Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/sg_D9forG4Wt8XGpZwRWtmhmMkY.roa
File: sg_D9forG4Wt8XGpZwRWtmhmMkY.roa (raw, json)
Hash identifier: yGS/sTfWz5cqKJ58SVnYiYmE7bOr3OTRxX8i1lJ1tZ4=
Subject key identifier: B2:0F:C3:F5:FA:2B:1B:85:AD:F1:71:A9:67:04:56:B6:68:66:32:46
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 092C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/sg_D9forG4Wt8XGpZwRWtmhmMkY.roa
Signing time: Tue 29 Sep 2020 10:01:33 +0000
ROA not before: Tue 29 Sep 2020 10:01:33 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131627
IP address blocks: 219.91.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2348 (0x92c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:33 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=B20FC3F5FA2B1B85ADF171A9670456B668663246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3e:70:a3:93:f4:6e:f0:b4:ab:85:a9:a6:d8:
dd:4c:6c:58:93:b8:f3:dd:56:1a:cf:7b:93:85:79:
64:f9:6f:5b:25:86:dd:e0:da:51:c7:f1:b6:de:1b:
0d:aa:c0:b1:78:a1:30:0c:15:d1:0c:76:28:0b:51:
7e:b6:5b:36:b9:0b:12:91:f7:32:6d:4f:c9:d4:c2:
e9:44:5d:66:cc:76:5e:34:fc:01:73:a7:a4:33:a6:
cf:2b:ac:e4:fd:85:9f:ee:1c:6f:6d:5a:f1:24:08:
6c:8c:13:01:95:f6:d9:ba:a5:ff:18:24:9b:01:e6:
06:6a:aa:81:ac:92:3c:a0:52:cb:ea:c4:f2:5a:d1:
4f:d8:3c:49:d1:96:57:f3:31:bc:c8:41:63:ad:0f:
8c:88:84:ea:e0:f7:6a:ed:3c:34:cd:90:d0:f2:f5:
b0:f5:cb:40:e6:96:fc:3f:ee:1f:71:b2:19:8e:87:
d3:fb:ed:a1:97:7e:d8:43:76:3f:8b:e0:18:db:bb:
a3:fe:e5:04:b7:c9:e7:96:8f:83:d5:b8:cb:e2:88:
4b:c8:73:9f:0c:aa:a0:11:90:29:21:37:49:6d:21:
f9:c7:08:43:ae:aa:13:8a:d3:51:9d:ec:4e:91:11:
d9:80:e7:10:79:4a:b0:38:2d:9e:8c:01:2f:37:1b:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0F:C3:F5:FA:2B:1B:85:AD:F1:71:A9:67:04:56:B6:68:66:32:46
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/sg_D9forG4Wt8XGpZwRWtmhmMkY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.91.64.0/22
Signature Algorithm: sha256WithRSAEncryption
89:da:97:a7:5c:7f:6c:1c:c7:c9:e4:98:84:b9:8f:88:1f:18:
b6:00:88:d6:df:dd:bb:99:47:6f:54:6c:20:24:c3:ed:6f:30:
32:41:1c:27:ce:57:c6:5a:c7:1c:17:7c:47:b0:24:aa:f1:0d:
af:c7:33:24:78:7f:2f:f4:d8:95:a6:3e:c1:c1:c2:f4:24:b1:
17:42:4b:a1:6e:00:41:89:a8:12:50:1e:2a:72:9c:5c:47:de:
ed:2e:af:45:20:e7:9b:9b:ac:60:75:e8:bd:85:27:3b:05:be:
23:d1:78:3f:73:a9:13:fa:96:fe:cd:fa:e6:2f:23:e6:16:f4:
58:33:4e:6b:a7:dc:38:10:37:de:d0:e6:7d:07:49:3c:d2:38:
ee:70:96:f0:91:75:21:07:da:23:9f:b6:47:19:14:a4:df:53:
54:f9:37:78:d1:d8:89:f6:c0:2e:41:93:3d:89:99:50:a5:41:
86:30:61:1e:5f:a1:79:7c:9f:83:27:5f:45:3a:81:b5:d2:58:
e1:68:24:ea:81:32:49:95:0b:99:6a:3e:f7:e6:7d:02:f5:2e:
17:aa:d8:d5:b8:da:13:21:fa:f0:b3:e2:e9:c2:a3:05:73:23:
42:30:87:4c:b7:80:b2:0d:0c:f0:01:83:34:4d:f8:23:e1:78:
cf:d5:73:cb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCSwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEIyMEZDM0Y1RkEyQjFC
ODVBREYxNzFBOTY3MDQ1NkI2Njg2NjMyNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcPnCjk/Ru8LSrhamm2N1MbFiTuPPdVhrPe5OFeWT5b1slht3g
2lHH8bbeGw2qwLF4oTAMFdEMdigLUX62Wza5CxKR9zJtT8nUwulEXWbMdl40/AFz
p6Qzps8rrOT9hZ/uHG9tWvEkCGyMEwGV9tm6pf8YJJsB5gZqqoGskjygUsvqxPJa
0U/YPEnRllfzMbzIQWOtD4yIhOrg92rtPDTNkNDy9bD1y0Dmlvw/7h9xshmOh9P7
7aGXfthDdj+L4Bjbu6P+5QS3yeeWj4PVuMviiEvIc58MqqARkCkhN0ltIfnHCEOu
qhOK01Gd7E6REdmA5xB5SrA4LZ6MAS83GyrjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUsg/D9forG4Wt8XGpZwRWtmhmMkYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvc2dfRDlmb3JHNFd0OFhHcFp3Uld0
bWhtTWtZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAttbQDAN
BgkqhkiG9w0BAQsFAAOCAQEAidqXp1x/bBzHyeSYhLmPiB8YtgCI1t/du5lHb1Rs
ICTD7W8wMkEcJ85XxlrHHBd8R7AkqvENr8czJHh/L/TYlaY+wcHC9CSxF0JLoW4A
QYmoElAeKnKcXEfe7S6vRSDnm5usYHXovYUnOwW+I9F4P3OpE/qW/s365i8j5hb0
WDNOa6fcOBA33tDmfQdJPNI47nCW8JF1IQfaI5+2RxkUpN9TVPk3eNHYifbALkGT
PYmZUKVBhjBhHl+heXyfgydfRTqBtdJY4Wgk6oEySZULmWo+9+Z9AvUuF6rY1bja
EyH68LPi6cKjBXMjQjCHTLeAsg0M8AGDNE34I+F4z9Vzyw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org