Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/jMMhtitsUNtwiAdbor8pZZRH4-E.roa
File: jMMhtitsUNtwiAdbor8pZZRH4-E.roa (raw, json)
Hash identifier: dV2+AF9OIDNpqMlBAG2L1jW1qiuq/r9cJHsCEf3v1fk=
Subject key identifier: 8C:C3:21:B6:2B:6C:50:DB:70:88:07:5B:A2:BF:29:65:94:47:E3:E1
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 090B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/jMMhtitsUNtwiAdbor8pZZRH4-E.roa
Signing time: Tue 29 Sep 2020 10:01:24 +0000
ROA not before: Tue 29 Sep 2020 10:01:24 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131591
IP address blocks: 2404:0:8000::/36 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2315 (0x90b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:24 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=8CC321B62B6C50DB7088075BA2BF29659447E3E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:61:1d:f0:12:ed:b9:f3:2d:1f:c5:65:14:
90:e5:f5:d4:c4:40:5b:6b:d2:a3:8f:a8:c6:ad:98:
7c:47:4f:16:03:70:d3:93:e2:1b:60:86:0f:1f:83:
9b:8b:cb:a8:16:c9:c2:7f:13:84:ac:95:7b:65:30:
a5:15:19:43:d6:a4:c9:34:be:57:ac:be:3d:d6:25:
35:38:8a:74:fd:9a:7f:82:00:fa:8f:dc:89:55:ba:
e3:e3:20:57:5c:c7:68:c1:00:9b:a5:e6:2f:e4:d7:
02:ea:03:77:3d:f9:1e:eb:a5:7d:b2:54:3f:32:c4:
48:a6:fd:f0:15:94:07:39:63:06:67:68:1c:13:ef:
59:a2:29:ad:bc:41:c3:7f:43:6f:2f:d6:34:67:ae:
bc:7f:d9:19:15:04:53:3d:74:a1:53:d1:b1:b8:c0:
88:56:bb:45:c9:86:bf:ff:8b:44:fc:4f:cf:d7:46:
bc:5e:ad:e1:0a:a7:ea:9f:6c:dc:04:09:89:67:e4:
e8:5a:8b:f3:4c:04:db:9c:7b:29:c2:ac:95:70:94:
b5:5c:74:b5:87:9f:51:06:df:93:4f:36:f1:05:37:
74:63:e8:18:6e:7b:a4:fe:35:75:ed:66:f7:4b:34:
d2:ab:49:d0:72:61:b1:b1:6d:26:c4:77:85:61:b1:
6f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C3:21:B6:2B:6C:50:DB:70:88:07:5B:A2:BF:29:65:94:47:E3:E1
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/jMMhtitsUNtwiAdbor8pZZRH4-E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:0:8000::/36
Signature Algorithm: sha256WithRSAEncryption
87:f6:ca:fa:7f:df:8a:22:24:2c:22:53:85:2e:6b:44:b9:05:
de:c5:17:5c:f4:32:38:dd:92:a9:cc:1b:33:22:06:9e:cb:95:
1f:92:07:34:6e:a6:c0:9e:5e:80:37:84:1e:37:d8:2a:69:d3:
c5:c6:20:8f:17:cd:44:af:44:59:09:0c:67:3d:a3:1b:5b:cd:
15:17:f6:96:dc:5e:93:8f:f1:b2:be:49:b7:f5:2c:9f:a5:0c:
e2:33:1f:9c:a8:29:12:92:29:c3:07:44:40:d1:c2:31:2a:4e:
e1:bf:d3:b2:88:6b:b0:76:93:24:77:74:7a:2e:1f:60:9c:83:
f3:3f:fc:2d:72:e2:c6:f4:d8:80:a5:a6:eb:ca:c8:3b:e6:9a:
82:22:26:68:d3:19:5c:2c:7e:2e:87:9a:18:0b:d9:33:63:4b:
fc:88:dd:b3:06:f7:7b:5f:2f:df:23:c8:f7:67:7f:22:cc:60:
f0:21:3a:6c:4a:29:61:16:27:a5:9a:22:3c:d4:24:89:19:4b:
8c:56:e2:02:23:5c:62:6d:61:8b:95:42:a0:b9:2f:7e:01:a7:
95:41:fc:9a:15:88:30:47:a0:f4:1d:f2:1c:2d:32:d6:a4:a3:
c8:a7:1e:cc:a7:05:3c:9e:9d:6f:26:39:93:ca:1c:2e:28:53:
7d:6f:60:ac
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCQswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMjRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDhDQzMyMUI2MkI2QzUw
REI3MDg4MDc1QkEyQkYyOTY1OTQ0N0UzRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCus2Ed8BLtufMtH8VlFJDl9dTEQFtr0qOPqMatmHxHTxYDcNOT
4htghg8fg5uLy6gWycJ/E4SslXtlMKUVGUPWpMk0vlesvj3WJTU4inT9mn+CAPqP
3IlVuuPjIFdcx2jBAJul5i/k1wLqA3c9+R7rpX2yVD8yxEim/fAVlAc5YwZnaBwT
71miKa28QcN/Q28v1jRnrrx/2RkVBFM9dKFT0bG4wIhWu0XJhr//i0T8T8/XRrxe
reEKp+qfbNwECYln5Ohai/NMBNuceynCrJVwlLVcdLWHn1EG35NPNvEFN3Rj6Bhu
e6T+NXXtZvdLNNKrSdByYbGxbSbEd4VhsW/rAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUjMMhtitsUNtwiAdbor8pZZRH4+EwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvak1NaHRpdHNVTnR3aUFkYm9yOHBa
WlJINC1FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCQEAACA
MA0GCSqGSIb3DQEBCwUAA4IBAQCH9sr6f9+KIiQsIlOFLmtEuQXexRdc9DI43ZKp
zBszIgaey5Ufkgc0bqbAnl6AN4QeN9gqadPFxiCPF81Er0RZCQxnPaMbW80VF/aW
3F6Tj/Gyvkm39SyfpQziMx+cqCkSkinDB0RA0cIxKk7hv9OyiGuwdpMkd3R6Lh9g
nIPzP/wtcuLG9NiApabrysg75pqCIiZo0xlcLH4uh5oYC9kzY0v8iN2zBvd7Xy/f
I8j3Z38izGDwITpsSilhFielmiI81CSJGUuMVuICI1xibWGLlUKguS9+AaeVQfya
FYgwR6D0HfIcLTLWpKPIpx7MpwU8np1vJjmTyhwuKFN9b2Cs
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org