Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/xk6B5sCrXwZBk8XGhdPIsifYe74.roa
File: xk6B5sCrXwZBk8XGhdPIsifYe74.roa (raw, json)
Hash identifier: 6XNvrttu1plHvwQ3cXDVMUeDynp32iEe0T7KJGBya4M=
Subject key identifier: C6:4E:81:E6:C0:AB:5F:06:41:93:C5:C6:85:D3:C8:B2:27:D8:7B:BE
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0CB9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xk6B5sCrXwZBk8XGhdPIsifYe74.roa
Signing time: Sun 07 Feb 2021 12:48:05 +0000
ROA not before: Sun 07 Feb 2021 12:48:05 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131597
IP address blocks: 218.35.32.0/19 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3257 (0xcb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 12:48:05 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C64E81E6C0AB5F064193C5C685D3C8B227D87BBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1f:7b:60:73:f7:94:f0:b3:b7:d9:7b:6e:d4:
5c:ef:03:2e:ef:ab:f3:d4:da:4a:cb:bb:78:4d:b9:
75:55:11:0d:59:28:65:e9:28:44:f8:92:52:d8:68:
47:df:7f:0c:22:0e:d2:ba:64:c3:49:fc:da:31:71:
13:da:fd:bf:08:68:e1:91:89:d2:3c:28:62:2a:e2:
ef:2f:01:a5:4e:ca:0d:53:a2:1b:b2:a1:89:2c:02:
60:fd:7b:26:4e:31:b5:6e:7a:47:4e:13:ef:93:87:
19:c1:f8:c4:7b:a5:86:aa:9d:19:b7:cb:4c:45:d4:
22:d7:f8:13:98:b0:83:1b:c6:73:82:fd:60:fa:05:
54:eb:44:df:79:c7:7d:f7:77:52:e2:ad:96:8b:07:
57:20:e0:04:86:48:31:44:f8:1b:1d:2b:4c:f9:3f:
66:6a:0c:e3:d3:b5:ff:72:19:c7:5d:b5:d4:b5:0e:
85:f2:6c:34:9e:9f:07:cf:61:93:a8:45:aa:9d:cb:
fd:ea:fd:29:30:63:ee:de:cc:ee:42:1c:ef:3f:a0:
96:04:aa:92:da:20:92:65:b8:f8:72:71:05:29:3d:
0e:64:53:95:ce:b0:da:05:a6:d4:9d:e7:f2:43:15:
ce:db:ec:fe:f0:cf:d3:ec:a0:44:13:43:20:89:c5:
9d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4E:81:E6:C0:AB:5F:06:41:93:C5:C6:85:D3:C8:B2:27:D8:7B:BE
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xk6B5sCrXwZBk8XGhdPIsifYe74.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.32.0/19
Signature Algorithm: sha256WithRSAEncryption
39:30:53:8a:d6:73:41:45:65:98:68:43:7e:4d:36:6d:a3:33:
aa:49:c1:ed:44:9a:b9:bf:b8:40:7e:fa:fd:4c:72:b9:39:7a:
81:76:71:73:c3:98:60:40:13:e5:41:16:ac:49:4f:0d:a0:95:
c8:34:59:f9:5d:53:3f:92:9e:ba:9b:83:f9:81:7d:0e:96:07:
b8:60:67:bc:72:ac:29:7c:7c:54:bf:1d:6d:b8:d9:3d:76:bb:
b1:b1:7a:1d:1a:6e:8d:2a:6f:e1:84:84:ee:78:49:d3:e7:d7:
d8:1a:58:4f:34:bd:a3:f4:28:55:2c:8a:0a:26:58:04:6a:16:
57:5a:0b:6b:48:8e:80:7a:ec:4e:a6:96:e1:c2:e3:b2:b1:ab:
b1:81:b2:5f:46:82:8f:49:31:ad:3f:a3:93:dc:5f:66:1f:69:
b6:7c:8d:bf:0e:75:e4:14:38:96:10:ef:ca:79:01:60:ef:7a:
e5:00:bf:d0:78:6f:51:cf:b8:ce:6b:e3:4f:8d:62:07:0e:8d:
3b:c7:bb:b2:44:50:bf:5f:e4:d3:31:b6:71:ac:72:8c:2c:53:
8b:09:24:43:fc:83:18:70:5e:e4:94:2a:16:40:79:d4:81:c4:
9b:fd:d3:a1:6e:87:01:96:58:c0:dc:57:42:06:a2:88:de:0a:
d9:98:55:5f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDLkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MjQ4MDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM2NEU4MUU2QzBBQjVG
MDY0MTkzQzVDNjg1RDNDOEIyMjdEODdCQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCH3tgc/eU8LO32Xtu1FzvAy7vq/PU2krLu3hNuXVVEQ1ZKGXp
KET4klLYaEfffwwiDtK6ZMNJ/NoxcRPa/b8IaOGRidI8KGIq4u8vAaVOyg1Tohuy
oYksAmD9eyZOMbVuekdOE++ThxnB+MR7pYaqnRm3y0xF1CLX+BOYsIMbxnOC/WD6
BVTrRN95x333d1LirZaLB1cg4ASGSDFE+BsdK0z5P2ZqDOPTtf9yGcddtdS1DoXy
bDSenwfPYZOoRaqdy/3q/SkwY+7ezO5CHO8/oJYEqpLaIJJluPhycQUpPQ5kU5XO
sNoFptSd5/JDFc7b7P7wz9PsoEQTQyCJxZ0JAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxk6B5sCrXwZBk8XGhdPIsifYe74wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveGs2QjVzQ3JYd1pCazhYR2hkUElz
aWZZZTc0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojIDAN
BgkqhkiG9w0BAQsFAAOCAQEAOTBTitZzQUVlmGhDfk02baMzqknB7USaub+4QH76
/UxyuTl6gXZxc8OYYEAT5UEWrElPDaCVyDRZ+V1TP5KeupuD+YF9DpYHuGBnvHKs
KXx8VL8dbbjZPXa7sbF6HRpujSpv4YSE7nhJ0+fX2BpYTzS9o/QoVSyKCiZYBGoW
V1oLa0iOgHrsTqaW4cLjsrGrsYGyX0aCj0kxrT+jk9xfZh9ptnyNvw515BQ4lhDv
ynkBYO965QC/0HhvUc+4zmvjT41iBw6NO8e7skRQv1/k0zG2caxyjCxTiwkkQ/yD
GHBe5JQqFkB51IHEm/3ToW6HAZZYwNxXQgaiiN4K2ZhVXw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:46 2023 by rpki-client on console-ams.rpki-client.org