc+VAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUcMbgK1Fsb6XiZXe2nY7KhzQs0IcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvY01iZ0sxRnNiNlhpWlhlMm5ZN0to
elFzMEljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCQEAAAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBqWI7ugzxsEcNOOxk9yaplyS+wcZPUlfc16Mj/
gqzPvD0SisJ9wrKcg/nWTEZP6QrKUqwY9CjsME4cuAngMQzELVLmG+B54aLnulFl
K2vKBUWgNUNQ/725K2EscD8ZcYNeG0GPLnvFjzlUHv9bghD4bn+K3F/QDGTtL25g
YsGLCi/TuRMSFq5iOPhltHLaCwaiVOk+9htv1p5YNkpp7WCjCtmuSMTkX3E5f7of
UIzgV2IPfx7UozAUSfMH+xN98gAU1w4Zuml+WbOOvNgMxY8hXQSLhqQDzM39ldUo
4IpCPM0q/Sl2DNNRISQweSWNim5MmngTMB0gUFwGlvJRG0Fg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org