Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/h2ND78T4vImE8n5BogE2Sk7N2l4.roa
File: h2ND78T4vImE8n5BogE2Sk7N2l4.roa (raw, json)
Hash identifier: OR3kbzQTnpslrzdjNHPcd7Nhh7R/y1GyGIV9nF2wFUE=
Subject key identifier: 87:63:43:EF:C4:F8:BC:89:84:F2:7E:41:A2:01:36:4A:4E:CD:DA:5E
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0930
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/h2ND78T4vImE8n5BogE2Sk7N2l4.roa
Signing time: Tue 29 Sep 2020 10:01:34 +0000
ROA not before: Tue 29 Sep 2020 10:01:34 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24154
IP address blocks: 210.202.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2352 (0x930)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:34 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=876343EFC4F8BC8984F27E41A201364A4ECDDA5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0f:ca:de:63:f5:80:c1:ff:cf:4f:eb:83:79:
4a:cb:11:23:a7:9f:3d:35:77:a0:8c:71:59:a9:05:
e1:15:94:0e:cc:2b:97:94:05:82:5e:c5:db:21:ce:
44:25:2d:8c:61:be:57:fe:30:cb:0b:3d:43:e8:59:
ee:f2:73:58:94:47:db:3b:ba:29:6d:f3:c3:2d:08:
66:50:0b:74:ed:4f:91:b0:97:de:e1:d3:32:8d:d2:
83:95:37:a4:36:c1:0d:ee:49:08:3d:c0:e0:00:dd:
ab:fb:8a:7f:ce:8d:5e:fd:87:54:09:1a:30:1b:3b:
85:89:42:ad:4b:6e:a3:5c:39:e6:d7:ba:92:1f:ff:
a7:e2:8d:af:0f:c3:98:e8:ed:3f:b9:e2:9b:3c:4a:
29:5e:82:df:fb:d7:29:13:30:24:08:8a:b7:5e:fb:
c4:84:1f:68:af:c0:79:4a:0c:6d:0d:32:ad:7d:ed:
7f:80:ad:08:08:d8:9a:81:04:9e:70:e6:66:19:61:
30:94:38:cb:95:e3:a0:b7:d4:46:01:4c:4f:4c:34:
f2:c4:8a:d8:7c:dd:28:83:d2:d0:af:f3:c9:52:db:
08:9d:57:6e:1c:7b:c0:aa:33:89:e1:12:29:bb:60:
79:3e:09:34:53:eb:00:0e:d6:e7:e2:6b:8c:36:77:
14:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:63:43:EF:C4:F8:BC:89:84:F2:7E:41:A2:01:36:4A:4E:CD:DA:5E
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/h2ND78T4vImE8n5BogE2Sk7N2l4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.0.0/19
Signature Algorithm: sha256WithRSAEncryption
bb:67:77:59:d6:c4:bb:96:7c:7d:2d:0b:9e:0c:15:c8:c2:b2:
c8:35:9e:8c:4b:a1:89:2b:b3:c0:7e:91:0c:d5:ba:26:b2:5a:
98:c9:99:4b:0d:92:8e:a3:45:d5:7e:51:1b:b0:d1:72:61:eb:
3c:f8:3f:33:12:c0:7a:47:d8:7b:f1:f6:26:dd:6a:88:12:5f:
86:05:fd:7e:18:dd:0e:88:bc:6d:23:65:7a:82:5a:2b:0a:d6:
99:53:a6:5d:10:de:b8:27:1b:e7:64:13:9b:46:14:db:ac:fe:
2f:99:46:97:4e:a3:3b:03:ea:3b:3d:96:76:67:03:aa:82:da:
13:c4:1e:7e:48:4e:ab:a8:96:38:39:ad:ff:76:4d:d9:53:c7:
c5:58:ac:41:16:03:58:8a:b5:0a:30:2e:a4:a4:8d:19:da:0c:
e7:ab:aa:62:3b:26:6d:68:6c:10:fd:19:6b:cf:d5:9f:97:f2:
d8:e3:9b:a7:ca:ce:43:d4:70:96:52:9f:e4:18:ce:aa:f1:47:
8a:e7:bb:1e:d0:95:a0:86:27:c8:ef:b9:84:0b:56:3d:a3:23:
a8:36:2b:7d:9f:35:68:82:d0:ae:ea:ac:ad:04:1a:0a:8f:6a:
6c:31:7c:98:98:be:3f:ad:15:b8:b0:3a:5a:8c:f9:11:ea:57:
ad:d1:7a:22
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCTAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg3NjM0M0VGQzRGOEJD
ODk4NEYyN0U0MUEyMDEzNjRBNEVDRERBNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnD8reY/WAwf/PT+uDeUrLESOnnz01d6CMcVmpBeEVlA7MK5eU
BYJexdshzkQlLYxhvlf+MMsLPUPoWe7yc1iUR9s7uilt88MtCGZQC3TtT5Gwl97h
0zKN0oOVN6Q2wQ3uSQg9wOAA3av7in/OjV79h1QJGjAbO4WJQq1LbqNcOebXupIf
/6fija8Pw5jo7T+54ps8Silegt/71ykTMCQIirde+8SEH2ivwHlKDG0NMq197X+A
rQgI2JqBBJ5w5mYZYTCUOMuV46C31EYBTE9MNPLEith83SiD0tCv88lS2widV24c
e8CqM4nhEim7YHk+CTRT6wAO1ufia4w2dxQrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUh2ND78T4vImE8n5BogE2Sk7N2l4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaDJORDc4VDR2SW1FOG41Qm9nRTJT
azdOMmw0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdLKADAN
BgkqhkiG9w0BAQsFAAOCAQEAu2d3WdbEu5Z8fS0LngwVyMKyyDWejEuhiSuzwH6R
DNW6JrJamMmZSw2SjqNF1X5RG7DRcmHrPPg/MxLAekfYe/H2Jt1qiBJfhgX9fhjd
Doi8bSNleoJaKwrWmVOmXRDeuCcb52QTm0YU26z+L5lGl06jOwPqOz2WdmcDqoLa
E8QefkhOq6iWODmt/3ZN2VPHxVisQRYDWIq1CjAupKSNGdoM56uqYjsmbWhsEP0Z
a8/Vn5fy2OObp8rOQ9RwllKf5BjOqvFHiue7HtCVoIYnyO+5hAtWPaMjqDYrfZ81
aILQruqsrQQaCo9qbDF8mJi+P60VuLA6Woz5EepXrdF6Ig==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org