Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/-g0CTaGd2juAce_vBAXfxxRKOFQ.roa
File: -g0CTaGd2juAce_vBAXfxxRKOFQ.roa (raw, json)
Hash identifier: tYhLkC8Sg9Bmq5EOVwm6KYKjBVxlC8zqaKkDUHHRMUE=
Subject key identifier: FA:0D:02:4D:A1:9D:DA:3B:80:71:EF:EF:04:05:DF:C7:14:4A:38:54
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/-g0CTaGd2juAce_vBAXfxxRKOFQ.roa
Signing time: Thu 15 Sep 2022 02:37:29 +0000
ROA not before: Thu 15 Sep 2022 02:37:29 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:29 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=FA0D024DA19DDA3B8071EFEF0405DFC7144A3854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fa:3d:2b:5a:9e:cc:2b:0d:e1:51:e1:fb:13:
42:b1:a2:dc:f3:59:cb:60:a4:aa:e6:34:0e:9c:bb:
0c:32:99:b1:59:a1:29:74:4f:34:d2:b2:67:d1:63:
6b:88:ee:14:f2:13:87:ac:42:f2:1d:87:78:87:66:
ba:1e:73:bb:75:94:0b:75:4c:ee:38:b1:97:5e:d0:
a9:71:c2:82:cd:9a:15:a3:5a:66:3a:fc:46:a2:eb:
b3:d0:ac:eb:45:e0:44:26:49:69:b7:f0:f3:5f:9b:
41:c5:ba:a8:5b:12:3e:39:bc:6d:3a:98:47:34:a5:
33:84:8a:92:b9:32:3f:5f:0d:33:b8:78:80:b1:0d:
40:51:d6:5e:fe:1d:91:ac:b0:23:fe:62:51:46:58:
a6:fa:82:d1:d5:2f:f8:c7:e0:24:94:c8:86:2d:68:
4d:bb:32:f1:27:6f:69:10:b2:de:99:a8:bc:46:7d:
8c:c1:ae:dc:77:f4:f7:ea:25:4f:f0:ae:e7:ad:87:
da:06:e9:cf:89:08:6a:d3:3e:4d:d2:78:92:a7:07:
8b:e5:17:dc:f7:8c:55:29:a3:91:4b:13:ba:b1:34:
6c:27:cf:c1:51:30:bd:c5:6e:f8:9d:06:1a:a8:f8:
f0:93:b4:0f:0f:a8:c4:ed:61:70:be:cd:d6:1a:cf:
7a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0D:02:4D:A1:9D:DA:3B:80:71:EF:EF:04:05:DF:C7:14:4A:38:54
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/-g0CTaGd2juAce_vBAXfxxRKOFQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.88.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:31:50:e5:3f:6b:fd:2c:4f:c3:86:d0:1a:bc:8b:e5:5e:fe:
35:8c:f1:64:15:a5:11:45:ad:4d:e1:15:bc:59:84:c4:4e:9f:
28:33:b5:d6:9a:a1:c5:ac:3b:5c:49:74:04:47:fa:d1:27:2e:
47:a2:52:57:20:8f:63:d7:14:53:35:52:01:92:dd:ca:53:00:
ab:e2:b0:bb:8e:7b:61:13:b2:37:69:a5:88:32:8e:37:e8:0a:
e4:a8:82:7f:41:57:e1:4e:30:69:ce:64:28:9b:38:dc:da:fe:
81:fe:e0:a1:07:e3:76:4c:93:c8:53:15:1b:a4:b1:60:b7:4f:
d1:09:91:63:e7:38:18:38:77:12:f3:59:1a:6e:73:a5:60:cc:
cf:04:5c:e0:2e:90:70:39:aa:bf:9c:67:be:0c:4c:04:c2:08:
bd:69:e0:43:0d:0f:75:f8:46:96:ed:90:34:f6:ed:8b:40:a2:
28:b5:9d:75:76:ec:00:b7:64:a3:ca:39:a4:4f:b1:34:fe:25:
70:07:81:66:8a:c5:25:eb:79:71:63:95:29:4a:ac:b6:20:19:
97:24:99:85:8a:31:07:70:f1:e8:52:58:1a:7c:63:c4:f5:26:
14:c0:f7:bd:52:8e:21:7f:e6:eb:0e:d4:b4:13:15:36:3c:34:
8a:cc:77:bd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZBMEQwMjREQTE5RERB
M0I4MDcxRUZFRjA0MDVERkM3MTQ0QTM4NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo+j0rWp7MKw3hUeH7E0KxotzzWctgpKrmNA6cuwwymbFZoSl0
TzTSsmfRY2uI7hTyE4esQvIdh3iHZroec7t1lAt1TO44sZde0KlxwoLNmhWjWmY6
/Eai67PQrOtF4EQmSWm38PNfm0HFuqhbEj45vG06mEc0pTOEipK5Mj9fDTO4eICx
DUBR1l7+HZGssCP+YlFGWKb6gtHVL/jH4CSUyIYtaE27MvEnb2kQst6ZqLxGfYzB
rtx39PfqJU/wrueth9oG6c+JCGrTPk3SeJKnB4vlF9z3jFUpo5FLE7qxNGwnz8FR
ML3FbvidBhqo+PCTtA8PqMTtYXC+zdYaz3oBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU+g0CTaGd2juAce/vBAXfxxRKOFQwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvLWcwQ1RhR2QyanVBY2VfdkJBWGZ4
eFJLT0ZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+WDAN
BgkqhkiG9w0BAQsFAAOCAQEAPzFQ5T9r/SxPw4bQGryL5V7+NYzxZBWlEUWtTeEV
vFmExE6fKDO11pqhxaw7XEl0BEf60ScuR6JSVyCPY9cUUzVSAZLdylMAq+Kwu457
YROyN2mliDKON+gK5KiCf0FX4U4wac5kKJs43Nr+gf7goQfjdkyTyFMVG6SxYLdP
0QmRY+c4GDh3EvNZGm5zpWDMzwRc4C6QcDmqv5xnvgxMBMIIvWngQw0PdfhGlu2Q
NPbti0CiKLWddXbsALdko8o5pE+xNP4lcAeBZorFJet5cWOVKUqstiAZlySZhYox
B3Dx6FJYGnxjxPUmFMD3vVKOIX/m6w7UtBMVNjw0isx3vQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org