Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/n_KQAWBJiIysOptTkhgkARkBgR8.roa
File: n_KQAWBJiIysOptTkhgkARkBgR8.roa (raw, json)
Hash identifier: 8AH8hbXWkl7wWyE8IzPKMUEvhZZKEuJ5RzrRjyqHZ6U=
Subject key identifier: 9F:F2:90:01:60:49:88:8C:AC:3A:9B:53:92:18:24:01:19:01:81:1F
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E0C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/n_KQAWBJiIysOptTkhgkARkBgR8.roa
Signing time: Wed 29 Sep 2021 02:39:54 +0000
ROA not before: Wed 29 Sep 2021 02:39:54 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24154
IP address blocks: 222.156.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3596 (0xe0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:54 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9FF290016049888CAC3A9B53921824011901811F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9b:6e:e7:8c:a2:e3:4a:6e:94:2f:5f:f2:a2:
73:0e:ac:e1:80:b8:f8:55:b0:b4:46:05:66:25:73:
0c:ef:f1:1c:f3:f4:9a:fa:f5:48:24:8d:55:b7:8d:
9c:51:16:fe:f9:01:7b:e9:d3:a1:65:b0:36:6b:56:
6b:50:31:5a:86:02:3b:47:37:2a:f0:81:f7:4f:eb:
20:18:31:89:6b:0c:4c:6a:29:aa:83:31:c1:3f:59:
db:da:92:3a:16:b8:d5:f3:62:c7:ee:81:92:58:60:
ac:0f:3e:ca:f6:3e:57:5e:2e:bd:35:ff:39:57:b9:
b9:32:c4:3f:46:59:6c:e0:7e:c4:63:64:26:ac:df:
59:0b:cd:bd:85:00:c1:74:12:9f:97:8e:2f:03:2a:
57:bb:fb:a7:0c:9b:10:a3:73:00:55:19:6d:7e:1c:
ed:ea:58:a1:06:b8:35:fd:ee:b2:b2:53:ed:29:8f:
cc:88:8c:72:85:7d:e0:4d:e6:8b:84:ae:67:14:a7:
b3:51:82:dd:94:7b:07:a3:c4:40:07:46:66:46:0c:
28:f8:be:94:2e:0e:ba:b9:5b:1e:8f:fa:2a:7f:9c:
dd:3a:5a:ea:a2:74:54:eb:2d:63:62:37:30:cd:09:
da:39:04:53:34:31:d6:8a:5b:98:8b:83:4c:02:e4:
6d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F2:90:01:60:49:88:8C:AC:3A:9B:53:92:18:24:01:19:01:81:1F
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/n_KQAWBJiIysOptTkhgkARkBgR8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.156.254.0/24
Signature Algorithm: sha256WithRSAEncryption
28:60:51:30:d1:05:11:ab:c1:3f:fb:38:38:64:29:74:26:0c:
30:0c:38:83:a6:86:41:78:05:a1:d5:40:1a:41:14:dd:20:0e:
a7:85:e1:b4:49:57:e0:82:00:e0:20:e9:1e:cb:63:01:ec:c0:
78:5a:41:96:8b:b0:92:fb:ae:de:68:55:25:e0:52:ba:b5:5d:
bb:b5:c9:e4:68:70:6c:2c:45:a3:5b:f8:93:e8:74:32:20:08:
dd:7c:53:36:47:09:d9:96:a7:af:9b:ec:b6:69:24:f9:4f:53:
84:d0:90:03:33:47:9a:d2:c7:8b:3f:a0:55:89:3e:81:e6:cf:
18:cc:a9:53:c6:0d:18:53:27:ea:c7:74:47:bb:18:5c:14:fa:
55:97:25:85:8d:7b:ad:40:90:a7:aa:20:0c:d1:b9:6e:c1:84:
92:b5:0c:c1:5b:4b:6f:4d:43:86:52:de:d0:36:7e:39:fc:f1:
86:25:78:09:ba:a7:bf:2f:d2:02:dc:04:a5:54:c7:2c:5b:91:
64:d5:cf:cc:9e:b3:7a:b0:20:a6:d6:23:72:47:a6:ca:5a:2d:
67:d8:6a:a7:70:0b:b1:af:f4:6a:aa:7b:a3:62:5e:2e:9c:b7:
63:16:be:6c:b7:a4:d8:b1:20:be:40:db:0e:5f:30:17:53:45:
91:f0:69:a5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlGRjI5MDAxNjA0OTg4
OENBQzNBOUI1MzkyMTgyNDAxMTkwMTgxMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGm27njKLjSm6UL1/yonMOrOGAuPhVsLRGBWYlcwzv8Rzz9Jr6
9UgkjVW3jZxRFv75AXvp06FlsDZrVmtQMVqGAjtHNyrwgfdP6yAYMYlrDExqKaqD
McE/WdvakjoWuNXzYsfugZJYYKwPPsr2PldeLr01/zlXubkyxD9GWWzgfsRjZCas
31kLzb2FAMF0Ep+Xji8DKle7+6cMmxCjcwBVGW1+HO3qWKEGuDX97rKyU+0pj8yI
jHKFfeBN5ouErmcUp7NRgt2UewejxEAHRmZGDCj4vpQuDrq5Wx6P+ip/nN06Wuqi
dFTrLWNiNzDNCdo5BFM0MdaKW5iLg0wC5G27AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUn/KQAWBJiIysOptTkhgkARkBgR8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbl9LUUFXQkppSXlzT3B0VGtoZ2tB
UmtCZ1I4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN6c/jAN
BgkqhkiG9w0BAQsFAAOCAQEAKGBRMNEFEavBP/s4OGQpdCYMMAw4g6aGQXgFodVA
GkEU3SAOp4XhtElX4IIA4CDpHstjAezAeFpBlouwkvuu3mhVJeBSurVdu7XJ5Ghw
bCxFo1v4k+h0MiAI3XxTNkcJ2Zanr5vstmkk+U9ThNCQAzNHmtLHiz+gVYk+gebP
GMypU8YNGFMn6sd0R7sYXBT6VZclhY17rUCQp6ogDNG5bsGEkrUMwVtLb01DhlLe
0DZ+OfzxhiV4Cbqnvy/SAtwEpVTHLFuRZNXPzJ6zerAgptYjckemylotZ9hqp3AL
sa/0aqp7o2JeLpy3Yxa+bLek2LEgvkDbDl8wF1NFkfBppQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:46 2023 by rpki-client on console-ams.rpki-client.org