Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/oFAtyMqZYNQMh456h2fFnOPO6cc.roa
File: oFAtyMqZYNQMh456h2fFnOPO6cc.roa (raw, json)
Hash identifier: LdW7wfd+kx9fcqeROnQrJRMqgora4/l56wj/l2O85ZQ=
Subject key identifier: A0:50:2D:C8:CA:99:60:D4:0C:87:8E:7A:87:67:C5:9C:E3:CE:E9:C7
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DE1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oFAtyMqZYNQMh456h2fFnOPO6cc.roa
Signing time: Wed 29 Sep 2021 02:39:40 +0000
ROA not before: Wed 29 Sep 2021 02:39:40 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 210.201.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3553 (0xde1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:40 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A0502DC8CA9960D40C878E7A8767C59CE3CEE9C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:56:db:46:58:b7:39:7f:c2:b5:d8:7d:31:
64:e4:67:58:f8:ca:a0:99:df:85:73:5e:cb:35:6a:
11:c8:63:f3:48:6e:5d:2a:32:9a:8c:02:f1:4c:21:
7b:3b:f7:49:5a:05:16:38:d0:84:22:5a:a6:ac:60:
06:55:d7:4f:de:89:09:52:2a:a4:98:de:ed:4b:54:
1b:98:dd:a5:3a:97:00:71:d9:3f:fb:56:27:f3:6f:
8f:8f:9a:56:26:95:f4:e0:2b:ad:08:78:ee:7e:db:
8f:5e:66:c8:34:bb:14:45:ec:29:0c:30:df:ac:d9:
db:61:e7:4c:62:aa:76:0f:6b:76:93:bd:8f:42:97:
c8:79:0f:f0:3d:c1:62:d6:4a:3c:dd:e0:fd:ac:7d:
85:eb:03:26:b2:b3:f4:ce:63:99:a8:91:2d:30:23:
74:8f:37:83:48:1f:08:d2:90:25:43:f0:9a:17:66:
ce:8d:59:0e:e3:17:b0:71:bc:35:d3:39:89:8d:82:
36:99:e2:02:d7:82:8c:7e:e4:5e:1f:6f:1c:fc:c0:
cb:5c:73:f5:8e:ec:09:a6:72:39:aa:e6:4d:33:2d:
ca:dd:d7:83:31:2c:e4:27:45:61:a0:30:e0:3a:6d:
da:ef:34:51:d0:44:bb:5d:51:08:72:bf:a0:28:51:
ac:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:50:2D:C8:CA:99:60:D4:0C:87:8E:7A:87:67:C5:9C:E3:CE:E9:C7
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oFAtyMqZYNQMh456h2fFnOPO6cc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.78.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:0b:70:87:7c:7a:6b:81:e8:70:3d:1a:2f:db:e3:82:23:a2:
8c:e5:d1:b5:11:15:46:81:e7:12:aa:50:55:f5:22:65:1f:1f:
8a:e5:2a:db:c1:74:c9:d4:24:87:e3:ea:0f:67:dc:63:10:d6:
0a:8f:b8:46:bb:2b:29:35:3c:a0:c6:80:45:7a:fb:ab:c8:ac:
d7:c9:f6:e7:7d:44:ee:a9:34:99:47:bb:b7:46:d2:f8:98:88:
7e:62:1c:c7:4a:fd:50:57:1f:92:15:c5:81:3b:19:7d:e9:70:
e5:27:47:ed:8b:e5:ba:63:f1:21:1f:11:66:6b:93:6c:03:0c:
d4:6f:9b:cb:eb:f3:1f:d4:9b:99:4e:ea:1b:9c:74:34:a9:5f:
20:33:96:ca:57:1a:b4:fe:72:ef:e5:70:c9:a4:eb:48:ba:ab:
d5:55:e6:73:c4:37:3e:e4:60:40:ff:c2:83:d1:68:64:5b:93:
25:9b:ab:c4:3d:a1:8d:53:9d:f7:02:2d:35:ff:77:9f:57:bc:
48:d7:9b:5a:04:6d:93:b8:16:42:9b:d6:1b:e5:31:a6:6c:6f:
2d:af:61:11:a6:87:b6:4c:fc:32:42:73:aa:4a:5c:e7:f1:02:
38:9c:01:2d:b7:54:a6:2b:6e:46:6d:55:cc:6c:d4:f2:28:16:
4f:cb:2f:24
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEwNTAyREM4Q0E5OTYw
RDQwQzg3OEU3QTg3NjdDNTlDRTNDRUU5QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC53VbbRli3OX/Ctdh9MWTkZ1j4yqCZ34VzXss1ahHIY/NIbl0q
MpqMAvFMIXs790laBRY40IQiWqasYAZV10/eiQlSKqSY3u1LVBuY3aU6lwBx2T/7
Vifzb4+PmlYmlfTgK60IeO5+249eZsg0uxRF7CkMMN+s2dth50xiqnYPa3aTvY9C
l8h5D/A9wWLWSjzd4P2sfYXrAyays/TOY5mokS0wI3SPN4NIHwjSkCVD8JoXZs6N
WQ7jF7BxvDXTOYmNgjaZ4gLXgox+5F4fbxz8wMtcc/WO7Ammcjmq5k0zLcrd14Mx
LOQnRWGgMOA6bdrvNFHQRLtdUQhyv6AoUaxrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUoFAtyMqZYNQMh456h2fFnOPO6ccwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvb0ZBdHlNcVpZTlFNaDQ1NmgyZkZu
T1BPNmNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANLJTjAN
BgkqhkiG9w0BAQsFAAOCAQEAKwtwh3x6a4HocD0aL9vjgiOijOXRtREVRoHnEqpQ
VfUiZR8fiuUq28F0ydQkh+PqD2fcYxDWCo+4RrsrKTU8oMaARXr7q8is18n2531E
7qk0mUe7t0bS+JiIfmIcx0r9UFcfkhXFgTsZfelw5SdH7YvlumPxIR8RZmuTbAMM
1G+by+vzH9SbmU7qG5x0NKlfIDOWylcatP5y7+VwyaTrSLqr1VXmc8Q3PuRgQP/C
g9FoZFuTJZurxD2hjVOd9wItNf93n1e8SNebWgRtk7gWQpvWG+UxpmxvLa9hEaaH
tkz8MkJzqkpc5/ECOJwBLbdUpituRm1VzGzU8igWT8svJA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:46 2023 by rpki-client on console-ams.rpki-client.org