Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/gSCnG0TUq5ZYTLjrBzXmQ3oIASs.roa
File: gSCnG0TUq5ZYTLjrBzXmQ3oIASs.roa (raw, json)
Hash identifier: 9TYfEgW1gd1JwnPGEPeDti+nwOqrU5B4ovI7ZzoT3Yc=
Subject key identifier: 81:20:A7:1B:44:D4:AB:96:58:4C:B8:EB:07:35:E6:43:7A:08:01:2B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E4C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/gSCnG0TUq5ZYTLjrBzXmQ3oIASs.roa
Signing time: Wed 29 Sep 2021 02:40:12 +0000
ROA not before: Wed 29 Sep 2021 02:40:12 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131597
IP address blocks: 218.35.32.0/19 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3660 (0xe4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:40:12 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=8120A71B44D4AB96584CB8EB0735E6437A08012B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:af:20:aa:ed:30:d8:ea:93:d4:61:85:cb:63:
84:cc:bd:79:34:30:08:b1:e9:58:ba:2b:26:bc:fd:
81:29:cc:eb:90:88:4d:17:de:4e:89:b5:f7:0b:93:
5b:4e:1a:b8:4d:ef:08:b9:a6:3d:12:30:fd:79:a1:
80:c9:07:02:75:49:85:9f:78:2f:92:43:b4:70:66:
d9:97:31:e5:aa:62:64:77:6e:5c:e4:b1:02:28:26:
91:66:54:93:47:69:99:35:de:92:f1:7a:06:8b:79:
79:87:71:39:29:9c:52:f2:ce:b5:aa:de:60:d6:45:
af:61:59:2b:ff:2e:f5:ed:d2:ed:1e:73:54:0d:73:
74:f9:6f:f3:ca:60:27:1d:67:ca:f3:82:11:f0:79:
5c:38:21:06:9b:37:be:0d:ac:69:69:13:2a:20:b8:
3e:42:72:7b:64:52:35:20:56:3c:cf:ba:f3:72:63:
3e:83:81:51:ab:e0:60:4d:3e:f1:45:10:71:b7:02:
a7:90:56:1f:ab:79:a2:6d:35:59:a7:56:9c:b1:72:
09:86:f0:74:20:eb:a6:b0:67:6a:f3:40:64:7a:4f:
70:cf:12:ca:64:3a:f0:38:19:a7:e7:ba:00:6c:52:
c7:1c:3d:48:7a:e2:70:cd:ef:f9:64:ef:26:4a:ea:
fd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:20:A7:1B:44:D4:AB:96:58:4C:B8:EB:07:35:E6:43:7A:08:01:2B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/gSCnG0TUq5ZYTLjrBzXmQ3oIASs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.32.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:5b:59:e9:50:d2:90:23:d5:20:0f:bf:c5:62:20:ba:e4:56:
af:ca:59:7d:91:20:ac:b4:5e:6f:ca:4f:d6:d9:ce:62:5d:f3:
38:d9:30:91:f4:8e:7a:0d:ee:8b:28:1f:4f:2b:47:7b:e4:1d:
93:62:bc:4c:22:da:b0:47:da:11:c3:cf:48:dd:9f:8a:e6:1a:
8c:25:7b:04:cb:95:17:7b:42:b0:f7:6f:48:94:e8:48:d0:30:
87:89:6c:7a:94:b0:5c:d0:80:d1:2d:7b:84:23:1f:f9:a4:5f:
11:7f:4d:03:e2:32:5d:a6:e8:ca:04:b8:27:70:10:43:6b:44:
80:38:8f:7f:e2:25:31:dd:eb:cf:5d:f1:52:be:c7:01:01:28:
21:24:00:4b:de:ca:e4:e7:93:1f:4c:2c:3f:b1:0a:0f:16:ee:
59:30:d9:7e:7e:55:d5:b8:55:62:c7:da:7d:43:31:b9:29:54:
a5:9b:18:0e:89:41:9c:10:43:27:de:30:39:f7:75:85:39:cc:
b2:06:9d:54:3e:39:09:5b:a8:5c:33:b1:0c:a2:52:43:64:ff:
a4:90:17:a7:59:33:47:51:45:ef:5b:01:88:eb:73:89:0b:e6:
58:c0:5d:59:44:a2:87:b5:2b:39:ad:63:c2:f3:9d:5b:84:0f:
3c:a3:81:ba
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMTJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDgxMjBBNzFCNDRENEFC
OTY1ODRDQjhFQjA3MzVFNjQzN0EwODAxMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuryCq7TDY6pPUYYXLY4TMvXk0MAix6Vi6Kya8/YEpzOuQiE0X
3k6JtfcLk1tOGrhN7wi5pj0SMP15oYDJBwJ1SYWfeC+SQ7RwZtmXMeWqYmR3blzk
sQIoJpFmVJNHaZk13pLxegaLeXmHcTkpnFLyzrWq3mDWRa9hWSv/LvXt0u0ec1QN
c3T5b/PKYCcdZ8rzghHweVw4IQabN74NrGlpEyoguD5CcntkUjUgVjzPuvNyYz6D
gVGr4GBNPvFFEHG3AqeQVh+reaJtNVmnVpyxcgmG8HQg66awZ2rzQGR6T3DPEspk
OvA4GafnugBsUsccPUh64nDN7/lk7yZK6v21AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUgSCnG0TUq5ZYTLjrBzXmQ3oIASswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZ1NDbkcwVFVxNVpZVExqckJ6WG1R
M29JQVNzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojIDAN
BgkqhkiG9w0BAQsFAAOCAQEAPltZ6VDSkCPVIA+/xWIguuRWr8pZfZEgrLReb8pP
1tnOYl3zONkwkfSOeg3uiygfTytHe+Qdk2K8TCLasEfaEcPPSN2fiuYajCV7BMuV
F3tCsPdvSJToSNAwh4lsepSwXNCA0S17hCMf+aRfEX9NA+IyXaboygS4J3AQQ2tE
gDiPf+IlMd3rz13xUr7HAQEoISQAS97K5OeTH0wsP7EKDxbuWTDZfn5V1bhVYsfa
fUMxuSlUpZsYDolBnBBDJ94wOfd1hTnMsgadVD45CVuoXDOxDKJSQ2T/pJAXp1kz
R1FF71sBiOtziQvmWMBdWUSih7UrOa1jwvOdW4QPPKOBug==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org