Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/kummLRSzoHMKZ0oIoodTu09pL2c.roa
File: kummLRSzoHMKZ0oIoodTu09pL2c.roa (raw, json)
Hash identifier: URCTc9JueTcTUCToYCb96WAFxyti8m6sFk8XD/ECazk=
Subject key identifier: 92:E9:A6:2D:14:B3:A0:73:0A:67:4A:08:A2:87:53:BB:4F:69:2F:67
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C2B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kummLRSzoHMKZ0oIoodTu09pL2c.roa
Signing time: Sun 07 Feb 2021 11:35:08 +0000
ROA not before: Sun 07 Feb 2021 11:35:08 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9311
IP address blocks: 210.58.96.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3115 (0xc2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:35:08 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=92E9A62D14B3A0730A674A08A28753BB4F692F67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:06:d2:c9:87:7f:61:cd:ad:75:a3:6b:57:fe:
0e:f3:b9:77:17:ce:dd:f9:23:88:eb:53:25:55:c0:
b2:1b:f6:ff:0b:c9:c4:f5:04:c9:a2:5a:61:34:4e:
69:3b:b8:5b:b8:23:eb:b6:a0:f5:09:30:88:03:f9:
e9:94:65:f3:a0:40:5f:6d:54:60:bc:1a:d2:7e:8e:
31:71:fa:6e:ea:27:83:f3:10:cb:3a:a9:55:04:db:
36:59:db:04:d2:e9:1b:4b:93:e3:a5:c6:73:9f:5e:
1e:08:9e:5a:44:10:8b:4a:17:5d:a2:e1:30:59:a9:
e6:68:19:33:fc:24:68:6c:70:2d:10:26:2b:76:ee:
39:63:68:33:42:e8:38:2a:88:26:ec:1d:8d:8e:36:
ba:6b:0c:57:be:60:ff:b5:b5:96:b0:8e:bd:3e:ca:
db:8d:34:cf:86:4e:be:4f:3e:af:af:75:08:09:45:
42:28:82:d5:88:d4:5b:40:99:ac:9b:aa:dd:ac:9a:
35:0f:ac:7d:72:a2:52:5c:63:d4:c5:59:01:7b:db:
95:9d:86:9b:09:a6:79:51:20:28:db:a2:ba:a0:2d:
61:3c:e6:77:9e:68:ac:10:c7:91:a9:15:16:28:9d:
e5:a7:47:44:d6:de:46:e2:56:b8:91:47:1f:10:c1:
fe:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E9:A6:2D:14:B3:A0:73:0A:67:4A:08:A2:87:53:BB:4F:69:2F:67
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kummLRSzoHMKZ0oIoodTu09pL2c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.96.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:69:43:6b:05:91:46:6a:22:a9:3a:6f:a4:ea:73:cf:0f:87:
71:61:14:64:b0:87:98:50:a5:d1:89:14:54:1c:8f:1e:47:06:
5d:88:30:bb:71:1a:78:21:cc:d2:d7:13:41:a8:c5:b8:ca:cc:
83:16:6a:f2:8a:42:d6:ee:3a:dc:72:cf:f2:1c:f6:ff:0b:67:
13:b7:62:9b:a1:fb:b1:53:ba:23:c3:9c:33:c0:48:88:9f:ad:
fa:1f:3a:27:54:3e:eb:38:41:f0:49:3e:0f:05:27:b1:06:31:
4e:b4:79:db:ec:9b:f6:86:50:9f:b2:04:0d:82:10:05:f8:40:
9a:75:e3:74:7b:9f:40:fd:1a:44:bd:c0:1f:7f:66:bf:94:4f:
10:fd:da:63:c2:f5:0d:e9:f4:da:ed:db:b7:76:e7:7c:ad:03:
8d:03:66:50:cf:41:d3:61:7e:c4:6c:3d:cb:cd:bc:95:78:1c:
68:bb:3e:c1:7b:ee:7e:23:9b:12:27:95:5c:2b:35:7c:0c:18:
dd:be:97:45:c9:0e:2b:6a:0d:6f:95:a6:a5:76:9a:19:e3:d8:
15:ba:82:4e:dd:b1:be:d0:81:22:d8:f0:a9:46:17:05:87:2c:
5c:9c:b6:9b:5b:07:1d:fb:e7:47:47:b3:e0:ac:9b:fb:de:8e:
ef:d4:e5:2a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDCswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM1MDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDkyRTlBNjJEMTRCM0Ew
NzMwQTY3NEEwOEEyODc1M0JCNEY2OTJGNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpBtLJh39hza11o2tX/g7zuXcXzt35I4jrUyVVwLIb9v8LycT1
BMmiWmE0Tmk7uFu4I+u2oPUJMIgD+emUZfOgQF9tVGC8GtJ+jjFx+m7qJ4PzEMs6
qVUE2zZZ2wTS6RtLk+OlxnOfXh4InlpEEItKF12i4TBZqeZoGTP8JGhscC0QJit2
7jljaDNC6DgqiCbsHY2ONrprDFe+YP+1tZawjr0+ytuNNM+GTr5PPq+vdQgJRUIo
gtWI1FtAmaybqt2smjUPrH1yolJcY9TFWQF725WdhpsJpnlRICjborqgLWE85nee
aKwQx5GpFRYoneWnR0TW3kbiVriRRx8Qwf4TAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkummLRSzoHMKZ0oIoodTu09pL2cwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wva3VtbUxSU3pvSE1LWjBvSW9vZFR1
MDlwTDJjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I6YDAN
BgkqhkiG9w0BAQsFAAOCAQEAP2lDawWRRmoiqTpvpOpzzw+HcWEUZLCHmFCl0YkU
VByPHkcGXYgwu3EaeCHM0tcTQajFuMrMgxZq8opC1u463HLP8hz2/wtnE7dim6H7
sVO6I8OcM8BIiJ+t+h86J1Q+6zhB8Ek+DwUnsQYxTrR52+yb9oZQn7IEDYIQBfhA
mnXjdHufQP0aRL3AH39mv5RPEP3aY8L1Den02u3bt3bnfK0DjQNmUM9B02F+xGw9
y828lXgcaLs+wXvufiObEieVXCs1fAwY3b6XRckOK2oNb5WmpXaaGePYFbqCTt2x
vtCBItjwqUYXBYcsXJy2m1sHHfvnR0ez4Kyb+96O79TlKg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:45 2023 by rpki-client on console-ams.rpki-client.org