Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/u3YxjT1KXxynBjmmgwG4W1TvI7o.roa
File: u3YxjT1KXxynBjmmgwG4W1TvI7o.roa (raw, json)
Hash identifier: /OPWkfEu6WtxAUU0Hrc6N/PSF4rK3ZMWceAUsugTk5I=
Subject key identifier: BB:76:31:8D:3D:4A:5F:1C:A7:06:39:A6:83:01:B8:5B:54:EF:23:BA
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0AC8
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/u3YxjT1KXxynBjmmgwG4W1TvI7o.roa
Signing time: Tue 19 Jan 2021 23:47:38 +0000
ROA not before: Tue 19 Jan 2021 23:47:38 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 103.36.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2760 (0xac8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Jan 19 23:47:38 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=BB76318D3D4A5F1CA70639A68301B85B54EF23BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:20:1e:4d:c6:ba:fd:e0:85:80:91:21:8d:e8:
12:37:90:7e:fa:e4:11:b6:dc:85:ab:09:80:1f:52:
5b:b7:a6:29:b3:4d:1b:10:99:54:88:b7:4a:01:ed:
20:a0:8c:46:71:bf:3f:60:af:bb:fc:63:2b:09:62:
24:37:78:df:9a:84:05:d6:3b:a3:d5:0c:c1:d6:b4:
78:2d:3f:6a:75:1d:cd:fb:32:aa:88:0e:84:52:54:
c0:0f:00:ee:74:5b:a5:6e:cd:46:b1:ec:1f:af:7e:
97:f2:1d:46:a1:41:f5:6b:e1:f0:f0:92:de:87:e2:
ef:5c:16:89:eb:ec:91:35:4e:e9:28:b8:fe:19:9c:
f5:82:c4:00:87:a1:8d:e7:aa:2f:d0:b4:80:1f:f2:
2a:91:35:8b:53:b4:b3:61:58:77:ac:de:71:58:03:
f9:87:ed:49:9b:97:c9:94:fe:28:38:61:87:9c:2c:
67:6c:56:29:51:2d:48:19:38:60:10:16:2c:69:c8:
f3:66:f9:d6:a7:2c:32:e2:85:93:d8:10:38:48:92:
9d:72:c8:0d:da:f9:1e:be:da:b8:f4:96:6b:64:ec:
00:b9:b6:17:ad:28:9e:f5:05:a5:da:5b:d1:65:51:
41:a5:fd:60:42:4c:2c:fa:24:23:32:09:00:88:d1:
66:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:76:31:8D:3D:4A:5F:1C:A7:06:39:A6:83:01:B8:5B:54:EF:23:BA
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/u3YxjT1KXxynBjmmgwG4W1TvI7o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.116.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:fe:f3:de:87:c3:7b:d4:43:51:98:a0:8d:a4:5a:0b:15:66:
31:ba:65:b0:4b:1b:a6:38:fb:5b:59:85:6a:62:94:e7:b6:e3:
ef:a1:ce:9a:99:69:d4:60:e1:ec:62:32:5f:22:93:16:eb:07:
64:50:00:43:b7:62:b8:c1:15:5d:a5:6e:75:59:4f:ab:df:0e:
2b:66:95:22:64:e6:2e:51:11:e8:af:20:de:2a:ea:f3:0b:ba:
1f:b9:80:34:b9:82:54:e2:bd:56:f4:69:19:90:a4:6d:65:d3:
12:f7:be:95:33:85:75:96:e1:4e:9d:92:a2:fe:e6:77:5a:de:
56:22:9e:b9:7b:35:bc:f3:bf:07:86:a8:e0:7b:7d:7f:8a:a9:
ee:59:81:0e:9b:ab:96:95:f8:42:15:d2:05:b4:dd:c3:e2:e3:
2a:c9:54:b6:fa:bb:f5:50:30:30:22:b9:59:40:f0:fc:ed:6d:
01:5d:7b:e4:95:93:c7:79:06:4c:c5:e6:31:ff:51:43:88:40:
99:ac:60:03:84:41:77:7a:cf:f4:64:3f:77:d4:f3:7a:d6:cd:
1b:71:95:5b:25:27:81:dc:35:f7:d0:67:58:db:12:8b:dd:ae:
2e:89:b8:43:3b:90:ee:ea:6c:6b:50:23:27:07:88:cc:9c:8f:
23:f2:c9:a1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCsgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAxMTky
MzQ3MzhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJCNzYzMThEM0Q0QTVG
MUNBNzA2MzlBNjgzMDFCODVCNTRFRjIzQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEIB5Nxrr94IWAkSGN6BI3kH765BG23IWrCYAfUlu3pimzTRsQ
mVSIt0oB7SCgjEZxvz9gr7v8YysJYiQ3eN+ahAXWO6PVDMHWtHgtP2p1Hc37MqqI
DoRSVMAPAO50W6VuzUax7B+vfpfyHUahQfVr4fDwkt6H4u9cFonr7JE1TukouP4Z
nPWCxACHoY3nqi/QtIAf8iqRNYtTtLNhWHes3nFYA/mH7Umbl8mU/ig4YYecLGds
VilRLUgZOGAQFixpyPNm+danLDLihZPYEDhIkp1yyA3a+R6+2rj0lmtk7AC5thet
KJ71BaXaW9FlUUGl/WBCTCz6JCMyCQCI0WYfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUu3YxjT1KXxynBjmmgwG4W1TvI7owHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdTNZeGpUMUtYeHluQmptbWd3RzRX
MVR2STdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmckdDAN
BgkqhkiG9w0BAQsFAAOCAQEAfv7z3ofDe9RDUZigjaRaCxVmMbplsEsbpjj7W1mF
amKU57bj76HOmplp1GDh7GIyXyKTFusHZFAAQ7diuMEVXaVudVlPq98OK2aVImTm
LlER6K8g3irq8wu6H7mANLmCVOK9VvRpGZCkbWXTEve+lTOFdZbhTp2Sov7md1re
ViKeuXs1vPO/B4ao4Ht9f4qp7lmBDpurlpX4QhXSBbTdw+LjKslUtvq79VAwMCK5
WUDw/O1tAV175JWTx3kGTMXmMf9RQ4hAmaxgA4RBd3rP9GQ/d9TzetbNG3GVWyUn
gdw199BnWNsSi92uLom4QzuQ7upsa1AjJweIzJyPI/LJoQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:46 2023 by rpki-client on console-ams.rpki-client.org