Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/0a8pJsVI5lqd5ksAFb9kNs9NGSw.roa
File: 0a8pJsVI5lqd5ksAFb9kNs9NGSw.roa (raw, json)
Hash identifier: VXkxxs4X6v5YcTNOKCkvRSL9S5uKSAq42OQKaIsymbE=
Subject key identifier: D1:AF:29:26:C5:48:E6:5A:9D:E6:4B:00:15:BF:64:36:CF:4D:19:2C
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CCF
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/0a8pJsVI5lqd5ksAFb9kNs9NGSw.roa
Signing time: Wed 26 Apr 2023 06:39:15 +0000
ROA not before: Wed 26 Apr 2023 06:39:15 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 211.79.112.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3279 (0xccf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 06:39:15 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D1AF2926C548E65A9DE64B0015BF6436CF4D192C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ff:e9:12:9f:fe:61:6c:f4:c6:8c:d9:b7:c2:
58:0a:43:80:ea:19:a1:e1:61:e0:15:f8:9f:d0:c4:
0f:e7:d2:0e:65:9e:1f:62:ca:e2:c4:4e:b8:03:f5:
ee:56:00:78:b4:31:20:44:a7:ac:1a:1d:c8:66:b2:
23:5f:13:d9:6e:83:64:fb:cf:aa:55:d6:da:93:63:
07:b1:b0:9a:11:6a:66:8d:12:7d:98:8a:5c:96:e9:
ba:07:53:6b:5a:bd:5c:0f:05:2c:d1:28:b7:f3:6b:
a0:82:8f:c6:99:25:b1:ea:fd:c5:ff:ea:16:63:24:
cc:ce:56:b3:d8:ce:12:d7:19:9f:d2:d1:06:85:83:
73:6c:d1:d8:64:42:e4:c8:2a:2a:59:83:ee:35:c3:
bd:7f:cd:a3:87:c7:49:76:87:23:0f:dd:01:64:1b:
e3:59:5c:5d:dc:12:07:fc:f2:6f:6c:88:9c:4d:ed:
0b:b1:01:12:8c:97:49:b2:70:88:98:28:74:02:ea:
d2:64:6f:3e:b4:b1:0f:2d:23:b7:92:d1:bc:f7:aa:
82:bc:aa:e1:a7:30:08:7e:ce:22:f0:d2:b6:31:64:
af:4f:2e:33:90:0b:1b:90:49:f7:19:30:18:a2:5d:
71:79:7e:ca:4d:da:76:be:6a:d7:84:d9:5f:60:fb:
65:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:AF:29:26:C5:48:E6:5A:9D:E6:4B:00:15:BF:64:36:CF:4D:19:2C
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/0a8pJsVI5lqd5ksAFb9kNs9NGSw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.79.112.0/20
Signature Algorithm: sha256WithRSAEncryption
8c:bd:37:2f:b7:96:9a:4a:6a:3c:54:cd:25:79:22:c1:72:45:
7f:c8:ed:a7:27:b1:f2:18:03:a3:a0:cc:fa:1b:ef:77:58:60:
3c:e7:88:2d:10:27:cd:87:66:d2:a6:9a:a8:03:13:03:ad:f9:
af:19:9b:81:da:24:85:ce:31:87:43:67:cb:87:71:c9:30:c4:
24:c5:f1:78:f5:42:72:51:33:56:9b:84:dd:d2:ed:a6:3b:83:
06:39:40:f0:1b:7f:d2:43:70:71:f9:2f:0a:84:00:2a:5f:5a:
92:09:3b:38:46:a0:0d:7d:ce:e8:ae:d5:98:6c:c9:d6:79:de:
4f:9a:a7:ab:a4:8f:e0:51:91:6c:bb:db:d6:35:33:47:3f:a1:
e8:ef:07:c5:d3:36:44:73:37:04:9f:24:df:28:f3:db:c7:43:
52:ea:05:1f:68:6d:83:70:fd:72:62:68:f0:0e:09:74:ff:a7:
3d:cd:d0:5f:2e:f4:fa:3b:2e:ec:3c:19:84:aa:2f:b2:03:63:
19:96:d9:1e:ae:d9:5a:59:ae:a0:4b:30:df:32:e6:16:66:50:
cc:3a:c5:ba:3a:c0:8a:df:95:48:b1:cc:a9:53:80:49:f4:88:
3f:b8:c3:fb:83:f3:87:a8:e3:db:e9:f8:65:34:d9:8a:73:bb:
65:78:34:1e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjM5MTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQxQUYyOTI2QzU0OEU2
NUE5REU2NEIwMDE1QkY2NDM2Q0Y0RDE5MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCn/+kSn/5hbPTGjNm3wlgKQ4DqGaHhYeAV+J/QxA/n0g5lnh9i
yuLETrgD9e5WAHi0MSBEp6waHchmsiNfE9lug2T7z6pV1tqTYwexsJoRamaNEn2Y
ilyW6boHU2tavVwPBSzRKLfza6CCj8aZJbHq/cX/6hZjJMzOVrPYzhLXGZ/S0QaF
g3Ns0dhkQuTIKipZg+41w71/zaOHx0l2hyMP3QFkG+NZXF3cEgf88m9siJxN7Qux
ARKMl0mycIiYKHQC6tJkbz60sQ8tI7eS0bz3qoK8quGnMAh+ziLw0rYxZK9PLjOQ
CxuQSfcZMBiiXXF5fspN2na+ateE2V9g+2UNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU0a8pJsVI5lqd5ksAFb9kNs9NGSwwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvMGE4cEpzVkk1bHFkNWtzQUZiOWtO
czlOR1N3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNNPcDAN
BgkqhkiG9w0BAQsFAAOCAQEAjL03L7eWmkpqPFTNJXkiwXJFf8jtpyex8hgDo6DM
+hvvd1hgPOeILRAnzYdm0qaaqAMTA635rxmbgdokhc4xh0Nny4dxyTDEJMXxePVC
clEzVpuE3dLtpjuDBjlA8Bt/0kNwcfkvCoQAKl9akgk7OEagDX3O6K7VmGzJ1nne
T5qnq6SP4FGRbLvb1jUzRz+h6O8HxdM2RHM3BJ8k3yjz28dDUuoFH2htg3D9cmJo
8A4JdP+nPc3QXy70+jsu7DwZhKovsgNjGZbZHq7ZWlmuoEsw3zLmFmZQzDrFujrA
it+VSLHMqVOASfSIP7jD+4Pzh6jj2+n4ZTTZinO7ZXg0Hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org