Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/qPSugToPmTT1B0fDLOebe1HOTsU.roa
File: qPSugToPmTT1B0fDLOebe1HOTsU.roa (raw, json)
Hash identifier: MS0+HxzeiSHR/vovPEoMEDT/Q6j5bxPaJ0vUM23CYsE=
Subject key identifier: A8:F4:AE:81:3A:0F:99:34:F5:07:47:C3:2C:E7:9B:7B:51:CE:4E:C5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DEE
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/qPSugToPmTT1B0fDLOebe1HOTsU.roa
Signing time: Wed 29 Sep 2021 02:39:45 +0000
ROA not before: Wed 29 Sep 2021 02:39:45 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7482
IP address blocks: 210.202.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3566 (0xdee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:45 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A8F4AE813A0F9934F50747C32CE79B7B51CE4EC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a9:d0:92:02:1b:e0:08:4f:67:22:c5:44:f8:
89:66:ae:4b:de:15:0c:7e:07:ab:8b:be:05:ea:be:
08:c3:9e:8b:1d:28:57:9a:3e:9f:c2:f8:b2:fd:e3:
bf:4e:18:be:df:d1:df:aa:a3:9c:7d:a8:29:c1:89:
10:46:db:a0:cc:40:3f:b9:53:d3:67:9c:60:94:96:
07:ad:a1:aa:f3:2a:95:8d:2b:f8:d0:bd:6e:de:f4:
1a:65:60:73:15:18:5e:0e:bf:d8:0c:24:a6:20:18:
51:e3:0c:41:e3:f6:1a:32:ad:c3:d3:f8:43:78:e9:
af:58:3b:eb:e3:ae:4f:c7:56:c6:86:4a:02:26:aa:
cf:f6:b7:e1:7a:89:66:b0:09:8b:03:c9:57:6b:18:
14:f3:88:17:81:46:4f:44:62:41:20:e4:9c:bf:09:
e7:27:8d:61:cc:a1:30:8a:e2:58:72:f8:d8:9d:b5:
c7:e6:f2:1d:0b:77:94:b0:63:36:00:ed:f0:24:28:
b2:13:be:6a:c3:d5:0a:d9:db:77:dc:e2:a9:23:e6:
36:f6:ce:c5:a8:98:19:d9:50:c5:b9:b8:4a:29:a8:
62:e6:1f:b6:88:d0:a2:81:89:17:5f:13:fe:c9:ea:
9b:86:01:53:4d:e4:65:94:2b:a7:95:7e:65:a3:c6:
b1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F4:AE:81:3A:0F:99:34:F5:07:47:C3:2C:E7:9B:7B:51:CE:4E:C5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/qPSugToPmTT1B0fDLOebe1HOTsU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4d:6c:f3:ed:4c:df:35:56:ed:1b:bd:11:da:7b:44:1e:e2:ce:
98:aa:06:22:cb:f7:ae:ac:f1:02:01:9a:98:e1:ae:cb:2f:83:
e7:2c:60:39:ec:49:eb:71:b6:99:d5:e2:43:cb:d4:9b:f0:4c:
d8:7d:3d:56:95:9a:d2:2c:1a:03:b0:f9:08:fb:32:2b:9b:d8:
56:4d:c6:9e:cf:4c:47:45:c8:5e:9a:99:2c:47:4a:88:44:c3:
5a:e7:ae:58:6c:1e:c7:cf:73:da:4c:11:4c:9e:33:72:a6:86:
6f:73:6c:2e:9f:7e:fc:27:1c:60:f1:84:fa:28:53:8a:14:45:
68:34:24:4b:44:38:d7:da:35:ae:7f:6b:de:25:2a:1c:19:63:
45:69:da:97:a4:c9:c3:9b:83:9a:5d:84:1b:32:0f:fb:be:4b:
17:5b:31:ac:1e:f6:1f:3b:fd:f7:43:65:40:cd:a3:f1:ff:c5:
30:4d:f1:d7:be:b1:6b:07:94:a9:e2:71:52:77:d0:8c:9d:e1:
f8:c0:db:97:c1:a7:4a:b9:14:95:66:4a:b5:6c:63:23:33:eb:
c6:6d:e5:8f:40:9f:d3:1d:25:64:92:7b:2a:f3:13:28:77:2a:
5e:e3:b9:cf:05:34:71:96:17:35:1b:22:94:b2:44:56:67:cd:
56:d7:23:dc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEE4RjRBRTgxM0EwRjk5
MzRGNTA3NDdDMzJDRTc5QjdCNTFDRTRFQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDqdCSAhvgCE9nIsVE+IlmrkveFQx+B6uLvgXqvgjDnosdKFea
Pp/C+LL9479OGL7f0d+qo5x9qCnBiRBG26DMQD+5U9NnnGCUlgetoarzKpWNK/jQ
vW7e9BplYHMVGF4Ov9gMJKYgGFHjDEHj9hoyrcPT+EN46a9YO+vjrk/HVsaGSgIm
qs/2t+F6iWawCYsDyVdrGBTziBeBRk9EYkEg5Jy/CecnjWHMoTCK4lhy+Nidtcfm
8h0Ld5SwYzYA7fAkKLITvmrD1QrZ23fc4qkj5jb2zsWomBnZUMW5uEopqGLmH7aI
0KKBiRdfE/7J6puGAVNN5GWUK6eVfmWjxrETAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqPSugToPmTT1B0fDLOebe1HOTsUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcVBTdWdUb1BtVFQxQjBmRExPZWJl
MUhPVHNVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLKgDAN
BgkqhkiG9w0BAQsFAAOCAQEATWzz7UzfNVbtG70R2ntEHuLOmKoGIsv3rqzxAgGa
mOGuyy+D5yxgOexJ63G2mdXiQ8vUm/BM2H09VpWa0iwaA7D5CPsyK5vYVk3Gns9M
R0XIXpqZLEdKiETDWueuWGwex89z2kwRTJ4zcqaGb3NsLp9+/CccYPGE+ihTihRF
aDQkS0Q419o1rn9r3iUqHBljRWnal6TJw5uDml2EGzIP+75LF1sxrB72Hzv990Nl
QM2j8f/FME3x176xaweUqeJxUnfQjJ3h+MDbl8GnSrkUlWZKtWxjIzPrxm3lj0Cf
0x0lZJJ7KvMTKHcqXuO5zwU0cZYXNRsilLJEVmfNVtcj3A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:46 2023 by rpki-client on console-ams.rpki-client.org