Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/igB7llYHqwEs2M3EwK7fEoyDRHY.roa
File: igB7llYHqwEs2M3EwK7fEoyDRHY.roa (raw, json)
Hash identifier: USd9Zm28SG4mjDyaYlFBxVopDAlL4CdfHlaUZLYc7QI=
Subject key identifier: 8A:00:7B:96:56:07:AB:01:2C:D8:CD:C4:C0:AE:DF:12:8C:83:44:76
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E1B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/igB7llYHqwEs2M3EwK7fEoyDRHY.roa
Signing time: Wed 29 Sep 2021 02:39:58 +0000
ROA not before: Wed 29 Sep 2021 02:39:58 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7482
IP address blocks: 203.79.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3611 (0xe1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:58 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=8A007B965607AB012CD8CDC4C0AEDF128C834476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3c:85:d3:d4:8f:f6:c8:84:9f:0d:5f:be:c0:
23:20:3c:b3:d1:f8:1e:01:46:68:30:37:47:9b:27:
57:dc:10:69:80:ec:de:b5:2d:0d:5f:2b:41:be:0b:
4d:11:0d:1c:07:02:5d:3c:31:60:df:14:5a:11:a1:
ab:a3:3f:d1:3a:74:ce:94:df:6f:ee:ef:cb:ce:60:
fe:0f:ab:c9:1b:b7:c3:94:f8:5f:1c:0d:cc:0f:ae:
86:fd:ea:60:06:fc:1d:d1:46:a3:5c:71:29:2c:55:
f1:0d:a0:b8:06:3f:6b:07:b6:f6:23:6a:60:af:aa:
92:52:c6:b4:b4:5c:e9:60:fc:9e:5b:73:eb:fc:46:
6e:53:36:13:55:6d:d7:92:5a:ba:96:7a:ee:46:a5:
a5:8d:f3:a6:8b:28:d3:a8:a3:44:aa:95:2c:75:53:
ce:f8:da:3e:70:b5:89:53:53:46:28:0a:b2:22:4d:
33:58:8a:6e:1e:ff:08:49:18:3e:1f:61:c4:c4:24:
17:20:47:ef:fd:54:ff:46:85:5a:9a:65:95:1c:b6:
96:db:dc:f7:f6:f4:5a:cb:16:49:02:09:45:cb:07:
37:b3:bb:5a:38:ee:2f:bd:9f:83:af:71:d8:ee:11:
25:4e:a3:58:83:ee:b8:5b:98:f0:c8:bb:de:c6:6a:
ee:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:00:7B:96:56:07:AB:01:2C:D8:CD:C4:C0:AE:DF:12:8C:83:44:76
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/igB7llYHqwEs2M3EwK7fEoyDRHY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.128.0/17
Signature Algorithm: sha256WithRSAEncryption
56:89:0c:13:51:ee:ee:3c:ec:9a:33:6f:6c:d7:2e:b6:66:56:
6f:29:40:18:f2:ea:7d:9f:80:45:ae:40:5a:04:55:ff:70:36:
c2:a3:56:0a:19:34:77:d5:d0:12:28:20:3f:a1:c9:fd:4e:77:
fb:27:73:d4:e0:dc:ee:af:dc:29:3e:a9:98:27:11:7a:1b:3e:
c3:e3:dd:35:7b:a4:b4:fd:76:b8:6a:cd:9d:5e:39:77:37:6d:
4b:50:19:bb:3e:f5:08:90:40:c0:22:48:75:32:7c:ee:27:e9:
0f:37:2c:10:dc:d7:22:b8:80:7a:b5:44:c5:60:aa:1e:af:76:
de:3f:3f:4e:d3:03:c3:d3:1a:2f:d6:cb:41:44:c3:d2:b9:91:
a3:4d:ea:96:67:7d:64:37:1c:59:57:ae:90:98:f3:24:29:00:
26:ff:01:ef:9d:7e:06:7e:65:78:1e:dd:a9:ea:d1:90:46:8c:
93:19:21:4a:85:99:13:77:0e:db:44:2a:f6:f5:41:f6:58:b2:
85:f1:35:a6:39:93:02:ee:f0:df:40:e0:a7:05:ee:b7:ec:03:
a0:b4:43:8c:c7:fc:18:8f:08:7d:e3:04:aa:ef:a4:6f:64:f7:
d2:51:79:db:5f:15:31:a3:5e:ea:06:65:de:79:76:38:b1:45:
09:0b:a0:91
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDhBMDA3Qjk2NTYwN0FC
MDEyQ0Q4Q0RDNEMwQUVERjEyOEM4MzQ0NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3PIXT1I/2yISfDV++wCMgPLPR+B4BRmgwN0ebJ1fcEGmA7N61
LQ1fK0G+C00RDRwHAl08MWDfFFoRoaujP9E6dM6U32/u78vOYP4Pq8kbt8OU+F8c
DcwProb96mAG/B3RRqNccSksVfENoLgGP2sHtvYjamCvqpJSxrS0XOlg/J5bc+v8
Rm5TNhNVbdeSWrqWeu5GpaWN86aLKNOoo0SqlSx1U8742j5wtYlTU0YoCrIiTTNY
im4e/whJGD4fYcTEJBcgR+/9VP9GhVqaZZUctpbb3Pf29FrLFkkCCUXLBzezu1o4
7i+9n4OvcdjuESVOo1iD7rhbmPDIu97Gau4xAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUigB7llYHqwEs2M3EwK7fEoyDRHYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaWdCN2xsWUhxd0VzMk0zRXdLN2ZF
b3lEUkhZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8tPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAVokME1Hu7jzsmjNvbNcutmZWbylAGPLqfZ+ARa5A
WgRV/3A2wqNWChk0d9XQEiggP6HJ/U53+ydz1ODc7q/cKT6pmCcRehs+w+PdNXuk
tP12uGrNnV45dzdtS1AZuz71CJBAwCJIdTJ87ifpDzcsENzXIriAerVExWCqHq92
3j8/TtMDw9MaL9bLQUTD0rmRo03qlmd9ZDccWVeukJjzJCkAJv8B751+Bn5leB7d
qerRkEaMkxkhSoWZE3cO20Qq9vVB9liyhfE1pjmTAu7w30DgpwXut+wDoLRDjMf8
GI8IfeMEqu+kb2T30lF5218VMaNe6gZl3nl2OLFFCQugkQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org