Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/vkMZFS1XrJaIBEFkpQ-dvuA66rs.roa
File: vkMZFS1XrJaIBEFkpQ-dvuA66rs.roa (raw, json)
Hash identifier: mWmxfTT63jCgUYUPaqHBCLmApPZGX/kdk7YLZkpdq2M=
Subject key identifier: BE:43:19:15:2D:57:AC:96:88:04:41:64:A5:0F:9D:BE:E0:3A:EA:BB
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0CBD
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/vkMZFS1XrJaIBEFkpQ-dvuA66rs.roa
Signing time: Sun 07 Feb 2021 12:58:03 +0000
ROA not before: Sun 07 Feb 2021 12:58:03 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131597
IP address blocks: 218.35.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3261 (0xcbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 12:58:03 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=BE4319152D57AC9688044164A50F9DBEE03AEABB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:77:ea:d6:25:f7:3c:93:4c:08:5e:d5:91:4d:
da:62:dc:ec:46:4a:f9:e3:08:63:f1:85:97:28:60:
6d:a3:4a:49:76:cb:4b:9c:91:c5:4a:17:58:f1:5f:
0b:f2:24:50:79:d1:89:78:62:fc:d3:79:b2:e5:36:
14:2e:89:40:4a:89:2d:05:7f:64:b9:ec:f7:92:c5:
6a:86:21:db:ee:8b:3b:49:81:d2:9c:cd:27:92:00:
c8:89:30:f2:26:89:80:29:3b:f8:ab:58:1a:a6:0c:
b3:f5:a6:0d:6c:74:43:ae:0f:f3:7b:f8:59:27:93:
88:83:e0:a0:5e:f2:ae:c9:06:1d:3d:15:4f:61:3b:
7b:3b:cb:e7:a0:84:31:58:e0:d1:c1:cd:83:e9:b7:
d8:99:87:2d:6e:f5:21:46:1f:a9:c7:eb:c6:cf:f7:
5b:ef:38:00:81:2b:18:1b:9c:c1:9a:70:54:1b:a3:
05:0a:f7:fa:18:8e:9b:ca:bc:0a:d2:d1:1f:6a:dd:
6e:e5:d3:70:56:0e:2a:73:66:09:82:59:0a:bb:58:
25:b1:6b:c4:17:33:29:3f:a2:5c:95:df:0f:81:fd:
3b:13:6c:66:97:21:0a:39:aa:df:ec:05:73:87:61:
32:7a:7e:a0:15:57:88:5c:e5:8a:b3:c1:9a:a4:09:
c4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:43:19:15:2D:57:AC:96:88:04:41:64:A5:0F:9D:BE:E0:3A:EA:BB
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/vkMZFS1XrJaIBEFkpQ-dvuA66rs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.32.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:79:f1:e3:9b:a4:c8:05:6a:1d:36:59:2c:80:76:87:29:eb:
3e:19:eb:ad:49:97:95:62:91:ee:76:df:5c:ea:63:7b:e0:00:
d1:10:1d:2a:91:d9:c8:8b:71:50:83:0d:2d:6c:ce:e0:a4:3d:
7c:e8:00:4f:3b:61:42:06:f0:26:4c:f4:74:31:60:9e:07:42:
3b:ef:d2:64:2d:2e:64:2b:2e:63:be:2f:68:a3:bd:3b:b2:31:
12:8e:f3:8b:f9:35:85:25:7e:74:9a:b5:3a:86:12:64:ad:02:
91:fc:49:7a:ee:a2:5a:04:38:18:79:b4:f8:af:fc:3d:5f:76:
dd:12:d8:cd:a4:97:61:f9:87:e4:ce:40:71:6d:da:90:f8:72:
ea:e9:16:71:0b:e3:e7:40:d8:2d:02:18:1c:9b:80:06:4e:84:
c9:7e:d9:a8:bc:b4:f1:b3:05:39:8e:32:68:36:d4:7c:c5:02:
a7:fc:2c:ba:51:6c:20:62:1e:75:c3:a6:4c:99:5a:64:6b:fb:
05:af:dd:48:72:f4:70:c7:d3:e4:54:53:cf:5d:08:da:0d:77:
80:37:ef:cd:1d:2f:7e:f7:14:c4:15:c2:bf:03:b8:46:47:48:
72:b9:4c:a8:0c:e3:19:3f:20:56:e4:72:aa:d4:d2:86:42:77:
fa:48:04:bc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MjU4MDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJFNDMxOTE1MkQ1N0FD
OTY4ODA0NDE2NEE1MEY5REJFRTAzQUVBQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkd+rWJfc8k0wIXtWRTdpi3OxGSvnjCGPxhZcoYG2jSkl2y0uc
kcVKF1jxXwvyJFB50Yl4YvzTebLlNhQuiUBKiS0Ff2S57PeSxWqGIdvuiztJgdKc
zSeSAMiJMPImiYApO/irWBqmDLP1pg1sdEOuD/N7+Fknk4iD4KBe8q7JBh09FU9h
O3s7y+eghDFY4NHBzYPpt9iZhy1u9SFGH6nH68bP91vvOACBKxgbnMGacFQbowUK
9/oYjpvKvArS0R9q3W7l03BWDipzZgmCWQq7WCWxa8QXMyk/olyV3w+B/TsTbGaX
IQo5qt/sBXOHYTJ6fqAVV4hc5YqzwZqkCcRTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUvkMZFS1XrJaIBEFkpQ+dvuA66rswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdmtNWkZTMVhySmFJQkVGa3BRLWR2
dUE2NnJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojIDAN
BgkqhkiG9w0BAQsFAAOCAQEAGnnx45ukyAVqHTZZLIB2hynrPhnrrUmXlWKR7nbf
XOpje+AA0RAdKpHZyItxUIMNLWzO4KQ9fOgATzthQgbwJkz0dDFgngdCO+/SZC0u
ZCsuY74vaKO9O7IxEo7zi/k1hSV+dJq1OoYSZK0CkfxJeu6iWgQ4GHm0+K/8PV92
3RLYzaSXYfmH5M5AcW3akPhy6ukWcQvj50DYLQIYHJuABk6EyX7ZqLy08bMFOY4y
aDbUfMUCp/wsulFsIGIedcOmTJlaZGv7Ba/dSHL0cMfT5FRTz10I2g13gDfvzR0v
fvcUxBXCvwO4RkdIcrlMqAzjGT8gVuRyqtTShkJ3+kgEvA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org