Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/3MMrK6KE3lxFWxq6uRnfwvdw8u8.roa
File: 3MMrK6KE3lxFWxq6uRnfwvdw8u8.roa (raw, json)
Hash identifier: X8VQZR7XNOCf8SsY8fs7sSfVcyWP2Kc6usfcxDtTJ8o=
Subject key identifier: DC:C3:2B:2B:A2:84:DE:5C:45:5B:1A:BA:B9:19:DF:C2:F7:70:F2:EF
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0B28
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/3MMrK6KE3lxFWxq6uRnfwvdw8u8.roa
Signing time: Thu 16 Dec 2021 06:53:11 +0000
ROA not before: Thu 16 Dec 2021 06:53:11 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 203.222.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2856 (0xb28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:53:11 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DCC32B2BA284DE5C455B1ABAB919DFC2F770F2EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6d:2b:d6:9a:6b:d9:44:13:dc:33:2a:37:27:
8e:9c:fe:64:e6:20:27:bf:5c:ed:54:72:83:17:cb:
a6:9f:8b:15:f3:fe:db:5e:c6:00:05:6a:d6:1f:3e:
59:7e:e8:86:f0:c6:9c:78:26:ba:1b:85:97:83:0e:
d1:81:59:32:1f:e5:64:e9:f4:06:40:48:f0:75:30:
40:b1:44:dd:59:6a:6e:c4:e0:51:b8:b7:6e:89:3c:
d6:df:59:23:12:58:95:b1:29:88:50:1a:c9:7b:a3:
ee:ec:0a:f5:d8:19:85:5b:cb:fd:a1:c0:c8:bb:f3:
d5:65:25:f0:36:a4:b4:76:ad:34:ef:ee:bb:00:01:
b3:05:52:37:36:72:c7:37:ab:b8:73:ba:67:17:d5:
0e:5e:80:03:9e:f9:77:03:85:8c:78:05:98:dc:aa:
75:9d:36:f8:f1:35:cd:95:4f:4e:5e:9e:b8:93:bf:
61:73:37:39:bd:21:d1:7c:0f:fc:ed:6f:d2:46:23:
f6:f5:18:d3:c2:4a:0d:04:5a:7e:72:b0:58:6e:dc:
cc:ae:0e:17:f2:72:f3:57:9c:95:15:95:25:2a:ac:
86:cb:ed:2c:39:2f:21:cf:2f:d0:bd:36:ee:97:fe:
3f:91:a2:e6:15:d3:87:da:e4:1c:26:02:db:7e:b3:
44:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C3:2B:2B:A2:84:DE:5C:45:5B:1A:BA:B9:19:DF:C2:F7:70:F2:EF
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/3MMrK6KE3lxFWxq6uRnfwvdw8u8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.12.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:c5:a1:b6:4c:15:1c:66:80:2b:7b:c2:89:c8:d1:15:e3:48:
b3:ad:1f:32:6b:b3:eb:9e:53:84:53:f2:ba:e7:c1:58:15:51:
05:87:17:f4:95:81:bf:57:2a:52:6e:5b:da:63:63:09:c2:11:
86:e5:71:80:13:9a:23:da:12:fa:30:ca:7d:30:80:50:fb:ec:
e0:16:a3:8d:0a:91:60:6a:82:cf:ce:3a:63:b3:e3:0e:c5:e0:
47:9b:a2:03:c6:72:ba:0a:48:0a:c2:4c:e4:b9:6b:ba:5a:17:
ef:5a:ec:a3:da:fd:7a:2e:aa:c9:0d:18:e0:fe:08:48:df:f8:
8e:0c:a6:c5:55:84:39:56:40:5a:23:dc:b9:8c:33:f3:3e:de:
99:81:a3:77:10:cf:e3:26:e7:ca:5f:e8:5f:af:a7:c0:fe:75:
7c:67:56:49:f3:b4:48:c2:66:4c:df:b9:5a:dd:e2:c3:80:8e:
e7:bc:3e:b9:a9:7e:01:79:6c:e4:18:85:c3:3e:48:b6:e3:b0:
61:dd:10:eb:d5:9c:2b:ef:f0:e8:d3:14:ff:7c:dd:2c:af:6d:
73:50:0e:23:30:55:4c:b5:48:30:98:ce:b5:7c:7d:56:6c:a3:
73:74:42:0e:7c:92:39:90:2e:49:dc:5e:27:02:9a:67:92:66:
19:81:b5:bd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCygwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjUzMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERDQzMyQjJCQTI4NERF
NUM0NTVCMUFCQUI5MTlERkMyRjc3MEYyRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDibSvWmmvZRBPcMyo3J46c/mTmICe/XO1UcoMXy6afixXz/tte
xgAFatYfPll+6Ibwxpx4JrobhZeDDtGBWTIf5WTp9AZASPB1MECxRN1Zam7E4FG4
t26JPNbfWSMSWJWxKYhQGsl7o+7sCvXYGYVby/2hwMi789VlJfA2pLR2rTTv7rsA
AbMFUjc2csc3q7hzumcX1Q5egAOe+XcDhYx4BZjcqnWdNvjxNc2VT05enriTv2Fz
Nzm9IdF8D/ztb9JGI/b1GNPCSg0EWn5ysFhu3MyuDhfycvNXnJUVlSUqrIbL7Sw5
LyHPL9C9Nu6X/j+RouYV04fa5BwmAtt+s0THAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3MMrK6KE3lxFWxq6uRnfwvdw8u8wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvM01Ncks2S0UzbHhGV3hxNnVSbmZ3
dmR3OHU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveDDAN
BgkqhkiG9w0BAQsFAAOCAQEAtcWhtkwVHGaAK3vCicjRFeNIs60fMmuz655ThFPy
uufBWBVRBYcX9JWBv1cqUm5b2mNjCcIRhuVxgBOaI9oS+jDKfTCAUPvs4BajjQqR
YGqCz846Y7PjDsXgR5uiA8ZyugpICsJM5LlruloX71rso9r9ei6qyQ0Y4P4ISN/4
jgymxVWEOVZAWiPcuYwz8z7emYGjdxDP4ybnyl/oX6+nwP51fGdWSfO0SMJmTN+5
Wt3iw4CO57w+ual+AXls5BiFwz5ItuOwYd0Q69WcK+/w6NMU/3zdLK9tc1AOIzBV
TLVIMJjOtXx9Vmyjc3RCDnySOZAuSdxeJwKaZ5JmGYG1vQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org