Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/1cPx290vKdQbl6qu3wsrivXTrT0.roa
File: 1cPx290vKdQbl6qu3wsrivXTrT0.roa (raw, json)
Hash identifier: kjMhuN3AQu5cBt4jr0lqxHo7J1ItwRNiOULsetH4TwU=
Subject key identifier: D5:C3:F1:DB:DD:2F:29:D4:1B:97:AA:AE:DF:0B:2B:8A:F5:D3:AD:3D
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 090A
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/1cPx290vKdQbl6qu3wsrivXTrT0.roa
Signing time: Tue 24 Nov 2020 03:22:20 +0000
ROA not before: Tue 24 Nov 2020 03:22:20 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17809
IP address blocks: 111.67.52.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2314 (0x90a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Nov 24 03:22:20 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D5C3F1DBDD2F29D41B97AAAEDF0B2B8AF5D3AD3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d7:27:43:52:3f:67:1a:3e:b7:d6:34:e0:c5:
65:59:65:cd:d5:12:13:30:2c:cd:48:8b:c2:e5:ba:
e2:66:9d:7f:b1:9f:0c:d2:f0:d1:7d:3e:64:0d:40:
e1:30:6f:20:59:69:10:06:da:fe:04:e4:7d:5f:c3:
a9:af:e8:7f:02:ed:28:44:92:64:33:91:d7:b2:11:
f8:95:34:4b:82:97:18:11:f3:b8:4b:7b:d0:fb:5c:
e0:80:33:d0:8e:b0:8b:7a:c5:86:d1:ce:da:fe:65:
8a:32:83:3c:08:09:a9:62:ca:c1:26:88:c1:fe:69:
4f:40:ec:01:e2:d3:77:4c:72:20:00:e2:38:52:10:
65:a5:3f:b1:42:0a:a8:90:d0:fc:3f:0a:92:4c:6d:
f2:b5:16:00:66:e7:22:6a:2a:8a:8f:e8:f3:51:9f:
c9:fe:76:51:c0:eb:98:c9:10:58:68:01:b3:45:00:
19:54:d5:ec:06:7a:ac:9b:fe:cf:12:fb:67:d8:1f:
a4:5a:a2:1e:79:53:b2:c1:0a:fc:5e:cb:ef:40:15:
6c:ce:a4:11:ea:e7:ba:6e:38:44:4e:2b:13:4f:3a:
ee:70:e1:98:66:66:54:15:99:32:9e:2a:3d:66:1e:
2d:42:ba:ac:e0:28:15:ae:e7:e8:ea:48:91:55:d5:
1d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C3:F1:DB:DD:2F:29:D4:1B:97:AA:AE:DF:0B:2B:8A:F5:D3:AD:3D
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/1cPx290vKdQbl6qu3wsrivXTrT0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.67.52.0/22
Signature Algorithm: sha256WithRSAEncryption
72:3b:ea:e2:b1:61:03:8b:a2:cc:f6:e3:3b:e8:f1:1a:ab:3e:
9b:3f:e0:5b:32:d4:0f:23:e1:c4:27:5c:1d:67:ea:63:6a:b5:
26:5d:fd:51:1f:5f:bc:63:fc:eb:29:8b:be:ed:31:98:43:2e:
7e:b9:14:d5:59:b5:2f:69:1a:7a:d2:48:8e:ea:e1:18:24:20:
ae:55:8d:c0:02:e6:a4:aa:78:c8:98:7c:d5:0d:89:5c:e7:8c:
29:45:f3:c4:75:6c:4c:35:29:1c:90:c6:d0:39:b4:c7:d7:ad:
59:7e:8d:d3:70:65:8b:b3:38:99:79:2b:09:8b:35:71:7a:47:
81:13:a5:74:05:a0:ba:7e:9d:53:49:47:76:fd:b9:16:82:a9:
b4:d7:64:e7:1a:86:c2:33:70:fd:51:56:f8:68:5f:a2:eb:86:
18:a0:e2:64:04:cc:ec:a0:84:ee:72:b8:6b:d2:8e:47:b7:f4:
ab:c4:14:d0:49:b0:82:8e:ed:ee:f4:81:68:ce:c6:de:1f:d4:
d6:18:19:77:7e:cb:4d:d5:b6:16:c1:16:fd:f6:00:14:80:df:
29:46:5f:9b:2d:43:8e:ea:bc:2b:22:9a:1b:81:9d:58:f5:54:
df:be:80:8c:a2:22:a4:58:b1:c5:93:7d:30:78:33:32:7b:fe:
b7:93:b1:32
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMDExMjQw
MzIyMjBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ1QzNGMURCREQyRjI5
RDQxQjk3QUFBRURGMEIyQjhBRjVEM0FEM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa1ydDUj9nGj631jTgxWVZZc3VEhMwLM1Ii8LluuJmnX+xnwzS
8NF9PmQNQOEwbyBZaRAG2v4E5H1fw6mv6H8C7ShEkmQzkdeyEfiVNEuClxgR87hL
e9D7XOCAM9COsIt6xYbRztr+ZYoygzwICaliysEmiMH+aU9A7AHi03dMciAA4jhS
EGWlP7FCCqiQ0Pw/CpJMbfK1FgBm5yJqKoqP6PNRn8n+dlHA65jJEFhoAbNFABlU
1ewGeqyb/s8S+2fYH6Raoh55U7LBCvxey+9AFWzOpBHq57puOEROKxNPOu5w4Zhm
ZlQVmTKeKj1mHi1CuqzgKBWu5+jqSJFV1R0LAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU1cPx290vKdQbl6qu3wsrivXTrT0wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvMWNQeDI5MHZLZFFibDZxdTN3c3Jp
dlhUclQwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAm9DNDAN
BgkqhkiG9w0BAQsFAAOCAQEAcjvq4rFhA4uizPbjO+jxGqs+mz/gWzLUDyPhxCdc
HWfqY2q1Jl39UR9fvGP86ymLvu0xmEMufrkU1Vm1L2kaetJIjurhGCQgrlWNwALm
pKp4yJh81Q2JXOeMKUXzxHVsTDUpHJDG0Dm0x9etWX6N03Bli7M4mXkrCYs1cXpH
gROldAWgun6dU0lHdv25FoKptNdk5xqGwjNw/VFW+GhfouuGGKDiZATM7KCE7nK4
a9KOR7f0q8QU0Emwgo7t7vSBaM7G3h/U1hgZd37LTdW2FsEW/fYAFIDfKUZfmy1D
juq8KyKaG4GdWPVU376AjKIipFixxZN9MHgzMnv+t5OxMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org