Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/cstUFJsS0MSMBKonYy6OPNHMdmM.roa
File: cstUFJsS0MSMBKonYy6OPNHMdmM.roa (raw, json)
Hash identifier: FjKvOB3KRlulQ+88w0F92ZTnuv2VopU4expbJBiK7WQ=
Subject key identifier: 72:CB:54:14:9B:12:D0:C4:8C:04:AA:27:63:2E:8E:3C:D1:CC:76:63
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DAD
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/cstUFJsS0MSMBKonYy6OPNHMdmM.roa
Signing time: Wed 29 Sep 2021 02:39:25 +0000
ROA not before: Wed 29 Sep 2021 02:39:25 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 124.219.0.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3501 (0xdad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:25 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=72CB54149B12D0C48C04AA27632E8E3CD1CC7663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:ba:d6:97:81:62:ab:1c:7a:bc:5e:c9:8c:
24:60:5f:b5:c3:e7:ab:c1:7c:dc:87:2f:c1:3c:d2:
92:89:d3:ad:73:12:d1:41:d2:0d:73:36:59:78:86:
77:50:2f:e4:b6:cc:4e:4b:7c:d1:62:18:3e:f3:65:
6f:b7:46:5f:89:98:df:62:24:0b:4d:ed:6f:d2:56:
eb:ce:d9:c0:e1:5d:a9:1c:43:e4:95:89:ee:03:2c:
e3:40:6d:8d:a1:eb:e3:f5:6f:9f:9b:c6:7a:e8:cb:
08:42:f9:3d:6d:ac:94:27:eb:86:07:ce:4e:46:2a:
b3:2d:c9:eb:c1:10:44:fb:01:7f:d3:ac:7b:68:ef:
60:2e:57:c0:d9:20:c0:24:ec:cb:6c:83:8e:b7:54:
58:77:4a:80:35:cb:d3:d2:84:57:1f:9f:68:0c:4a:
c1:d4:00:5f:e4:e6:c3:36:9c:94:a2:21:46:fa:91:
13:9e:9a:52:8f:07:26:c5:bc:7a:d6:83:d1:41:3b:
28:24:90:09:2e:a6:42:c3:fc:41:27:37:e3:13:86:
12:3c:ba:b5:80:d4:d2:65:32:b2:e4:b0:08:46:3b:
1a:e3:54:cf:69:94:a5:c6:16:15:36:68:77:8e:bb:
2e:4b:c6:15:0d:e3:74:2b:b8:8e:45:a6:ea:a4:15:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:CB:54:14:9B:12:D0:C4:8C:04:AA:27:63:2E:8E:3C:D1:CC:76:63
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/cstUFJsS0MSMBKonYy6OPNHMdmM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.219.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1a:8b:74:30:41:35:b3:cf:53:3c:b6:fe:77:64:f7:c8:af:fc:
66:70:a8:fd:c8:7c:2f:75:c5:fa:42:73:22:81:fb:0d:71:36:
3f:9d:57:83:06:3b:07:da:ce:65:7b:6e:45:cd:9e:fe:42:27:
cf:45:c7:6f:aa:b5:64:54:c1:70:ea:5c:2b:4e:3c:7a:26:cc:
72:cb:19:07:66:42:95:77:5e:c9:83:2b:fa:4c:b5:a8:69:50:
b1:92:0a:64:74:76:fe:3e:54:14:df:83:40:ef:a6:dc:bc:0d:
cf:66:19:ff:b9:17:b9:44:27:ac:0e:1d:39:84:71:7c:16:03:
67:68:76:9f:f7:b2:22:4c:0f:11:75:48:b2:d6:3e:4b:82:2e:
d9:03:61:3a:ad:a3:84:58:8a:23:5c:36:80:20:64:8f:b6:16:
d9:3c:09:91:88:ed:97:a0:c2:f7:43:75:7e:9b:61:7e:89:b7:
30:23:e2:08:47:bb:a7:97:34:b1:4c:bc:1e:6c:5c:02:a5:95:
4a:d7:06:3d:69:26:8f:b9:9f:1c:62:5e:eb:8d:67:07:73:3f:
39:35:cf:dd:18:aa:21:87:ed:de:e0:4d:6b:05:33:3e:fa:8f:
0a:cc:c9:8c:77:a0:2f:d0:8e:05:12:14:39:60:54:0c:a4:fa:
48:45:7f:dc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MjVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDcyQ0I1NDE0OUIxMkQw
QzQ4QzA0QUEyNzYzMkU4RTNDRDFDQzc2NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9i7rWl4Fiqxx6vF7JjCRgX7XD56vBfNyHL8E80pKJ061zEtFB
0g1zNll4hndQL+S2zE5LfNFiGD7zZW+3Rl+JmN9iJAtN7W/SVuvO2cDhXakcQ+SV
ie4DLONAbY2h6+P1b5+bxnroywhC+T1trJQn64YHzk5GKrMtyevBEET7AX/TrHto
72AuV8DZIMAk7Mtsg463VFh3SoA1y9PShFcfn2gMSsHUAF/k5sM2nJSiIUb6kROe
mlKPBybFvHrWg9FBOygkkAkupkLD/EEnN+MThhI8urWA1NJlMrLksAhGOxrjVM9p
lKXGFhU2aHeOuy5LxhUN43QruI5FpuqkFYWvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcstUFJsS0MSMBKonYy6OPNHMdmMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvY3N0VUZKc1MwTVNNQktvbll5Nk9Q
TkhNZG1NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3zbADAN
BgkqhkiG9w0BAQsFAAOCAQEAGot0MEE1s89TPLb+d2T3yK/8ZnCo/ch8L3XF+kJz
IoH7DXE2P51XgwY7B9rOZXtuRc2e/kInz0XHb6q1ZFTBcOpcK048eibMcssZB2ZC
lXdeyYMr+ky1qGlQsZIKZHR2/j5UFN+DQO+m3LwNz2YZ/7kXuUQnrA4dOYRxfBYD
Z2h2n/eyIkwPEXVIstY+S4Iu2QNhOq2jhFiKI1w2gCBkj7YW2TwJkYjtl6DC90N1
fpthfom3MCPiCEe7p5c0sUy8HmxcAqWVStcGPWkmj7mfHGJe641nB3M/OTXP3Riq
IYft3uBNawUzPvqPCszJjHegL9COBRIUOWBUDKT6SEV/3A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org