Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/l8dltE93oU8nWKjiGBZybnWiDiY.roa
File: l8dltE93oU8nWKjiGBZybnWiDiY.roa (raw, json)
Hash identifier: 3MHSa6rkQCk2jBh/xwwrCRPCcUHLt2bIkl8jAX9V8vY=
Subject key identifier: 97:C7:65:B4:4F:77:A1:4F:27:58:A8:E2:18:16:72:6E:75:A2:0E:26
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 08F1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/l8dltE93oU8nWKjiGBZybnWiDiY.roa
Signing time: Tue 29 Sep 2020 10:01:16 +0000
ROA not before: Tue 29 Sep 2020 10:01:16 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9311
IP address blocks: 210.203.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2289 (0x8f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:16 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=97C765B44F77A14F2758A8E21816726E75A20E26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:50:ab:c4:12:9d:3f:5a:d1:37:29:1d:e3:1e:
44:8e:3b:a5:b1:58:52:0d:d3:0e:65:ba:a4:38:01:
b8:c5:21:c7:ed:55:c6:6c:0f:7c:b6:ae:30:97:30:
5c:e7:9e:00:aa:fc:7c:3f:81:8d:6f:fd:cb:06:73:
73:9d:f4:ab:c7:ea:a1:a6:6e:39:d4:86:8c:38:a3:
2a:fe:f2:3f:40:5b:0c:72:0e:d5:6f:02:13:eb:db:
ba:34:a4:b0:57:7b:a2:06:9b:5a:ed:15:13:f5:26:
94:24:1e:31:c8:cf:65:80:6d:00:ed:1d:2a:67:15:
e1:59:97:3b:94:c3:2e:19:0c:a3:2f:b3:c1:c3:cb:
8a:bb:d2:97:27:93:ce:56:e4:98:78:62:c6:1f:1f:
6e:e5:26:d0:c8:82:be:03:2f:39:07:a5:ea:e4:56:
08:2c:34:d1:12:0e:e2:20:70:54:a9:4e:72:70:83:
dd:f3:a7:50:1e:d5:50:66:57:f1:03:89:29:3d:89:
45:63:91:3d:aa:c7:dd:56:75:21:e6:1f:30:c7:fe:
8c:b5:54:86:38:0f:8a:f4:5a:53:80:07:0b:ab:96:
87:5a:f3:be:a4:36:85:56:cc:7b:5b:f2:27:3f:52:
96:b2:a5:0d:2f:9b:c8:49:b3:54:4f:51:fc:e1:c1:
5b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C7:65:B4:4F:77:A1:4F:27:58:A8:E2:18:16:72:6E:75:A2:0E:26
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/l8dltE93oU8nWKjiGBZybnWiDiY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/17
Signature Algorithm: sha256WithRSAEncryption
0d:ef:0f:a8:df:69:32:14:9b:de:6e:f5:b3:72:2b:b4:60:dd:
94:cb:10:5d:e9:23:4f:e8:59:9a:c4:0b:9f:61:ae:17:c3:00:
48:b9:e6:09:6a:94:19:67:84:f9:16:f9:0c:13:90:e4:ae:53:
ac:7b:fe:0e:17:05:d4:48:fd:51:f7:dc:29:dd:24:fe:02:2a:
73:71:7d:20:9f:29:4e:9b:e0:1e:a0:bd:d2:63:dd:69:94:c1:
91:af:ee:e8:d2:9a:87:0b:9b:33:52:19:3f:0a:f6:e9:45:e2:
3a:58:32:5f:71:47:4a:fc:7f:1c:0b:4c:cd:5a:7f:ee:ba:3d:
9d:bd:ff:16:d0:e5:52:86:df:1d:6e:f8:67:f1:0c:36:8d:be:
e8:d7:aa:4a:1d:b5:07:2d:5a:2e:bc:0b:d3:32:5e:ff:87:16:
d2:3a:ee:ab:71:8c:31:54:97:1d:03:be:93:7a:44:ae:f6:05:
26:42:aa:3c:40:60:ec:1e:e1:0d:83:79:15:c3:04:16:de:62:
5e:c3:3a:f5:b4:63:0d:ed:01:71:e7:43:d5:bb:53:37:2b:a5:
d8:4f:78:3c:61:28:29:99:4d:0f:c3:d0:cd:60:d5:49:0b:af:
c9:fe:ac:f9:1b:83:57:8d:cd:bb:d6:17:5e:1f:ef:eb:99:4c:
eb:5c:55:27
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMTZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDk3Qzc2NUI0NEY3N0Ex
NEYyNzU4QThFMjE4MTY3MjZFNzVBMjBFMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPUKvEEp0/WtE3KR3jHkSOO6WxWFIN0w5luqQ4AbjFIcftVcZs
D3y2rjCXMFznngCq/Hw/gY1v/csGc3Od9KvH6qGmbjnUhow4oyr+8j9AWwxyDtVv
AhPr27o0pLBXe6IGm1rtFRP1JpQkHjHIz2WAbQDtHSpnFeFZlzuUwy4ZDKMvs8HD
y4q70pcnk85W5Jh4YsYfH27lJtDIgr4DLzkHperkVggsNNESDuIgcFSpTnJwg93z
p1Ae1VBmV/EDiSk9iUVjkT2qx91WdSHmHzDH/oy1VIY4D4r0WlOABwurloda876k
NoVWzHtb8ic/UpaypQ0vm8hJs1RPUfzhwVuZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUl8dltE93oU8nWKjiGBZybnWiDiYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbDhkbHRFOTNvVThuV0tqaUdCWnli
bldpRGlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LLADAN
BgkqhkiG9w0BAQsFAAOCAQEADe8PqN9pMhSb3m71s3IrtGDdlMsQXekjT+hZmsQL
n2GuF8MASLnmCWqUGWeE+Rb5DBOQ5K5TrHv+DhcF1Ej9UffcKd0k/gIqc3F9IJ8p
TpvgHqC90mPdaZTBka/u6NKahwubM1IZPwr26UXiOlgyX3FHSvx/HAtMzVp/7ro9
nb3/FtDlUobfHW74Z/EMNo2+6NeqSh21By1aLrwL0zJe/4cW0jruq3GMMVSXHQO+
k3pErvYFJkKqPEBg7B7hDYN5FcMEFt5iXsM69bRjDe0BcedD1btTNyul2E94PGEo
KZlND8PQzWDVSQuvyf6s+RuDV43Nu9YXXh/v65lM61xVJw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org