Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/oNfHVgnw-92pMC9w-x98oNvIj04.roa
File: oNfHVgnw-92pMC9w-x98oNvIj04.roa (raw, json)
Hash identifier: JyIhoc48gOmoAK6ObmVC8QbEZy3injwBYFzR4n3sH8E=
Subject key identifier: A0:D7:C7:56:09:F0:FB:DD:A9:30:2F:70:FB:1F:7C:A0:DB:C8:8F:4E
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 096A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oNfHVgnw-92pMC9w-x98oNvIj04.roa
Signing time: Tue 29 Sep 2020 10:01:48 +0000
ROA not before: Tue 29 Sep 2020 10:01:48 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 202.178.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2410 (0x96a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:48 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A0D7C75609F0FBDDA9302F70FB1F7CA0DBC88F4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c8:1f:84:07:44:50:34:ee:79:0e:61:14:5b:
a1:db:5e:3b:89:a7:7f:8c:c7:f9:40:48:ba:98:85:
e9:88:4e:ff:a6:80:db:db:4a:db:36:5e:1b:4c:a9:
02:2e:29:d1:86:0d:53:fd:f7:01:47:2f:f3:d7:bc:
d9:6e:06:96:f0:e7:ed:93:4f:95:af:18:a2:a2:85:
89:28:d9:78:b2:be:29:aa:e1:a5:41:5a:1a:34:9f:
49:29:29:fe:d2:c9:93:68:73:83:af:2f:2a:d2:e4:
0d:0e:7a:d3:95:8d:b7:21:77:5b:0b:69:58:45:2f:
d4:90:41:ab:bc:42:b1:e3:dd:47:73:fa:59:7e:5e:
c1:c4:9f:14:3f:4c:67:63:45:3c:2f:6b:28:34:35:
44:36:57:e1:61:79:fa:64:13:86:bf:64:ee:14:b3:
20:b1:73:5c:a4:79:5a:f3:98:9c:52:35:e8:0c:97:
4f:66:cb:fa:0a:ed:23:18:f7:91:85:a3:2c:4d:cf:
b6:2f:60:54:40:9d:35:06:cf:fd:99:99:da:ec:27:
bb:dc:de:8b:00:5c:c8:2c:8f:80:07:26:32:15:c4:
42:86:11:01:db:8a:00:6e:c8:e0:11:3b:8f:88:17:
b1:c1:80:dd:c3:52:62:99:3c:42:c2:ed:b7:ab:e6:
60:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D7:C7:56:09:F0:FB:DD:A9:30:2F:70:FB:1F:7C:A0:DB:C8:8F:4E
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oNfHVgnw-92pMC9w-x98oNvIj04.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.178.180.0/22
Signature Algorithm: sha256WithRSAEncryption
20:61:d0:6b:8b:be:5c:b0:3d:e3:10:6b:ea:3f:26:ce:b2:f1:
4e:a9:af:74:38:a6:d9:b6:66:c3:e5:a6:24:fb:9c:54:90:cf:
97:e7:50:62:fe:18:81:9f:e1:f7:22:f6:4c:0f:00:10:20:df:
19:49:15:0d:6c:bd:3a:35:ab:a7:3a:c9:7b:05:ee:84:b3:6b:
a2:6c:03:4d:78:dc:f7:2b:64:12:0e:0f:11:9f:7a:6b:20:b0:
27:dc:4d:c7:8f:26:18:f5:c9:0f:3f:9e:9f:33:39:65:3d:5d:
99:73:98:f9:49:c9:9d:35:7f:f4:d1:3e:f1:12:8c:fc:d6:10:
28:c3:c0:58:95:be:e2:de:43:85:ed:1f:a3:46:c8:03:d8:3a:
97:77:70:d1:d4:a4:54:01:c0:68:8b:f1:33:7e:44:3c:26:03:
8f:d7:73:e3:bf:94:bf:3e:46:b3:8a:58:1b:17:51:50:1e:82:
9b:8f:aa:5e:93:47:f6:d6:c4:3c:fc:82:4f:37:4e:96:a8:f8:
96:5a:b3:fb:1f:d5:42:22:b4:eb:02:0e:ed:42:30:32:f6:93:
e6:0e:22:cc:6c:4b:37:5c:d0:2e:d9:53:f6:1f:fc:78:10:82:
06:38:ae:07:b8:4e:9a:d2:7e:ff:19:93:c8:25:94:b7:10:00:
7e:b4:68:3f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEEwRDdDNzU2MDlGMEZC
RERBOTMwMkY3MEZCMUY3Q0EwREJDODhGNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxyB+EB0RQNO55DmEUW6HbXjuJp3+Mx/lASLqYhemITv+mgNvb
Sts2XhtMqQIuKdGGDVP99wFHL/PXvNluBpbw5+2TT5WvGKKihYko2Xiyvimq4aVB
Who0n0kpKf7SyZNoc4OvLyrS5A0OetOVjbchd1sLaVhFL9SQQau8QrHj3Udz+ll+
XsHEnxQ/TGdjRTwvayg0NUQ2V+FhefpkE4a/ZO4UsyCxc1ykeVrzmJxSNegMl09m
y/oK7SMY95GFoyxNz7YvYFRAnTUGz/2ZmdrsJ7vc3osAXMgsj4AHJjIVxEKGEQHb
igBuyOARO4+IF7HBgN3DUmKZPELC7ber5mCRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUoNfHVgnw+92pMC9w+x98oNvIj04wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvb05mSFZnbnctOTJwTUM5dy14OThv
TnZJajA0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsqytDAN
BgkqhkiG9w0BAQsFAAOCAQEAIGHQa4u+XLA94xBr6j8mzrLxTqmvdDim2bZmw+Wm
JPucVJDPl+dQYv4YgZ/h9yL2TA8AECDfGUkVDWy9OjWrpzrJewXuhLNromwDTXjc
9ytkEg4PEZ96ayCwJ9xNx48mGPXJDz+enzM5ZT1dmXOY+UnJnTV/9NE+8RKM/NYQ
KMPAWJW+4t5Dhe0fo0bIA9g6l3dw0dSkVAHAaIvxM35EPCYDj9dz47+Uvz5Gs4pY
GxdRUB6Cm4+qXpNH9tbEPPyCTzdOlqj4llqz+x/VQiK06wIO7UIwMvaT5g4izGxL
N1zQLtlT9h/8eBCCBjiuB7hOmtJ+/xmTyCWUtxAAfrRoPw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org