Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/rSa3NpWdxWYOsSBUhYfpJahS_OY.roa
File: rSa3NpWdxWYOsSBUhYfpJahS_OY.roa (raw, json)
Hash identifier: ftsLvDi1hzuywMFkXSOjGiS+uFTth41zPxgZOk+TK5M=
Subject key identifier: AD:26:B7:36:95:9D:C5:66:0E:B1:20:54:85:87:E9:25:A8:52:FC:E6
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0B8F
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rSa3NpWdxWYOsSBUhYfpJahS_OY.roa
Signing time: Sun 07 Feb 2021 11:33:12 +0000
ROA not before: Sun 07 Feb 2021 11:33:12 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 103.36.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2959 (0xb8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:33:12 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=AD26B736959DC5660EB120548587E925A852FCE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f5:22:14:67:1a:40:2c:4d:5d:06:b0:5a:f7:
9b:57:bb:40:7a:f9:68:63:c2:1e:93:d1:e7:7e:53:
96:2c:b6:94:09:86:2b:b3:8c:a7:ad:8a:3b:b9:e6:
48:bb:c3:e3:9a:59:84:36:c2:df:21:53:ca:0d:af:
d8:55:e1:bd:a3:ef:83:8b:47:c1:78:41:f7:70:3e:
9f:8d:53:32:82:74:cc:d9:c8:94:32:31:5f:09:80:
3e:92:c5:21:6f:1b:b5:1c:e6:80:d8:af:cd:f3:d1:
bd:21:60:23:98:97:7d:80:a2:29:d7:8d:25:62:7f:
b5:5d:b3:bd:da:82:23:d0:46:71:ad:e4:38:d9:c4:
b0:3d:5b:53:c3:06:99:41:be:92:a0:22:3f:9c:fb:
95:61:8d:81:65:9b:8d:2d:b9:d9:eb:fa:d2:b5:b5:
dd:45:83:29:d9:bd:f9:03:3c:c0:52:e4:18:f9:1f:
a7:98:86:ad:21:d8:d4:59:b9:46:10:ca:a5:a4:03:
da:66:ad:0f:f6:f8:a9:71:43:d5:45:bc:e3:5a:cc:
30:59:b5:80:fb:f6:0e:cd:b4:fc:17:26:36:84:ee:
a9:9c:c8:1a:84:2e:0d:48:28:97:8e:8f:05:e5:2b:
cf:3a:68:9e:5d:db:cf:4f:fa:ea:96:53:7e:e0:6a:
03:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:26:B7:36:95:9D:C5:66:0E:B1:20:54:85:87:E9:25:A8:52:FC:E6
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rSa3NpWdxWYOsSBUhYfpJahS_OY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.116.0/22
Signature Algorithm: sha256WithRSAEncryption
72:b4:d5:5f:b4:97:51:7e:55:47:2c:18:95:5d:ac:3d:d9:d5:
12:8f:6b:db:c1:ea:42:f2:d3:e0:8d:5e:87:5f:a2:01:30:ce:
f9:61:e7:35:74:6f:4c:1c:dc:57:85:02:ae:e5:bd:97:d0:83:
f7:15:62:74:97:23:93:7f:bc:5b:e6:9d:c6:be:ce:1a:c6:1d:
d9:a1:de:d7:f8:99:67:75:c3:75:8d:0f:66:67:eb:4e:31:6b:
fd:80:f1:21:47:ad:fa:8e:2c:2f:30:ee:a2:e3:63:97:50:9f:
bf:3b:b9:6c:f6:16:1a:89:1b:74:28:3e:e4:42:23:ac:4b:aa:
45:52:76:31:9c:e8:b7:42:ee:4a:7c:c0:35:bb:8e:eb:6e:89:
80:1d:62:a8:b7:1a:eb:c2:05:e2:0f:29:ba:4c:93:cc:c5:00:
5c:5c:d9:96:f3:f0:0d:7a:2a:e1:c6:22:e0:45:f6:69:1f:84:
ea:19:e8:9c:73:1d:de:6b:6e:61:05:6a:6e:aa:66:d6:bf:0d:
a7:06:37:f1:69:5c:47:29:85:ee:78:5e:dc:0a:d7:36:9a:e5:
d5:c8:78:e5:73:97:25:da:88:ac:2f:7c:c9:5f:27:10:9f:a6:
dd:26:49:5e:52:91:4e:74:18:d4:2f:5b:87:ae:de:88:7d:9b:
4d:64:79:61
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTMzMTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFEMjZCNzM2OTU5REM1
NjYwRUIxMjA1NDg1ODdFOTI1QTg1MkZDRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT9SIUZxpALE1dBrBa95tXu0B6+Whjwh6T0ed+U5YstpQJhiuz
jKetiju55ki7w+OaWYQ2wt8hU8oNr9hV4b2j74OLR8F4QfdwPp+NUzKCdMzZyJQy
MV8JgD6SxSFvG7Uc5oDYr83z0b0hYCOYl32AoinXjSVif7Vds73agiPQRnGt5DjZ
xLA9W1PDBplBvpKgIj+c+5VhjYFlm40tudnr+tK1td1FgynZvfkDPMBS5Bj5H6eY
hq0h2NRZuUYQyqWkA9pmrQ/2+KlxQ9VFvONazDBZtYD79g7NtPwXJjaE7qmcyBqE
Lg1IKJeOjwXlK886aJ5d289P+uqWU37gagO/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUrSa3NpWdxWYOsSBUhYfpJahS/OYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvclNhM05wV2R4V1lPc1NCVWhZZnBK
YWhTX09ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmckdDAN
BgkqhkiG9w0BAQsFAAOCAQEAcrTVX7SXUX5VRywYlV2sPdnVEo9r28HqQvLT4I1e
h1+iATDO+WHnNXRvTBzcV4UCruW9l9CD9xVidJcjk3+8W+adxr7OGsYd2aHe1/iZ
Z3XDdY0PZmfrTjFr/YDxIUet+o4sLzDuouNjl1Cfvzu5bPYWGokbdCg+5EIjrEuq
RVJ2MZzot0LuSnzANbuO626JgB1iqLca68IF4g8pukyTzMUAXFzZlvPwDXoq4cYi
4EX2aR+E6hnonHMd3mtuYQVqbqpm1r8NpwY38WlcRymF7nhe3ArXNprl1ch45XOX
JdqIrC98yV8nEJ+m3SZJXlKRTnQY1C9bh67eiH2bTWR5YQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:46 2023 by rpki-client on console-ams.rpki-client.org