Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/dRKhgjtUn4XyxTL8D2JHgSBP2i4.roa
File: dRKhgjtUn4XyxTL8D2JHgSBP2i4.roa (raw, json)
Hash identifier: T3Nh9J0DBwhNuAxgQL1UT1JAzAebI6reSX5XLV5jTKk=
Subject key identifier: 75:12:A1:82:3B:54:9F:85:F2:C5:32:FC:0F:62:47:81:20:4F:DA:2E
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C59
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/dRKhgjtUn4XyxTL8D2JHgSBP2i4.roa
Signing time: Sun 07 Feb 2021 11:35:47 +0000
ROA not before: Sun 07 Feb 2021 11:35:47 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 7482
IP address blocks: 222.157.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3161 (0xc59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:35:47 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=7512A1823B549F85F2C532FC0F624781204FDA2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b8:77:99:17:02:69:b1:d2:87:71:57:1d:cd:
2d:2a:50:8a:c2:fc:53:9d:ff:a1:88:75:95:94:21:
91:f6:44:4f:3f:64:6c:46:58:2a:8e:79:10:0e:fd:
4a:11:1a:e3:8b:86:f6:af:36:c1:f6:f4:1e:0e:b4:
50:0f:ac:41:e0:7b:2e:c6:b7:5f:15:17:46:7b:15:
46:d9:54:55:73:66:7d:75:4b:fd:ee:42:e7:16:f2:
23:28:10:ab:39:1e:aa:59:cc:cc:36:b9:6a:7e:65:
b7:e5:41:f3:f1:8b:fa:ae:d0:9d:b3:74:c0:66:f3:
6e:87:0d:a4:37:4c:a5:60:a2:8b:96:bb:5a:9d:0f:
00:09:0a:68:25:f9:4c:25:49:c2:61:ab:59:e8:3f:
08:9f:97:2d:a5:6b:3e:71:3a:a3:74:ad:15:56:9e:
39:28:b7:ac:e5:09:3d:0f:bb:e3:ca:2b:06:d3:c3:
62:55:9b:79:c5:e0:cf:35:c6:53:bc:75:0c:24:82:
ef:9f:e9:8b:7c:5d:0b:36:9f:d1:e5:e6:cb:d5:59:
e3:f5:53:3e:7b:5e:74:08:61:78:66:1a:2a:85:bc:
d5:bd:86:a2:52:4e:42:94:20:80:c6:8a:59:0f:cb:
ce:d3:81:15:c9:db:4e:10:02:06:a1:ee:e8:f4:e1:
64:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:12:A1:82:3B:54:9F:85:F2:C5:32:FC:0F:62:47:81:20:4F:DA:2E
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/dRKhgjtUn4XyxTL8D2JHgSBP2i4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.157.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:79:2a:ae:48:ec:75:21:7b:b1:32:6f:5a:a5:06:7b:68:da:
16:63:0f:94:12:db:91:2b:79:22:25:f0:12:48:49:93:95:71:
3a:c7:69:dd:95:f5:40:7b:41:99:0f:31:9c:57:e4:a7:48:1a:
3c:ef:84:f7:1f:59:c8:ed:11:76:f7:4f:e7:bf:2c:f2:da:46:
12:2e:11:41:2d:26:81:a6:89:83:c2:80:80:a9:2e:ed:55:86:
88:f2:b0:59:9d:54:5f:8f:2c:e3:00:3a:21:f8:4b:28:9a:9c:
b4:88:3a:d4:bd:52:9c:63:6c:f4:ff:e0:cb:c3:7c:13:9a:2d:
d0:7d:cb:6a:2b:fe:d9:e2:be:ef:0d:8a:2c:b1:e8:08:f5:cd:
f7:67:8e:d0:c6:b4:11:db:fc:bd:d5:82:6f:01:a0:fd:ff:b7:
89:81:49:bb:43:36:99:81:05:f9:e8:d3:67:05:a5:86:a9:42:
e2:76:1f:80:f6:e0:ea:59:7a:ce:df:39:b7:44:0a:22:e6:4d:
54:de:7a:c7:24:c6:cf:5a:dd:83:20:f6:dd:ba:3d:d7:41:66:
69:d4:1e:6f:18:e6:bc:44:9b:57:43:2a:31:e3:57:50:92:d1:
4d:72:ff:2c:c6:68:57:d6:a9:58:52:76:29:ad:cd:f9:70:4a:
91:79:e9:b6
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM1NDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDc1MTJBMTgyM0I1NDlG
ODVGMkM1MzJGQzBGNjI0NzgxMjA0RkRBMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLuHeZFwJpsdKHcVcdzS0qUIrC/FOd/6GIdZWUIZH2RE8/ZGxG
WCqOeRAO/UoRGuOLhvavNsH29B4OtFAPrEHgey7Gt18VF0Z7FUbZVFVzZn11S/3u
QucW8iMoEKs5HqpZzMw2uWp+ZbflQfPxi/qu0J2zdMBm826HDaQ3TKVgoouWu1qd
DwAJCmgl+UwlScJhq1noPwifly2laz5xOqN0rRVWnjkot6zlCT0Pu+PKKwbTw2JV
m3nF4M81xlO8dQwkgu+f6Yt8XQs2n9Hl5svVWeP1Uz57XnQIYXhmGiqFvNW9hqJS
TkKUIIDGilkPy87TgRXJ204QAgah7uj04WRVAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUdRKhgjtUn4XyxTL8D2JHgSBP2i4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZFJLaGdqdFVuNFh5eFRMOEQySkhn
U0JQMmk0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN6dMA0G
CSqGSIb3DQEBCwUAA4IBAQC2eSquSOx1IXuxMm9apQZ7aNoWYw+UEtuRK3kiJfAS
SEmTlXE6x2ndlfVAe0GZDzGcV+SnSBo874T3H1nI7RF290/nvyzy2kYSLhFBLSaB
pomDwoCAqS7tVYaI8rBZnVRfjyzjADoh+Esompy0iDrUvVKcY2z0/+DLw3wTmi3Q
fctqK/7Z4r7vDYossegI9c33Z47QxrQR2/y91YJvAaD9/7eJgUm7QzaZgQX56NNn
BaWGqULidh+A9uDqWXrO3zm3RAoi5k1U3nrHJMbPWt2DIPbduj3XQWZp1B5vGOa8
RJtXQyox41dQktFNcv8sxmhX1qlYUnYprc35cEqReem2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:55 2023 by rpki-client on console-fra.rpki-client.org