Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/npVfHKZBRed4XF9fF1oyqn6LFhw.roa
File: npVfHKZBRed4XF9fF1oyqn6LFhw.roa (raw, json)
Hash identifier: hTIQ316MV+w2/n3Y28wU8EE9Qv8yxNVMaL/QElw2gSQ=
Subject key identifier: 9E:95:5F:1C:A6:41:45:E7:78:5C:5F:5F:17:5A:32:AA:7E:8B:16:1C
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E23
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/npVfHKZBRed4XF9fF1oyqn6LFhw.roa
Signing time: Wed 29 Sep 2021 02:40:00 +0000
ROA not before: Wed 29 Sep 2021 02:40:00 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9311
IP address blocks: 210.203.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3619 (0xe23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:40:00 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9E955F1CA64145E7785C5F5F175A32AA7E8B161C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ba:cf:bc:e8:f1:1f:02:e6:7c:e9:06:b2:4f:
23:41:0c:3a:66:3c:90:81:65:06:3c:66:ee:fe:66:
8e:f8:6b:3a:10:f9:fd:54:d2:95:d5:cb:44:a3:41:
9a:f7:df:2c:9f:7e:0b:4f:4c:0a:41:b2:6d:28:88:
ab:6d:2d:3f:1e:1c:c0:66:ac:04:61:f0:ef:49:5e:
d0:81:1b:e6:dd:7c:5c:0d:3b:6a:f9:c2:01:a7:14:
26:10:e4:b0:d9:cf:8c:c2:49:b9:27:bd:5b:db:09:
e7:92:90:91:69:42:50:1c:44:93:c9:d8:bb:a9:7e:
9d:5e:55:56:ff:73:32:a9:3d:4b:94:c8:79:bb:df:
16:1d:1b:03:f3:a4:e1:fc:d2:5e:58:35:e7:27:1a:
fb:47:0b:9f:da:ee:a8:cc:4b:1d:3e:71:65:3e:25:
c4:de:45:cd:3c:f4:17:1d:74:58:24:58:23:6f:3b:
72:3e:80:b8:90:aa:26:cc:39:40:43:0b:5b:99:d0:
25:d2:81:ac:af:e8:5c:5b:da:a2:7d:43:6c:5b:90:
d4:9f:c3:2e:ff:81:ec:50:7d:d5:70:26:b5:72:28:
d0:fe:48:6a:96:30:0e:7f:e5:16:d2:4a:1b:99:3d:
a6:96:1e:f7:5a:72:f7:c0:ff:2e:db:e8:ab:5f:ba:
88:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:95:5F:1C:A6:41:45:E7:78:5C:5F:5F:17:5A:32:AA:7E:8B:16:1C
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/npVfHKZBRed4XF9fF1oyqn6LFhw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3b:3e:cb:ba:7c:d6:64:95:dc:1d:d9:80:ed:a1:54:f0:3d:04:
09:2a:10:03:39:8e:75:56:99:6d:bb:18:b6:09:bc:e2:ff:56:
f6:d3:d6:d3:95:6f:55:ec:b6:59:04:e5:dd:e3:43:64:75:15:
81:83:45:b0:1f:3d:f7:23:50:50:31:18:6b:fa:de:69:50:25:
67:66:c4:c5:72:f6:38:1c:4a:63:c8:6c:46:bb:01:93:1b:61:
d3:66:74:d2:07:47:ca:a4:a0:a8:74:9f:36:0d:54:47:7c:3a:
8b:63:88:c6:ce:32:ff:67:0b:f9:96:fe:a9:7a:4d:5d:a6:2c:
ef:29:98:48:be:1c:83:9b:fc:ed:38:ae:1a:e0:b6:ab:a3:8f:
04:9e:8a:f0:76:bd:56:57:f6:02:8e:45:e2:2e:3a:d3:b1:59:
c6:a9:cc:eb:fa:92:26:60:0b:96:50:ba:72:77:2a:e6:d6:78:
25:33:ef:43:91:dc:85:14:5e:a0:56:ba:b9:a8:14:1c:b3:47:
20:9e:19:2f:83:3e:b3:42:21:5f:e7:e4:cb:2d:7f:62:0f:42:
53:21:98:02:81:d7:e1:e5:f3:94:31:89:4d:b8:d6:1d:3f:d2:
92:38:5a:d1:09:cd:18:67:7b:ca:a4:99:23:fa:6c:45:2c:2b:
47:e9:b2:04
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDiMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlFOTU1RjFDQTY0MTQ1
RTc3ODVDNUY1RjE3NUEzMkFBN0U4QjE2MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1us+86PEfAuZ86QayTyNBDDpmPJCBZQY8Zu7+Zo74azoQ+f1U
0pXVy0SjQZr33yyffgtPTApBsm0oiKttLT8eHMBmrARh8O9JXtCBG+bdfFwNO2r5
wgGnFCYQ5LDZz4zCSbknvVvbCeeSkJFpQlAcRJPJ2Lupfp1eVVb/czKpPUuUyHm7
3xYdGwPzpOH80l5YNecnGvtHC5/a7qjMSx0+cWU+JcTeRc089BcddFgkWCNvO3I+
gLiQqibMOUBDC1uZ0CXSgayv6Fxb2qJ9Q2xbkNSfwy7/gexQfdVwJrVyKND+SGqW
MA5/5RbSShuZPaaWHvdacvfA/y7b6KtfuoivAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUnpVfHKZBRed4XF9fF1oyqn6LFhwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbnBWZkhLWkJSZWQ0WEY5ZkYxb3lx
bjZMRmh3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LLADAN
BgkqhkiG9w0BAQsFAAOCAQEAOz7LunzWZJXcHdmA7aFU8D0ECSoQAzmOdVaZbbsY
tgm84v9W9tPW05VvVey2WQTl3eNDZHUVgYNFsB899yNQUDEYa/reaVAlZ2bExXL2
OBxKY8hsRrsBkxth02Z00gdHyqSgqHSfNg1UR3w6i2OIxs4y/2cL+Zb+qXpNXaYs
7ymYSL4cg5v87TiuGuC2q6OPBJ6K8Ha9Vlf2Ao5F4i4607FZxqnM6/qSJmALllC6
cncq5tZ4JTPvQ5HchRReoFa6uagUHLNHIJ4ZL4M+s0IhX+fkyy1/Yg9CUyGYAoHX
4eXzlDGJTbjWHT/Skjha0QnNGGd7yqSZI/psRSwrR+myBA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org