Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/rrYPyH3bKG49ofwuCqKYd1z5cxs.roa
File: rrYPyH3bKG49ofwuCqKYd1z5cxs.roa (raw, json)
Hash identifier: 6rUhnAj2InSXAnz+TvhasgNSexsy8L7lkxBs1ItQ1J4=
Subject key identifier: AE:B6:0F:C8:7D:DB:28:6E:3D:A1:FC:2E:0A:A2:98:77:5C:F9:73:1B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DF3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rrYPyH3bKG49ofwuCqKYd1z5cxs.roa
Signing time: Wed 29 Sep 2021 02:39:47 +0000
ROA not before: Wed 29 Sep 2021 02:39:47 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17709
IP address blocks: 210.203.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3571 (0xdf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:47 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=AEB60FC87DDB286E3DA1FC2E0AA298775CF9731B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:98:d7:6a:c5:b7:e8:2e:a9:1f:1b:26:4c:30:
20:ea:32:1e:02:51:71:6f:58:30:ab:12:b8:d3:bb:
69:35:76:6d:1b:f1:40:eb:09:af:d8:2a:2e:18:f5:
bf:72:eb:24:f6:dc:85:34:56:76:10:6f:ac:1b:14:
76:c2:49:aa:cc:b7:d9:0c:33:29:0f:9e:52:ca:f1:
38:44:c1:49:19:f2:2a:20:fc:7f:f6:9d:ec:d6:4b:
9b:c6:9c:05:4d:5e:46:ba:22:f5:b8:25:46:b4:00:
96:2a:fb:0a:1f:21:96:2a:4e:3a:4b:44:14:8d:42:
f7:89:6c:6c:a4:46:ce:3c:97:1d:12:73:fe:29:de:
9f:3c:f6:7e:d5:48:97:5c:b1:9c:8d:a6:69:f3:7c:
38:73:f6:82:98:9b:9f:c9:f7:6d:74:48:cf:1c:8b:
1d:c9:c2:95:c4:28:2f:6c:9c:f3:17:9f:e1:49:21:
82:04:9f:a5:8a:a1:1d:ec:2c:2e:94:9f:7d:64:9a:
34:0a:26:6b:a6:fe:8b:55:f1:49:21:a5:cb:51:e6:
0c:e0:cc:cf:74:62:6a:f4:12:e5:03:f0:cb:80:44:
21:f0:57:17:94:03:38:0b:a5:29:85:6a:f9:75:4c:
9c:df:38:d6:6b:77:3e:b9:a2:9c:27:34:b9:7b:84:
f6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B6:0F:C8:7D:DB:28:6E:3D:A1:FC:2E:0A:A2:98:77:5C:F9:73:1B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rrYPyH3bKG49ofwuCqKYd1z5cxs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/17
Signature Algorithm: sha256WithRSAEncryption
4c:69:76:37:a1:e4:d1:13:bd:4c:47:97:56:77:1d:22:3c:20:
73:2a:52:09:ae:5a:4a:16:9f:b0:e8:24:35:c7:b2:22:f7:fc:
db:ae:2b:88:3f:6f:1f:51:7d:69:e8:42:0c:d3:16:c6:58:bc:
aa:12:8f:0c:0e:d6:ca:97:7f:9d:62:fe:b3:17:50:4a:51:c4:
a9:cb:c2:b9:5d:cc:66:7f:61:9c:ed:e1:d5:35:69:c7:6b:cd:
cc:1a:6e:56:8a:fe:b5:2a:63:b9:5c:d1:3d:f8:57:a9:55:85:
09:70:27:d8:f1:d4:af:5f:52:df:d4:58:63:65:23:f8:8e:de:
bc:55:d9:18:26:cf:21:6d:80:d2:e4:c0:8b:dc:df:04:7c:74:
04:5e:f4:b1:5b:27:8b:f1:b8:3f:1b:71:d4:02:52:c7:bd:46:
29:04:46:28:9e:1b:65:22:4d:71:98:b2:ac:d9:65:99:0d:9d:
9e:b9:38:cb:b8:d8:14:d0:5a:5c:0b:1a:ce:36:db:64:29:0c:
b6:65:01:b9:99:69:a8:08:0c:5c:10:24:cd:7a:ff:ff:ce:1d:
d0:ba:fc:66:81:e8:4a:b0:21:2a:6d:8b:20:0c:e0:2b:eb:06:
45:ad:d7:9d:5b:87:04:bd:cc:6e:19:c9:cb:39:dd:d0:a6:84:
59:f2:fc:d0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDfMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEFFQjYwRkM4N0REQjI4
NkUzREExRkMyRTBBQTI5ODc3NUNGOTczMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPmNdqxbfoLqkfGyZMMCDqMh4CUXFvWDCrErjTu2k1dm0b8UDr
Ca/YKi4Y9b9y6yT23IU0VnYQb6wbFHbCSarMt9kMMykPnlLK8ThEwUkZ8iog/H/2
nezWS5vGnAVNXka6IvW4JUa0AJYq+wofIZYqTjpLRBSNQveJbGykRs48lx0Sc/4p
3p889n7VSJdcsZyNpmnzfDhz9oKYm5/J9210SM8cix3JwpXEKC9snPMXn+FJIYIE
n6WKoR3sLC6Un31kmjQKJmum/otV8UkhpctR5gzgzM90Ymr0EuUD8MuARCHwVxeU
AzgLpSmFavl1TJzfONZrdz65opwnNLl7hPZvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUrrYPyH3bKG49ofwuCqKYd1z5cxswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcnJZUHlIM2JLRzQ5b2Z3dUNxS1lk
MXo1Y3hzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LLADAN
BgkqhkiG9w0BAQsFAAOCAQEATGl2N6Hk0RO9TEeXVncdIjwgcypSCa5aShafsOgk
NceyIvf8264riD9vH1F9aehCDNMWxli8qhKPDA7Wypd/nWL+sxdQSlHEqcvCuV3M
Zn9hnO3h1TVpx2vNzBpuVor+tSpjuVzRPfhXqVWFCXAn2PHUr19S39RYY2Uj+I7e
vFXZGCbPIW2A0uTAi9zfBHx0BF70sVsni/G4Pxtx1AJSx71GKQRGKJ4bZSJNcZiy
rNllmQ2dnrk4y7jYFNBaXAsazjbbZCkMtmUBuZlpqAgMXBAkzXr//84d0Lr8ZoHo
SrAhKm2LIAzgK+sGRa3XnVuHBL3MbhnJyznd0KaEWfL80A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:46 2023 by rpki-client on console-ams.rpki-client.org