Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/mOAhNbR2S-73PIBslgPH1WP_424.roa
File: mOAhNbR2S-73PIBslgPH1WP_424.roa (raw, json)
Hash identifier: 5m4x4LjuFmhGgRXIa7/qHwDxCY5b4kZk2NcLWumSTug=
Subject key identifier: 98:E0:21:35:B4:76:4B:EE:F7:3C:80:6C:96:03:C7:D5:63:FF:E3:6E
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E58
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/mOAhNbR2S-73PIBslgPH1WP_424.roa
Signing time: Wed 29 Sep 2021 02:40:15 +0000
ROA not before: Wed 29 Sep 2021 02:40:15 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 210.63.216.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3672 (0xe58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:40:15 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=98E02135B4764BEEF73C806C9603C7D563FFE36E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c7:20:ea:3e:75:8e:e2:ca:0a:b4:d0:19:c0:
ca:c5:00:76:74:40:5a:81:96:9b:64:fc:a5:00:ad:
36:40:57:ce:84:b1:ec:d6:34:a3:9b:d2:9f:33:d0:
c4:df:4c:b9:eb:69:42:a0:ed:b2:c1:33:61:a5:20:
69:f8:aa:40:8b:a4:b2:2b:8f:a0:14:cb:4d:b8:3a:
a5:6b:3a:cc:82:ac:60:c0:f2:28:70:9a:e1:d0:27:
bf:d0:95:af:ba:ec:f3:d5:65:51:7b:55:75:eb:9f:
b9:09:e0:c9:70:8e:ae:2b:99:31:01:0b:bf:8b:0f:
44:6d:d7:a1:d2:bd:0c:3e:a7:96:a2:51:c5:cc:59:
55:37:d0:e5:e6:de:9a:30:90:7d:5e:a6:1a:30:a8:
85:be:c8:6b:e8:9c:c4:07:8c:78:6a:ee:d3:9e:e2:
19:8c:b1:71:5b:a9:3e:e6:5d:df:13:f1:65:b9:a8:
fa:ac:04:95:22:ea:ed:f4:b7:b6:00:c1:ed:d3:ae:
fc:71:7f:1f:4c:07:e8:71:2b:04:22:57:e5:d4:28:
b3:5b:dc:e6:1c:77:d4:f7:67:d1:e2:61:1f:38:9c:
57:0f:ed:b4:2e:25:44:be:d4:44:5a:54:af:b4:42:
97:30:62:cb:81:8c:5c:1e:bb:19:da:36:8f:ce:22:
d3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E0:21:35:B4:76:4B:EE:F7:3C:80:6C:96:03:C7:D5:63:FF:E3:6E
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/mOAhNbR2S-73PIBslgPH1WP_424.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.216.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:f6:da:1e:8c:95:ff:5e:02:12:4c:bd:65:23:13:cc:83:ae:
0a:05:95:d6:6d:a5:4c:45:1c:af:00:fd:94:c8:5f:cd:33:a6:
9f:7e:52:23:ec:a4:fd:1e:75:52:3b:a1:92:a8:02:59:ae:45:
9c:88:77:1f:5c:60:88:7b:c4:b7:e7:22:8a:21:4e:5d:96:b6:
41:50:53:27:ea:57:0c:c7:a8:df:8b:40:8c:30:78:b4:28:0c:
14:a7:cf:0e:31:fc:c5:6b:e2:d2:31:04:54:a0:94:bc:9e:5e:
14:ac:b1:73:b1:71:5d:c1:23:14:80:af:8f:63:e6:55:84:de:
e8:81:de:c3:75:5e:8b:a1:e7:2c:a4:ef:aa:1a:7a:0c:7f:80:
fc:10:84:72:52:57:a9:8c:98:86:8d:35:ac:50:a5:94:84:69:
35:44:45:e4:1c:e9:58:14:c8:27:cd:63:d6:ef:01:b2:29:81:
0e:4f:f9:b3:02:84:3c:1a:04:3d:25:af:30:38:93:6f:2f:85:
51:e7:cc:c3:ab:d0:c2:17:ec:ae:d9:32:a6:c2:44:77:a6:cd:
82:72:c6:0d:8d:fe:40:a6:79:cd:4c:7f:a6:1c:16:44:8e:89:
4e:01:40:a9:7f:23:25:e0:21:af:b6:c7:69:1d:44:bd:ed:a4:
5b:5a:25:7e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk4RTAyMTM1QjQ3NjRC
RUVGNzNDODA2Qzk2MDNDN0Q1NjNGRkUzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClxyDqPnWO4soKtNAZwMrFAHZ0QFqBlptk/KUArTZAV86EsezW
NKOb0p8z0MTfTLnraUKg7bLBM2GlIGn4qkCLpLIrj6AUy024OqVrOsyCrGDA8ihw
muHQJ7/Qla+67PPVZVF7VXXrn7kJ4Mlwjq4rmTEBC7+LD0Rt16HSvQw+p5aiUcXM
WVU30OXm3powkH1ephowqIW+yGvonMQHjHhq7tOe4hmMsXFbqT7mXd8T8WW5qPqs
BJUi6u30t7YAwe3Trvxxfx9MB+hxKwQiV+XUKLNb3OYcd9T3Z9HiYR84nFcP7bQu
JUS+1ERaVK+0QpcwYsuBjFweuxnaNo/OItOXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUmOAhNbR2S+73PIBslgPH1WP/424wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbU9BaE5iUjJTLTczUElCc2xnUEgx
V1BfNDI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtI/2DAN
BgkqhkiG9w0BAQsFAAOCAQEAGvbaHoyV/14CEky9ZSMTzIOuCgWV1m2lTEUcrwD9
lMhfzTOmn35SI+yk/R51UjuhkqgCWa5FnIh3H1xgiHvEt+ciiiFOXZa2QVBTJ+pX
DMeo34tAjDB4tCgMFKfPDjH8xWvi0jEEVKCUvJ5eFKyxc7FxXcEjFICvj2PmVYTe
6IHew3Vei6HnLKTvqhp6DH+A/BCEclJXqYyYho01rFCllIRpNURF5BzpWBTIJ81j
1u8BsimBDk/5swKEPBoEPSWvMDiTby+FUefMw6vQwhfsrtkypsJEd6bNgnLGDY3+
QKZ5zUx/phwWRI6JTgFAqX8jJeAhr7bHaR1Eve2kW1olfg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org