Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/3TcyyJjZ_y4IA82RceQSBRmT8qM.roa
File: 3TcyyJjZ_y4IA82RceQSBRmT8qM.roa (raw, json)
Hash identifier: 6RKxb1CR6RPpJDfMHwnIU4sZSV3BS0e5AJQRd4tW90w=
Subject key identifier: DD:37:32:C8:98:D9:FF:2E:08:03:CD:91:71:E4:12:05:19:93:F2:A3
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CA3
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/3TcyyJjZ_y4IA82RceQSBRmT8qM.roa
Signing time: Wed 26 Apr 2023 05:50:46 +0000
ROA not before: Wed 26 Apr 2023 05:50:46 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 27.96.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3235 (0xca3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 05:50:46 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DD3732C898D9FF2E0803CD9171E412051993F2A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:67:52:15:5e:ec:80:6e:af:61:c0:ff:79:e0:
90:d7:a5:06:a6:8b:39:c3:91:3d:a3:d4:2f:14:c6:
ff:35:f5:4b:ce:53:ae:e3:2a:ba:f5:6b:6b:59:43:
70:8e:05:ff:99:d4:e0:94:db:9e:e5:86:22:73:b3:
94:2f:41:07:b7:7e:43:c4:97:fc:32:2b:09:06:fe:
1b:1a:cb:81:9e:06:48:23:17:ce:e8:d0:5b:0b:0e:
f1:2c:49:15:a3:b4:02:fa:d7:76:b5:ea:ff:59:db:
50:ff:bb:7c:fe:2c:2f:a6:60:0a:37:21:0f:d1:32:
43:de:28:99:70:16:0e:62:9b:6c:b6:4f:d2:62:c4:
45:10:22:4a:59:e0:e4:29:cd:57:05:cf:26:c6:7b:
67:ae:fd:61:ae:4e:03:ca:1a:3e:c7:1f:bb:d7:a9:
49:4f:a9:bb:96:b4:41:40:f0:e9:9d:81:9a:fc:ad:
f3:4a:07:9d:c9:7a:60:1c:82:e5:6b:45:fa:b1:be:
c6:2c:d6:35:5c:fb:f0:4d:85:06:9f:1b:51:c7:ac:
41:34:31:f6:ea:dd:4d:18:74:78:92:d5:d5:06:d9:
1b:0e:b5:4f:9d:20:1a:f4:bd:a2:2d:ed:e3:cd:0f:
0a:c6:67:b6:32:7e:9f:16:d9:ec:1a:1e:06:49:93:
5f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:37:32:C8:98:D9:FF:2E:08:03:CD:91:71:E4:12:05:19:93:F2:A3
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/3TcyyJjZ_y4IA82RceQSBRmT8qM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.224.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:a1:1d:ef:b5:ee:0e:60:8c:20:3a:08:06:25:5c:ee:d8:32:
01:40:1a:6a:7e:73:07:b6:64:40:b2:c6:84:12:66:94:6e:98:
45:2a:1c:6c:a5:c3:25:29:93:23:a6:62:df:6b:75:12:7f:51:
89:30:0b:78:b7:43:0b:49:92:44:0f:29:a9:98:75:70:dd:17:
c9:bd:c6:c5:68:b3:5c:38:56:bf:26:d7:f3:09:e2:c5:cb:c5:
a8:2c:47:c9:6e:04:ea:26:fb:1e:97:95:4d:3d:8a:51:94:a9:
e4:ce:f1:8a:eb:d4:e3:42:25:f3:b5:51:59:8b:f8:69:9a:33:
10:de:22:68:da:04:c8:52:5c:b2:cd:8d:55:72:9e:c5:3d:ba:
4e:d9:76:11:b7:3e:22:a6:2e:04:27:79:9a:0e:86:be:6c:4f:
5c:6c:8c:80:3e:ab:59:3e:34:30:45:28:fa:3b:30:bb:f0:dd:
a2:18:9e:6b:1e:01:5e:ba:4c:69:3b:22:0d:df:14:57:79:ce:
8b:e4:1f:0f:d3:8f:76:a3:3d:38:9b:42:70:0b:ab:13:6f:3e:
fb:bf:35:5c:35:79:80:e8:74:7b:d9:e2:46:11:0b:3c:b3:a8:
33:07:ee:80:4a:36:1a:a7:70:38:da:82:38:f4:89:8e:64:52:
67:eb:c8:01
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NTUwNDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEREMzczMkM4OThEOUZG
MkUwODAzQ0Q5MTcxRTQxMjA1MTk5M0YyQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWZ1IVXuyAbq9hwP954JDXpQamiznDkT2j1C8Uxv819UvOU67j
Krr1a2tZQ3COBf+Z1OCU257lhiJzs5QvQQe3fkPEl/wyKwkG/hsay4GeBkgjF87o
0FsLDvEsSRWjtAL613a16v9Z21D/u3z+LC+mYAo3IQ/RMkPeKJlwFg5im2y2T9Ji
xEUQIkpZ4OQpzVcFzybGe2eu/WGuTgPKGj7HH7vXqUlPqbuWtEFA8OmdgZr8rfNK
B53JemAcguVrRfqxvsYs1jVc+/BNhQafG1HHrEE0Mfbq3U0YdHiS1dUG2RsOtU+d
IBr0vaIt7ePNDwrGZ7Yyfp8W2ewaHgZJk1+1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3TcyyJjZ/y4IA82RceQSBRmT8qMwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvM1RjeXlKalpfeTRJQTgyUmNlUVNC
Um1UOHFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg4DAN
BgkqhkiG9w0BAQsFAAOCAQEApqEd77XuDmCMIDoIBiVc7tgyAUAaan5zB7ZkQLLG
hBJmlG6YRSocbKXDJSmTI6Zi32t1En9RiTALeLdDC0mSRA8pqZh1cN0Xyb3GxWiz
XDhWvybX8wnixcvFqCxHyW4E6ib7HpeVTT2KUZSp5M7xiuvU40Il87VRWYv4aZoz
EN4iaNoEyFJcss2NVXKexT26Ttl2Ebc+IqYuBCd5mg6GvmxPXGyMgD6rWT40MEUo
+jswu/Ddohieax4BXrpMaTsiDd8UV3nOi+QfD9OPdqM9OJtCcAurE28++781XDV5
gOh0e9niRhELPLOoMwfugEo2GqdwONqCOPSJjmRSZ+vIAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org