Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hqavFEpXGwiqyFM4Oqh34spGEIY.roa
File: hqavFEpXGwiqyFM4Oqh34spGEIY.roa (raw, json)
Hash identifier: 7tefn/gTkEAQAH0A2fHv/Fn74rMaHCTXE3nZBOQBcoQ=
Subject key identifier: 86:A6:AF:14:4A:57:1B:08:AA:C8:53:38:3A:A8:77:E2:CA:46:10:86
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E5C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hqavFEpXGwiqyFM4Oqh34spGEIY.roa
Signing time: Wed 29 Sep 2021 02:40:17 +0000
ROA not before: Wed 29 Sep 2021 02:40:17 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 210.203.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3676 (0xe5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:40:17 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=86A6AF144A571B08AAC853383AA877E2CA461086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:26:43:31:bf:f8:75:1b:0d:5e:90:c0:4b:4f:
e4:24:29:e2:68:b9:93:bf:fd:4d:65:84:00:f2:2d:
b5:d5:7b:59:1b:fe:1b:8d:da:f1:5a:3c:03:5a:12:
9b:2c:81:60:b2:d1:68:55:61:c6:e1:c6:76:86:6b:
63:9a:cf:6b:42:ce:49:d1:f4:d5:2e:5f:23:c5:32:
28:25:b9:ac:1d:ad:a1:e6:8e:dc:0a:71:77:5d:c5:
47:0f:45:1a:b3:61:77:47:7e:dc:ad:ae:ee:d7:84:
05:5c:7c:aa:23:7a:c3:20:e6:8a:20:95:fa:c5:19:
48:e7:18:e8:85:75:32:34:14:9b:1a:15:3c:b3:c0:
ba:82:56:01:92:a4:60:f8:9b:0d:ee:cd:b2:a2:54:
cc:e0:f6:89:9e:28:cc:00:88:58:55:44:65:4f:c6:
2e:8b:2e:1f:a6:a3:7c:66:83:39:7c:c3:fe:4f:48:
fb:e8:a0:28:da:69:c8:bb:df:ad:b7:a6:26:4f:db:
9f:c9:69:9d:f9:ad:27:17:6e:0c:24:25:78:a2:38:
ec:e6:7a:a0:52:58:ff:e4:be:f2:a3:f3:e6:8b:e2:
01:da:e8:5e:f8:ca:8d:bf:04:f6:fd:38:31:49:f7:
77:0f:5f:11:2c:dd:cb:a8:a2:ae:80:28:3f:d9:4b:
46:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A6:AF:14:4A:57:1B:08:AA:C8:53:38:3A:A8:77:E2:CA:46:10:86
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hqavFEpXGwiqyFM4Oqh34spGEIY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.20.0/22
Signature Algorithm: sha256WithRSAEncryption
51:1d:a5:e8:d7:c0:3d:08:22:93:4f:dd:0e:2b:c1:59:64:a4:
57:4a:9b:92:dc:bd:85:34:1a:7c:ca:67:2f:17:5c:5d:cf:b3:
2a:c4:29:33:04:79:e6:c1:69:6f:6f:59:a0:c3:eb:d7:ac:8a:
a5:32:bc:32:7a:b2:9a:c1:34:1b:19:8b:d4:37:24:a7:cf:f5:
9f:7a:2b:92:38:1f:c6:fe:fb:c6:d1:2b:70:38:bf:13:b6:03:
a4:db:55:07:3c:d3:67:5c:28:14:b0:d9:14:6b:88:7a:75:00:
13:98:35:c8:4b:e5:ab:dd:b3:80:32:2d:92:ce:23:11:c6:d8:
ba:60:6c:1d:37:cf:15:0f:55:76:00:e9:c3:2c:12:51:3e:3a:
ba:40:51:55:02:ef:aa:9e:bb:80:9a:17:65:d2:a0:ad:ca:cf:
ab:af:63:e1:03:aa:92:1b:57:01:bf:fe:73:dd:e5:87:dd:0b:
8c:3d:4e:c2:9e:bc:00:fa:68:5a:e5:9c:04:9a:dd:f4:9c:0a:
a9:8a:8b:2b:76:4e:12:54:88:d3:15:bb:e1:bb:7d:35:81:5f:
8b:83:d3:57:85:c8:82:1f:c7:d5:6b:54:a8:c7:81:df:dd:ec:
19:27:87:b1:65:ad:e4:46:ba:dc:dd:44:a3:6c:a2:2d:8e:a1:
bf:24:b8:5d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDlwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg2QTZBRjE0NEE1NzFC
MDhBQUM4NTMzODNBQTg3N0UyQ0E0NjEwODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiJkMxv/h1Gw1ekMBLT+QkKeJouZO//U1lhADyLbXVe1kb/huN
2vFaPANaEpssgWCy0WhVYcbhxnaGa2Oaz2tCzknR9NUuXyPFMigluawdraHmjtwK
cXddxUcPRRqzYXdHftytru7XhAVcfKojesMg5ooglfrFGUjnGOiFdTI0FJsaFTyz
wLqCVgGSpGD4mw3uzbKiVMzg9omeKMwAiFhVRGVPxi6LLh+mo3xmgzl8w/5PSPvo
oCjaaci73623piZP25/JaZ35rScXbgwkJXiiOOzmeqBSWP/kvvKj8+aL4gHa6F74
yo2/BPb9ODFJ93cPXxEs3cuooq6AKD/ZS0a7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhqavFEpXGwiqyFM4Oqh34spGEIYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaHFhdkZFcFhHd2lxeUZNNE9xaDM0
c3BHRUlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLLFDAN
BgkqhkiG9w0BAQsFAAOCAQEAUR2l6NfAPQgik0/dDivBWWSkV0qbkty9hTQafMpn
LxdcXc+zKsQpMwR55sFpb29ZoMPr16yKpTK8MnqymsE0GxmL1Dckp8/1n3orkjgf
xv77xtErcDi/E7YDpNtVBzzTZ1woFLDZFGuIenUAE5g1yEvlq92zgDItks4jEcbY
umBsHTfPFQ9VdgDpwywSUT46ukBRVQLvqp67gJoXZdKgrcrPq69j4QOqkhtXAb/+
c93lh90LjD1Owp68APpoWuWcBJrd9JwKqYqLK3ZOElSI0xW74bt9NYFfi4PTV4XI
gh/H1WtUqMeB393sGSeHsWWt5Ea63N1Eo2yiLY6hvyS4XQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org