Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ovp9Wb-fCcO3rR4lmVGiByJ6GNQ.roa
File: ovp9Wb-fCcO3rR4lmVGiByJ6GNQ.roa (raw, json)
Hash identifier: kLGbT7uKylsZMdAZc62hIQdMkGKbv79oQq43m8n2UfY=
Subject key identifier: A2:FA:7D:59:BF:9F:09:C3:B7:AD:1E:25:99:51:A2:07:22:7A:18:D4
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E16
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ovp9Wb-fCcO3rR4lmVGiByJ6GNQ.roa
Signing time: Wed 29 Sep 2021 02:39:57 +0000
ROA not before: Wed 29 Sep 2021 02:39:57 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131142
IP address blocks: 223.22.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3606 (0xe16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:57 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A2FA7D59BF9F09C3B7AD1E259951A207227A18D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0c:56:ce:47:0c:62:43:46:b3:39:a6:fb:ff:
f7:2a:32:e0:3e:5d:71:95:ba:84:1d:35:2d:3e:28:
4d:7d:d1:9b:56:87:8b:69:b7:68:16:0b:4d:ad:25:
20:95:fe:ab:47:14:35:c2:61:59:a2:ac:ac:10:d3:
7e:36:d9:ad:0c:1f:10:96:cc:d4:cf:c8:99:c6:13:
96:b5:c1:a0:c1:ab:7b:9a:ea:a3:80:cc:58:74:76:
7f:c7:62:22:40:83:56:07:f4:8e:f6:41:39:5f:2f:
ce:15:96:9b:98:ea:79:36:8f:21:a3:3e:6e:40:60:
38:33:4e:df:8d:63:a0:5e:a7:e7:f3:5a:94:0f:8f:
73:72:64:5d:9f:51:b5:35:13:f8:ee:72:17:15:02:
d9:e1:6d:ae:9e:6a:95:7e:46:26:7c:42:23:ca:69:
ef:19:60:a5:0f:49:8f:7e:27:a6:d7:25:ad:ed:39:
bd:d5:09:8a:91:9b:52:c2:c1:6c:f4:7b:7d:05:f0:
77:f7:bd:7e:2f:26:5f:69:81:37:ef:e8:3e:35:80:
4e:5f:5c:3c:92:e7:81:b3:e8:32:b7:0e:c8:5a:37:
15:e2:47:db:fc:e3:3d:a3:c5:c1:51:e2:5a:a4:3f:
a8:00:c9:95:22:39:b2:be:fd:66:c6:ba:bc:3a:a2:
db:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:FA:7D:59:BF:9F:09:C3:B7:AD:1E:25:99:51:A2:07:22:7A:18:D4
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ovp9Wb-fCcO3rR4lmVGiByJ6GNQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.254.0/24
Signature Algorithm: sha256WithRSAEncryption
53:19:93:a3:29:06:23:7d:e3:bd:34:b1:2c:82:1c:61:c5:db:
8a:62:85:24:0f:64:93:5b:6a:ad:07:a2:5c:45:3e:0b:c6:34:
f9:cb:86:bb:9b:41:25:4d:83:bb:b3:a3:18:2b:cb:d9:f4:73:
46:cc:f5:a5:20:6a:b0:cb:c8:49:0c:a2:0b:f7:48:dd:27:fb:
46:3a:f2:1c:a3:f9:36:bf:46:d3:45:c3:e7:28:0d:e1:d9:f4:
0d:a9:7f:a6:21:f8:4f:8d:e6:56:ab:54:3c:3b:80:f2:ec:07:
29:c7:03:63:53:45:44:e1:71:59:c4:31:72:6c:f1:0a:8e:bb:
13:e5:b8:56:64:2b:69:51:29:07:7f:62:bf:4a:22:21:07:48:
a3:cb:07:46:fc:30:d3:3c:2b:2e:18:92:6d:21:b7:91:89:32:
fd:c7:87:fd:4b:fc:96:98:ea:4a:94:fd:a8:cc:6f:ea:10:1c:
b0:de:7a:b5:f8:0b:bc:d8:81:89:e0:59:26:74:d5:a7:37:02:
5f:00:98:ad:d4:c2:34:f2:ce:8c:b9:c6:d2:14:09:bf:30:92:
75:2e:ea:0e:88:c7:5e:6f:ef:6d:d5:85:62:c3:5a:d5:6b:d2:
a5:10:ba:76:cd:88:52:d4:98:01:dd:cb:a2:22:a8:ac:c8:75:
27:c1:2e:cd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEyRkE3RDU5QkY5RjA5
QzNCN0FEMUUyNTk5NTFBMjA3MjI3QTE4RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvDFbORwxiQ0azOab7//cqMuA+XXGVuoQdNS0+KE190ZtWh4tp
t2gWC02tJSCV/qtHFDXCYVmirKwQ03422a0MHxCWzNTPyJnGE5a1waDBq3ua6qOA
zFh0dn/HYiJAg1YH9I72QTlfL84VlpuY6nk2jyGjPm5AYDgzTt+NY6Bep+fzWpQP
j3NyZF2fUbU1E/juchcVAtnhba6eapV+RiZ8QiPKae8ZYKUPSY9+J6bXJa3tOb3V
CYqRm1LCwWz0e30F8Hf3vX4vJl9pgTfv6D41gE5fXDyS54Gz6DK3DshaNxXiR9v8
4z2jxcFR4lqkP6gAyZUiObK+/WbGurw6otuxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUovp9Wb+fCcO3rR4lmVGiByJ6GNQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvb3ZwOVdiLWZDY08zclI0bG1WR2lC
eUo2R05RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8W/jAN
BgkqhkiG9w0BAQsFAAOCAQEAUxmToykGI33jvTSxLIIcYcXbimKFJA9kk1tqrQei
XEU+C8Y0+cuGu5tBJU2Du7OjGCvL2fRzRsz1pSBqsMvISQyiC/dI3Sf7RjryHKP5
Nr9G00XD5ygN4dn0Dal/piH4T43mVqtUPDuA8uwHKccDY1NFROFxWcQxcmzxCo67
E+W4VmQraVEpB39iv0oiIQdIo8sHRvww0zwrLhiSbSG3kYky/ceH/Uv8lpjqSpT9
qMxv6hAcsN56tfgLvNiBieBZJnTVpzcCXwCYrdTCNPLOjLnG0hQJvzCSdS7qDojH
Xm/vbdWFYsNa1WvSpRC6ds2IUtSYAd3LoiKorMh1J8EuzQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org