Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/g4wMiebqPVlqtfcZjdnXRCtzDXc.roa
File: g4wMiebqPVlqtfcZjdnXRCtzDXc.roa (raw, json)
Hash identifier: z3Vf6khMGoR4Ytqo/122Zy7rhMSqO9Ok0v1EeH6YL/M=
Subject key identifier: 83:8C:0C:89:E6:EA:3D:59:6A:B5:F7:19:8D:D9:D7:44:2B:73:0D:77
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E14
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/g4wMiebqPVlqtfcZjdnXRCtzDXc.roa
Signing time: Wed 29 Sep 2021 02:39:56 +0000
ROA not before: Wed 29 Sep 2021 02:39:56 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131142
IP address blocks: 223.22.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3604 (0xe14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:56 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=838C0C89E6EA3D596AB5F7198DD9D7442B730D77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f7:d6:2d:25:35:c5:96:e3:40:ca:c8:2a:f6:
94:75:8b:62:94:7d:b6:ab:56:d2:a7:c7:e2:71:e5:
19:4b:bd:8a:24:73:56:68:43:c8:0d:35:68:9d:b7:
14:19:6c:8a:36:10:27:c6:27:a2:cd:80:14:39:9a:
0b:af:37:d7:24:d2:77:4d:36:fe:69:af:80:36:2e:
50:e7:a1:94:d8:67:01:f6:8e:3a:ac:3e:9c:4a:df:
26:15:e8:bc:0d:e4:82:f3:95:38:52:0f:2f:f6:e0:
3a:37:a8:23:ad:06:f6:04:89:04:cf:89:61:68:c2:
37:36:1e:49:0f:5a:59:01:40:7b:a4:f5:fb:c1:63:
6a:e1:ce:37:92:e4:df:dc:e7:19:48:12:1c:70:6c:
40:27:55:44:c7:97:68:7a:2f:fd:8d:5a:02:95:a0:
ba:90:b9:36:98:e8:bd:71:48:df:24:d4:de:b4:81:
72:c8:b7:88:a4:0f:3a:31:fd:e0:45:27:16:8c:33:
e0:bb:a9:f0:9b:67:1d:a6:ed:2b:59:d0:ac:45:c1:
53:a4:ed:3c:86:12:b7:f2:9f:3b:1e:9f:73:52:c0:
3a:64:7a:39:85:a3:2e:12:f3:6a:2a:cd:48:5c:e7:
91:d2:f7:25:fe:e1:8c:0a:62:e7:2b:77:bb:2f:a1:
0c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8C:0C:89:E6:EA:3D:59:6A:B5:F7:19:8D:D9:D7:44:2B:73:0D:77
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/g4wMiebqPVlqtfcZjdnXRCtzDXc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.0.0/20
Signature Algorithm: sha256WithRSAEncryption
56:9a:9e:e7:e9:43:0f:16:af:69:36:81:f0:eb:20:a9:d3:7b:
ea:5c:41:76:c0:66:67:0a:22:35:06:91:0c:ae:bd:e1:9b:50:
6d:81:66:41:00:7a:0f:a5:aa:b5:69:c4:ab:38:da:1c:c4:96:
de:76:62:f9:24:1b:d6:5c:78:3e:b4:8e:7b:01:61:50:9a:d3:
0f:73:46:ae:1a:1c:f4:c8:a3:b5:94:42:a4:4d:1a:bf:1c:92:
6e:33:5f:58:79:1e:36:f5:43:cf:ec:19:f0:d9:35:f5:a8:b8:
d9:09:c5:21:72:71:f5:1c:62:36:4f:e2:72:be:13:04:bc:9b:
ff:48:40:78:53:c2:64:1c:74:99:69:82:03:a5:66:7a:05:fd:
4c:bc:8e:c7:5c:43:09:c5:94:56:64:74:6f:51:31:67:96:f4:
60:88:54:d0:40:45:49:37:c8:a2:ed:ee:db:75:05:0b:63:3b:
fd:84:c4:64:7e:d8:d4:a9:de:be:5d:91:5b:76:82:80:2f:2a:
87:c9:74:f4:3f:53:68:91:83:fa:1f:95:da:f5:36:2a:9b:84:
ee:c7:11:bb:a3:49:bf:23:91:d4:62:09:1c:bd:68:1c:78:32:
4e:b5:34:ed:2f:fc:21:8e:f6:cd:8f:bc:5b:bf:f1:90:3b:31:
7a:13:96:c5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDhQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDgzOEMwQzg5RTZFQTNE
NTk2QUI1RjcxOThERDlENzQ0MkI3MzBENzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE99YtJTXFluNAysgq9pR1i2KUfbarVtKnx+Jx5RlLvYokc1Zo
Q8gNNWidtxQZbIo2ECfGJ6LNgBQ5mguvN9ck0ndNNv5pr4A2LlDnoZTYZwH2jjqs
PpxK3yYV6LwN5ILzlThSDy/24Do3qCOtBvYEiQTPiWFowjc2HkkPWlkBQHuk9fvB
Y2rhzjeS5N/c5xlIEhxwbEAnVUTHl2h6L/2NWgKVoLqQuTaY6L1xSN8k1N60gXLI
t4ikDzox/eBFJxaMM+C7qfCbZx2m7StZ0KxFwVOk7TyGErfynzsen3NSwDpkejmF
oy4S82oqzUhc55HS9yX+4YwKYucrd7svoQzfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUg4wMiebqPVlqtfcZjdnXRCtzDXcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZzR3TWllYnFQVmxxdGZjWmpkblhS
Q3R6RFhjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBN8WADAN
BgkqhkiG9w0BAQsFAAOCAQEAVpqe5+lDDxavaTaB8OsgqdN76lxBdsBmZwoiNQaR
DK694ZtQbYFmQQB6D6WqtWnEqzjaHMSW3nZi+SQb1lx4PrSOewFhUJrTD3NGrhoc
9MijtZRCpE0avxySbjNfWHkeNvVDz+wZ8Nk19ai42QnFIXJx9RxiNk/icr4TBLyb
/0hAeFPCZBx0mWmCA6VmegX9TLyOx1xDCcWUVmR0b1ExZ5b0YIhU0EBFSTfIou3u
23UFC2M7/YTEZH7Y1Knevl2RW3aCgC8qh8l09D9TaJGD+h+V2vU2KpuE7scRu6NJ
vyOR1GIJHL1oHHgyTrU07S/8IY72zY+8W7/xkDsxehOWxQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org