Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/i9ZRyH3qnK-TCQNPRmB1hYVIblw.roa
File: i9ZRyH3qnK-TCQNPRmB1hYVIblw.roa (raw, json)
Hash identifier: zUSuFdQ0GJbN8nioIDKxOK82NAcQ2wM/4o1UBxULyaM=
Subject key identifier: 8B:D6:51:C8:7D:EA:9C:AF:93:09:03:4F:46:60:75:85:85:48:6E:5C
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 08F3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/i9ZRyH3qnK-TCQNPRmB1hYVIblw.roa
Signing time: Tue 29 Sep 2020 10:01:17 +0000
ROA not before: Tue 29 Sep 2020 10:01:17 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 24154
IP address blocks: 222.156.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2291 (0x8f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:17 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=8BD651C87DEA9CAF9309034F4660758585486E5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4a:5f:37:f7:c8:04:3d:da:d2:d1:52:3f:13:
07:32:c6:16:bb:25:9a:75:19:77:10:10:9c:36:20:
40:43:c3:6f:bb:b4:e0:26:94:a5:3d:d7:46:d7:7d:
ad:e0:68:e9:b1:ea:64:9d:ce:6a:f8:36:1c:a1:0f:
d3:d4:a0:d0:32:b5:f6:30:35:35:fc:c4:82:9b:4c:
7b:45:c6:a1:e1:4f:9a:d2:ad:67:4c:a6:1d:29:2f:
41:e6:89:bf:9f:f8:f5:17:45:c6:08:4c:0d:41:33:
5a:bc:58:63:d1:41:e5:6d:9e:85:ed:27:8b:92:a3:
f5:72:a9:3e:0a:bb:57:7b:21:eb:56:c9:72:12:96:
bd:b3:65:08:35:97:36:50:8c:17:95:5b:94:ee:b2:
5f:6f:37:1c:fc:20:8b:af:aa:71:eb:1e:3a:b9:95:
22:64:73:06:5d:5a:c8:77:a1:dc:a5:91:fb:00:7e:
6a:9f:3a:f6:06:f4:f0:5d:43:6a:85:a9:5a:1f:5a:
be:ef:19:67:47:34:a0:27:98:29:13:69:58:96:7b:
cd:82:b7:26:01:02:e4:7a:bf:bd:47:20:84:fc:4e:
4f:55:03:80:6b:71:2b:82:bf:cf:20:58:0e:10:cb:
8d:9f:2a:e2:97:f3:17:26:71:c9:9c:01:36:ea:6f:
73:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D6:51:C8:7D:EA:9C:AF:93:09:03:4F:46:60:75:85:85:48:6E:5C
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/i9ZRyH3qnK-TCQNPRmB1hYVIblw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.156.246.0/24
Signature Algorithm: sha256WithRSAEncryption
08:16:dd:d0:9b:a2:a4:cc:4c:50:41:fd:15:ad:9e:5e:33:c8:
d5:dc:f4:fe:c6:4a:b8:ce:7f:47:4b:d2:3e:1d:df:d1:87:b2:
cf:e1:e6:69:05:54:d6:ea:96:88:c5:f1:95:2d:09:ad:99:d7:
d1:95:0f:19:1c:e4:d7:16:01:66:43:62:1d:ac:16:79:21:26:
4b:98:c1:c6:81:31:bd:4d:f9:4f:6b:49:09:c4:09:04:85:62:
ad:f0:39:8d:69:5f:e2:17:11:a6:8c:eb:51:08:a0:22:ca:f2:
fa:9b:97:5e:34:24:4d:a5:be:e2:c1:10:7c:03:ab:87:5b:99:
b6:c0:f1:ed:34:b0:33:a1:e0:45:8a:61:fc:15:5a:d5:bc:81:
54:04:f6:f8:cd:2a:56:ab:e7:cb:0c:53:e4:74:a9:cf:38:eb:
fb:df:11:2a:83:ea:cc:df:93:ce:8f:8c:95:b7:4c:05:fc:74:
2e:b0:a9:cb:22:7b:3b:3f:7c:b1:73:8f:fe:ea:8c:dc:b3:ea:
db:73:62:a9:88:4d:11:3e:1f:f6:b4:5c:c6:05:e2:be:5a:af:
cf:32:16:15:9f:a5:7e:69:a9:8c:7f:15:f2:ea:c4:88:6d:a4:
10:61:9e:6a:32:b8:db:0c:cb:a3:2f:50:b7:e1:0f:c3:35:4d:
81:8e:cc:a8
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDhCRDY1MUM4N0RFQTlD
QUY5MzA5MDM0RjQ2NjA3NTg1ODU0ODZFNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrSl8398gEPdrS0VI/Ewcyxha7JZp1GXcQEJw2IEBDw2+7tOAm
lKU910bXfa3gaOmx6mSdzmr4NhyhD9PUoNAytfYwNTX8xIKbTHtFxqHhT5rSrWdM
ph0pL0Hmib+f+PUXRcYITA1BM1q8WGPRQeVtnoXtJ4uSo/VyqT4Ku1d7IetWyXIS
lr2zZQg1lzZQjBeVW5Tusl9vNxz8IIuvqnHrHjq5lSJkcwZdWsh3odylkfsAfmqf
OvYG9PBdQ2qFqVofWr7vGWdHNKAnmCkTaViWe82CtyYBAuR6v71HIIT8Tk9VA4Br
cSuCv88gWA4Qy42fKuKX8xcmccmcATbqb3PLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUi9ZRyH3qnK+TCQNPRmB1hYVIblwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaTlaUnlIM3FuSy1UQ1FOUFJtQjFo
WVZJYmx3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN6c9jAN
BgkqhkiG9w0BAQsFAAOCAQEACBbd0JuipMxMUEH9Fa2eXjPI1dz0/sZKuM5/R0vS
Ph3f0Yeyz+HmaQVU1uqWiMXxlS0JrZnX0ZUPGRzk1xYBZkNiHawWeSEmS5jBxoEx
vU35T2tJCcQJBIVirfA5jWlf4hcRpozrUQigIsry+puXXjQkTaW+4sEQfAOrh1uZ
tsDx7TSwM6HgRYph/BVa1byBVAT2+M0qVqvnywxT5HSpzzjr+98RKoPqzN+Tzo+M
lbdMBfx0LrCpyyJ7Oz98sXOP/uqM3LPq23NiqYhNET4f9rRcxgXivlqvzzIWFZ+l
fmmpjH8V8urEiG2kEGGeajK42wzLoy9Qt+EPwzVNgY7MqA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org