Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/yxI7okLc5F-CVBnRGayPrG41iFE.roa
File: yxI7okLc5F-CVBnRGayPrG41iFE.roa (raw, json)
Hash identifier: 2CYEaZ/T4OCY5yM0uhy7QJdyltVUOYXNzLxiEunIJXM=
Subject key identifier: CB:12:3B:A2:42:DC:E4:5F:82:54:19:D1:19:AC:8F:AC:6E:35:88:51
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E4E
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/yxI7okLc5F-CVBnRGayPrG41iFE.roa
Signing time: Wed 29 Sep 2021 02:40:13 +0000
ROA not before: Wed 29 Sep 2021 02:40:13 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131597
IP address blocks: 218.35.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3662 (0xe4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:40:13 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=CB123BA242DCE45F825419D119AC8FAC6E358851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:dd:e7:da:90:3b:c1:70:f8:76:c9:48:1b:b7:
a8:47:d6:7e:f6:b4:13:5d:be:a5:8a:82:54:e7:57:
99:3a:35:80:5a:d3:c9:e6:cc:b0:33:f2:fb:60:87:
2b:88:89:8a:d8:d3:ac:fa:6a:91:6d:79:c9:78:53:
0a:d2:a0:ac:a8:5d:8f:ff:c9:67:34:b2:a2:3d:74:
23:e6:ba:b0:9e:45:92:61:26:00:e1:b0:32:20:e3:
04:e0:2e:e0:f7:9b:de:d9:50:a9:58:3f:93:34:0c:
3e:00:36:df:1e:f9:ab:d8:ae:0c:20:57:20:4d:f2:
cc:07:e0:75:8e:88:e7:70:67:00:44:6d:1b:48:67:
ea:d8:77:5d:bc:c8:6b:3b:6c:0f:1d:e1:c2:74:ac:
5b:4f:2a:c9:c6:ed:35:f8:fb:54:dd:30:b1:52:ae:
3b:f8:29:66:bb:00:60:e4:d1:2d:a6:37:fa:59:86:
9a:c4:73:d8:90:c7:ae:18:f7:c6:15:03:78:18:d0:
11:74:6e:93:a0:aa:03:ba:3a:f7:d7:2e:05:f0:af:
83:f4:a6:b3:91:8e:9c:cc:b4:88:51:7d:c2:c9:be:
e5:34:cc:50:96:d3:8b:5c:a4:d1:f8:79:cc:b4:e1:
6b:af:cd:59:ac:41:77:ef:49:12:42:8b:b6:09:85:
65:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:12:3B:A2:42:DC:E4:5F:82:54:19:D1:19:AC:8F:AC:6E:35:88:51
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/yxI7okLc5F-CVBnRGayPrG41iFE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.32.0/19
Signature Algorithm: sha256WithRSAEncryption
00:ab:33:79:b7:cc:82:5f:1e:11:bf:14:88:d6:fc:19:26:91:
3b:8e:6d:5f:76:71:00:25:2e:0f:1c:b1:25:8f:9e:8e:d6:b8:
d7:8d:20:49:78:0c:9e:ee:52:8e:11:6a:45:4d:46:8b:42:ed:
3c:4d:21:9b:9e:e2:66:d7:06:b7:f5:98:cb:fc:c6:4e:31:2d:
72:f2:8a:50:38:bb:c6:1f:f4:9e:af:52:64:e3:89:6b:f4:c1:
32:09:8c:4e:0d:b7:8f:bc:15:22:68:a3:5f:29:81:4b:44:7b:
25:30:db:28:da:aa:4e:30:0d:49:9d:5f:4a:a7:c0:a1:fd:8a:
7c:2c:ad:8a:59:ed:f0:d2:25:7f:61:68:ee:04:ff:79:27:07:
27:a6:e7:60:e0:27:db:e1:b7:14:86:75:82:c8:d6:78:15:09:
0c:69:48:6d:ae:da:20:44:c9:7b:1f:44:0b:65:70:a5:c0:48:
be:b3:40:ac:d9:a5:13:4f:4a:f5:2b:93:c6:89:29:be:a1:60:
2f:fa:96:e9:ad:bb:2b:a2:da:12:32:38:26:67:98:28:41:31:
8c:17:19:f3:10:a3:d8:04:d4:21:0a:b8:e9:f3:47:3e:3a:58:
ba:ef:ea:0b:09:40:c6:8b:33:5b:38:b3:5f:c1:8f:80:a6:70:
2c:46:92:7d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMTNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENCMTIzQkEyNDJEQ0U0
NUY4MjU0MTlEMTE5QUM4RkFDNkUzNTg4NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa3efakDvBcPh2yUgbt6hH1n72tBNdvqWKglTnV5k6NYBa08nm
zLAz8vtghyuIiYrY06z6apFtecl4UwrSoKyoXY//yWc0sqI9dCPmurCeRZJhJgDh
sDIg4wTgLuD3m97ZUKlYP5M0DD4ANt8e+avYrgwgVyBN8swH4HWOiOdwZwBEbRtI
Z+rYd128yGs7bA8d4cJ0rFtPKsnG7TX4+1TdMLFSrjv4KWa7AGDk0S2mN/pZhprE
c9iQx64Y98YVA3gY0BF0bpOgqgO6OvfXLgXwr4P0prORjpzMtIhRfcLJvuU0zFCW
04tcpNH4ecy04WuvzVmsQXfvSRJCi7YJhWUHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUyxI7okLc5F+CVBnRGayPrG41iFEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveXhJN29rTGM1Ri1DVkJuUkdheVBy
RzQxaUZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojIDAN
BgkqhkiG9w0BAQsFAAOCAQEAAKszebfMgl8eEb8UiNb8GSaRO45tX3ZxACUuDxyx
JY+ejta4140gSXgMnu5SjhFqRU1Gi0LtPE0hm57iZtcGt/WYy/zGTjEtcvKKUDi7
xh/0nq9SZOOJa/TBMgmMTg23j7wVImijXymBS0R7JTDbKNqqTjANSZ1fSqfAof2K
fCytilnt8NIlf2Fo7gT/eScHJ6bnYOAn2+G3FIZ1gsjWeBUJDGlIba7aIETJex9E
C2VwpcBIvrNArNmlE09K9SuTxokpvqFgL/qW6a27K6LaEjI4JmeYKEExjBcZ8xCj
2ATUIQq46fNHPjpYuu/qCwlAxoszWzizX8GPgKZwLEaSfQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:46 2023 by rpki-client on console-ams.rpki-client.org