Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/3SMUR6TrSFY7jdX5XWeLdJ2cRXc.roa
File: 3SMUR6TrSFY7jdX5XWeLdJ2cRXc.roa (raw, json)
Hash identifier: RVY3imZs7y/7SURc3vrwoDutM7Dn11wfIVUyVtLPbU4=
Subject key identifier: DD:23:14:47:A4:EB:48:56:3B:8D:D5:F9:5D:67:8B:74:9D:9C:45:77
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/3SMUR6TrSFY7jdX5XWeLdJ2cRXc.roa
Signing time: Thu 15 Sep 2022 02:37:25 +0000
ROA not before: Thu 15 Sep 2022 02:37:25 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.72.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:25 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DD231447A4EB48563B8DD5F95D678B749D9C4577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:af:2d:07:b7:42:b6:ae:2e:11:b3:28:1e:76:
d9:89:f6:fe:d6:73:d2:7c:bf:94:a2:7e:b7:19:31:
16:5c:b3:26:3e:ca:6a:9a:86:6b:7d:61:f4:f6:90:
b0:68:76:22:1b:3e:c9:c1:72:73:3c:ee:53:a5:92:
a5:99:99:e1:a0:a6:33:2f:23:67:15:5c:fc:79:7a:
ea:f2:93:94:e0:4f:a8:1d:1e:b2:27:67:73:b4:6d:
26:99:4e:00:dc:69:fc:f2:91:26:75:eb:5c:96:11:
8b:51:74:5c:05:83:49:7b:f0:b9:9c:f9:38:51:dd:
05:1a:9d:72:b4:6d:fc:97:37:53:7a:a5:88:2c:7e:
5e:30:3d:09:54:34:1e:91:ed:6a:19:c7:1a:9d:1b:
f0:16:9c:36:38:d9:3f:62:eb:2c:25:88:ab:5d:bb:
f4:29:a0:88:5a:9a:66:ba:35:e5:c4:c0:7f:90:09:
dc:a0:5c:ee:32:82:7d:24:55:0d:55:80:3f:fb:c1:
df:91:c9:42:17:29:cb:95:37:19:43:9b:2d:59:56:
06:f0:26:87:71:9d:90:dc:5f:1e:3f:77:7a:10:90:
ba:37:cb:10:65:d0:e0:d4:f6:34:76:2c:29:97:3e:
80:8e:53:12:a7:17:53:bf:b7:51:cd:28:a9:fc:29:
35:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:23:14:47:A4:EB:48:56:3B:8D:D5:F9:5D:67:8B:74:9D:9C:45:77
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/3SMUR6TrSFY7jdX5XWeLdJ2cRXc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.72.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:8a:d2:fd:32:fb:17:30:a2:62:b9:77:21:4c:43:51:03:f0:
be:0c:fd:ca:94:83:16:79:99:28:9e:c0:5d:1e:bc:4a:39:b5:
a0:6a:89:dd:da:96:f3:de:5e:21:1c:57:33:5e:25:26:76:1a:
9e:49:aa:36:a4:44:19:4a:88:54:0a:df:73:ff:28:14:f0:17:
ba:d2:63:c0:42:a9:c6:1f:a5:f1:3f:59:38:64:c0:42:e6:6a:
5b:21:6c:92:0e:f2:d8:6f:94:71:e0:c2:87:37:06:81:8d:68:
9e:d5:45:03:a1:75:9c:27:60:63:2a:3d:e0:55:c6:92:1c:0b:
ca:b3:41:6b:01:d8:1b:ee:a6:21:44:f0:09:75:11:20:e4:57:
c1:00:ea:93:1d:43:1e:5d:2b:2a:69:56:05:64:5c:5b:43:f6:
0f:a2:83:61:fd:cb:5a:d7:8a:6f:76:4f:8f:a1:1b:0a:ba:fa:
5a:4a:b4:2d:e5:bf:15:45:94:e4:6c:1c:0e:ba:47:ae:15:b8:
2a:96:ca:95:57:f2:aa:18:3c:92:53:80:4a:be:6a:1e:ea:2a:
59:b7:ab:33:d7:14:eb:7d:82:b1:2e:02:e2:20:e0:3a:08:2a:
8a:9a:85:8e:7c:41:c8:8e:99:e0:c9:3f:fb:95:6d:5e:89:f7:
c7:c0:ee:2b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEREMjMxNDQ3QTRFQjQ4
NTYzQjhERDVGOTVENjc4Qjc0OUQ5QzQ1NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwry0Ht0K2ri4RsygedtmJ9v7Wc9J8v5SifrcZMRZcsyY+ymqa
hmt9YfT2kLBodiIbPsnBcnM87lOlkqWZmeGgpjMvI2cVXPx5euryk5TgT6gdHrIn
Z3O0bSaZTgDcafzykSZ161yWEYtRdFwFg0l78Lmc+ThR3QUanXK0bfyXN1N6pYgs
fl4wPQlUNB6R7WoZxxqdG/AWnDY42T9i6ywliKtdu/QpoIhamma6NeXEwH+QCdyg
XO4ygn0kVQ1VgD/7wd+RyUIXKcuVNxlDmy1ZVgbwJodxnZDcXx4/d3oQkLo3yxBl
0ODU9jR2LCmXPoCOUxKnF1O/t1HNKKn8KTWTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3SMUR6TrSFY7jdX5XWeLdJ2cRXcwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvM1NNVVI2VHJTRlk3amRYNVhXZUxk
SjJjUlhjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+SDAN
BgkqhkiG9w0BAQsFAAOCAQEAPorS/TL7FzCiYrl3IUxDUQPwvgz9ypSDFnmZKJ7A
XR68Sjm1oGqJ3dqW895eIRxXM14lJnYankmqNqREGUqIVArfc/8oFPAXutJjwEKp
xh+l8T9ZOGTAQuZqWyFskg7y2G+UceDChzcGgY1ontVFA6F1nCdgYyo94FXGkhwL
yrNBawHYG+6mIUTwCXURIORXwQDqkx1DHl0rKmlWBWRcW0P2D6KDYf3LWteKb3ZP
j6EbCrr6Wkq0LeW/FUWU5GwcDrpHrhW4KpbKlVfyqhg8klOASr5qHuoqWberM9cU
632CsS4C4iDgOggqipqFjnxByI6Z4Mk/+5VtXon3x8DuKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org