Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ezqSjOfMjpX-Ft9DUnJGFcwU-s4.roa
File: ezqSjOfMjpX-Ft9DUnJGFcwU-s4.roa (raw, json)
Hash identifier: N6WKTVn5ghSj6OTMrZsx58rFOs68ExKgIt2mwdKJ2TI=
Subject key identifier: 7B:3A:92:8C:E7:CC:8E:95:FE:16:DF:43:52:72:46:15:CC:14:FA:CE
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DF2
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ezqSjOfMjpX-Ft9DUnJGFcwU-s4.roa
Signing time: Wed 29 Sep 2021 02:39:47 +0000
ROA not before: Wed 29 Sep 2021 02:39:47 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 210.202.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3570 (0xdf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:47 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=7B3A928CE7CC8E95FE16DF4352724615CC14FACE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7b:f5:23:0e:9c:64:47:ef:c9:0d:ef:bc:f4:
d5:df:0d:f4:95:b4:ed:f0:10:4b:d4:5d:3b:e8:0a:
69:d9:a4:26:d4:7b:c2:7e:a3:6c:5a:28:3f:ae:75:
0f:fc:cc:5a:56:2f:d7:1a:c3:d1:4c:82:cf:6f:87:
65:ec:70:ff:15:b5:e2:3c:0b:d3:da:48:4e:1d:61:
2d:18:65:53:7e:3c:16:72:5d:77:f5:48:8d:c9:c5:
17:15:4d:c4:f4:58:16:ca:85:85:20:58:96:92:91:
fa:59:55:40:0d:0f:46:68:59:9d:ff:4a:bb:30:23:
d6:bb:5b:b9:0d:e1:2d:9d:0d:a0:eb:e5:89:9d:c2:
69:51:bc:af:7b:bf:35:74:0f:01:0e:aa:bc:a0:47:
3e:1e:c1:40:dd:da:21:e3:f6:13:bf:c5:85:24:dc:
15:5a:32:96:93:1c:27:25:de:f1:46:1f:03:54:80:
26:33:2d:49:d9:3b:63:a8:23:66:5d:c2:21:31:2f:
75:d8:b2:26:fd:5e:ca:42:00:32:b1:29:37:48:bd:
c5:bc:29:30:53:89:b1:b1:b3:0c:fe:7f:32:c3:09:
06:15:ff:56:9c:36:0f:2d:ed:21:7c:5f:ab:bf:f5:
6d:2e:4c:87:d1:69:29:98:16:11:d2:eb:4a:d4:a9:
88:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:3A:92:8C:E7:CC:8E:95:FE:16:DF:43:52:72:46:15:CC:14:FA:CE
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ezqSjOfMjpX-Ft9DUnJGFcwU-s4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.128.0/17
Signature Algorithm: sha256WithRSAEncryption
8b:3e:77:36:29:b3:47:d7:e1:85:77:a0:98:ec:54:a1:68:a2:
eb:a6:5d:20:fa:80:92:0d:e5:44:75:ff:e3:88:01:28:32:b9:
74:65:12:87:fc:20:6c:20:74:5c:01:f2:6e:f8:25:57:ca:4b:
0d:63:70:94:65:61:49:6c:d8:cb:84:e3:cd:07:d7:15:3e:91:
40:93:d6:6b:70:24:64:c9:0d:0c:0f:0d:37:3b:52:63:a7:69:
f6:58:de:4a:4c:63:7b:b3:6b:d5:55:83:98:62:ba:ab:36:13:
a6:76:b5:a7:5f:0d:11:60:fb:72:36:00:5f:26:d3:09:d0:c2:
7e:4a:6c:36:ca:6a:44:91:32:2d:3e:f8:51:0b:18:5c:fa:35:
ed:a6:63:a4:3f:48:c4:fe:e3:5b:d4:39:25:f1:27:a2:e0:a6:
2a:53:9c:da:6c:6d:59:92:99:6c:7d:f6:a6:a9:57:4b:46:31:
8c:81:71:0b:b1:73:91:b4:a6:dd:81:f1:eb:da:af:1d:b7:9f:
b4:e2:19:5f:2c:05:c3:26:62:f3:ac:7e:8b:d1:da:fd:a9:be:
1a:d6:a8:56:d4:cb:9a:22:54:e1:21:61:7a:73:f2:69:fb:e9:
82:96:33:69:20:8c:70:cf:0a:ce:a8:1b:dc:62:c3:24:82:73:
56:99:b8:17
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDfIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDdCM0E5MjhDRTdDQzhF
OTVGRTE2REY0MzUyNzI0NjE1Q0MxNEZBQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZe/UjDpxkR+/JDe+89NXfDfSVtO3wEEvUXTvoCmnZpCbUe8J+
o2xaKD+udQ/8zFpWL9caw9FMgs9vh2XscP8VteI8C9PaSE4dYS0YZVN+PBZyXXf1
SI3JxRcVTcT0WBbKhYUgWJaSkfpZVUAND0ZoWZ3/SrswI9a7W7kN4S2dDaDr5Ymd
wmlRvK97vzV0DwEOqrygRz4ewUDd2iHj9hO/xYUk3BVaMpaTHCcl3vFGHwNUgCYz
LUnZO2OoI2ZdwiExL3XYsib9XspCADKxKTdIvcW8KTBTibGxswz+fzLDCQYV/1ac
Ng8t7SF8X6u/9W0uTIfRaSmYFhHS60rUqYj3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUezqSjOfMjpX+Ft9DUnJGFcwU+s4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZXpxU2pPZk1qcFgtRnQ5RFVuSkdG
Y3dVLXM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LKgDAN
BgkqhkiG9w0BAQsFAAOCAQEAiz53NimzR9fhhXegmOxUoWii66ZdIPqAkg3lRHX/
44gBKDK5dGUSh/wgbCB0XAHybvglV8pLDWNwlGVhSWzYy4TjzQfXFT6RQJPWa3Ak
ZMkNDA8NNztSY6dp9ljeSkxje7Nr1VWDmGK6qzYTpna1p18NEWD7cjYAXybTCdDC
fkpsNspqRJEyLT74UQsYXPo17aZjpD9IxP7jW9Q5JfEnouCmKlOc2mxtWZKZbH32
pqlXS0YxjIFxC7FzkbSm3YHx69qvHbeftOIZXywFwyZi86x+i9Ha/am+GtaoVtTL
miJU4SFhenPyafvpgpYzaSCMcM8Kzqgb3GLDJIJzVpm4Fw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org