Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ebhkE4wBdXoTq8IZPWR8h_j0XqQ.roa
File: ebhkE4wBdXoTq8IZPWR8h_j0XqQ.roa (raw, json)
Hash identifier: i+eP3bPpUVXWbG7Ix8HdNszXTFQ1wB6hPOpCsSjlqh4=
Subject key identifier: 79:B8:64:13:8C:01:75:7A:13:AB:C2:19:3D:64:7C:87:F8:F4:5E:A4
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C9F
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ebhkE4wBdXoTq8IZPWR8h_j0XqQ.roa
Signing time: Sun 07 Feb 2021 11:47:11 +0000
ROA not before: Sun 07 Feb 2021 11:47:11 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 223.22.0.0/15 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3231 (0xc9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:47:11 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=79B864138C01757A13ABC2193D647C87F8F45EA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d4:17:7d:ec:f6:1c:33:fe:49:5d:02:b4:af:
9a:d3:49:ac:f4:3d:da:f8:41:72:6b:07:74:c7:a0:
d2:67:44:54:2f:50:76:38:6b:40:3e:0e:4b:96:fe:
bc:6d:a8:73:f5:ed:ea:d2:17:dc:52:34:0b:e2:84:
bb:84:a9:67:fd:ce:db:08:06:2d:b6:84:3c:03:b0:
24:a2:7d:37:85:a8:56:1d:b7:9c:76:21:74:aa:5c:
9d:5f:0e:48:ff:c9:3a:9b:0f:8f:5f:a6:4d:c2:50:
34:20:14:b9:d2:41:cd:d5:e7:c0:c2:3f:a9:24:8d:
18:7a:2b:b7:e5:e3:02:32:63:c9:46:3f:e7:69:b6:
29:d3:4b:e6:78:4f:5a:0b:15:00:df:df:37:e8:93:
01:4b:56:32:fd:b2:98:85:58:85:17:fc:91:b1:63:
8c:52:00:c3:c0:67:ed:f5:78:22:57:f4:31:c3:c1:
2f:f3:a4:60:f8:1a:bb:7d:53:7d:26:fa:87:48:22:
d3:2b:ba:fe:f4:4c:36:37:6e:3f:f3:bd:30:20:83:
49:47:ab:e2:0b:e3:d4:3c:dd:37:b6:e9:84:fd:2d:
3f:a5:71:bc:47:1b:28:98:6c:f5:3a:b4:9b:f2:70:
b5:a1:c3:c1:d0:00:db:4d:23:de:30:2f:f2:cc:c0:
c5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B8:64:13:8C:01:75:7A:13:AB:C2:19:3D:64:7C:87:F8:F4:5E:A4
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ebhkE4wBdXoTq8IZPWR8h_j0XqQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.0.0/15
Signature Algorithm: sha256WithRSAEncryption
40:29:0a:c8:2b:93:2f:d0:e4:ea:97:58:16:52:ca:8c:e4:61:
3d:9c:e9:53:86:b2:de:03:b4:ca:b3:10:0b:c6:c2:dc:fc:45:
7b:52:1d:ba:9c:47:c3:ed:ee:38:e7:cf:d8:9d:2f:b0:2b:42:
25:f6:0c:a5:1a:4e:7f:ab:d4:2b:d1:ed:3b:ed:0b:88:c7:5c:
c5:a4:76:32:90:b4:ce:36:58:3a:47:b8:b9:8d:cc:8c:94:7b:
fb:1f:8b:a7:74:89:e1:de:39:c3:2a:bd:2c:4e:85:f9:8d:c1:
a4:7c:c4:12:48:70:2e:9e:23:c4:cc:7e:7c:bf:70:99:cf:6c:
f0:56:80:92:1f:6b:bc:19:9e:1c:c1:6d:ff:7d:cc:dd:09:b7:
5a:b9:c8:f1:a5:82:65:de:cf:c4:e9:01:03:a2:b8:20:18:fc:
40:2a:a9:41:a8:00:35:46:80:b4:cf:e8:92:bf:bf:18:a7:92:
49:60:45:b4:ba:cc:71:7f:4d:cd:c2:89:52:05:82:da:e8:18:
05:64:cf:4f:c5:82:31:f7:53:a4:df:3c:ab:81:63:7b:7c:f5:
03:ea:59:11:0e:76:bc:12:e9:94:74:c7:03:b3:ee:ad:4f:69:
9e:34:54:c4:14:0e:90:7c:18:5e:c5:27:91:46:42:86:31:97:
73:5e:03:ec
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDJ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTQ3MTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDc5Qjg2NDEzOEMwMTc1
N0ExM0FCQzIxOTNENjQ3Qzg3RjhGNDVFQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX1Bd97PYcM/5JXQK0r5rTSaz0Pdr4QXJrB3THoNJnRFQvUHY4
a0A+DkuW/rxtqHP17erSF9xSNAvihLuEqWf9ztsIBi22hDwDsCSifTeFqFYdt5x2
IXSqXJ1fDkj/yTqbD49fpk3CUDQgFLnSQc3V58DCP6kkjRh6K7fl4wIyY8lGP+dp
tinTS+Z4T1oLFQDf3zfokwFLVjL9spiFWIUX/JGxY4xSAMPAZ+31eCJX9DHDwS/z
pGD4Grt9U30m+odIItMruv70TDY3bj/zvTAgg0lHq+IL49Q83Te26YT9LT+lcbxH
GyiYbPU6tJvycLWhw8HQANtNI94wL/LMwMU7AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUebhkE4wBdXoTq8IZPWR8h/j0XqQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZWJoa0U0d0JkWG9UcThJWlBXUjho
X2owWHFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAd8WMA0G
CSqGSIb3DQEBCwUAA4IBAQBAKQrIK5Mv0OTql1gWUsqM5GE9nOlThrLeA7TKsxAL
xsLc/EV7Uh26nEfD7e4458/YnS+wK0Il9gylGk5/q9Qr0e077QuIx1zFpHYykLTO
Nlg6R7i5jcyMlHv7H4undInh3jnDKr0sToX5jcGkfMQSSHAuniPEzH58v3CZz2zw
VoCSH2u8GZ4cwW3/fczdCbdaucjxpYJl3s/E6QEDorggGPxAKqlBqAA1RoC0z+iS
v78Yp5JJYEW0usxxf03NwolSBYLa6BgFZM9PxYIx91Ok3zyrgWN7fPUD6lkRDna8
EumUdMcDs+6tT2meNFTEFA6QfBhexSeRRkKGMZdzXgPs
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org