Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/3YfqYmaZRpY6MILWp4zInkv7RM4.roa
File: 3YfqYmaZRpY6MILWp4zInkv7RM4.roa (raw, json)
Hash identifier: n7Az/GmFgq3c6Fq5ygPhibZkr2ltdraLQec4FCFyhPo=
Subject key identifier: DD:87:EA:62:66:99:46:96:3A:30:82:D6:A7:8C:C8:9E:4B:FB:44:CE
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0B20
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/3YfqYmaZRpY6MILWp4zInkv7RM4.roa
Signing time: Thu 16 Dec 2021 06:49:45 +0000
ROA not before: Thu 16 Dec 2021 06:49:45 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 203.222.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2848 (0xb20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:49:45 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DD87EA62669946963A3082D6A78CC89E4BFB44CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:15:27:2b:fa:22:41:6e:d7:70:d9:85:c6:86:
25:6e:ab:a3:5d:f8:7c:00:20:93:6f:96:af:ec:9c:
d2:63:86:63:f5:74:14:9e:a9:64:4d:70:dd:d6:7d:
f3:8f:07:06:c9:ae:6c:2f:68:a1:47:e0:e2:5e:d2:
63:2d:52:5b:ed:de:88:bf:c6:18:60:56:53:21:b7:
30:91:5a:48:15:c7:87:ad:bc:a2:ae:ef:5e:26:c3:
61:79:f6:77:c4:28:66:63:48:57:4f:fc:02:51:31:
66:97:6d:81:96:f5:15:fd:8c:82:39:40:3b:74:7f:
d1:32:4e:67:c9:8c:20:06:3b:9f:b8:d5:19:56:13:
99:95:7c:36:1e:1b:fc:19:9b:3b:32:fb:4b:c0:90:
8b:53:68:b4:7e:ea:f2:7c:f0:d1:d7:25:ca:d7:1c:
c0:b9:75:ea:e9:7f:b1:f6:3c:d5:a8:52:cf:a2:84:
8a:c5:dc:63:c7:13:f7:82:26:f9:0f:6f:aa:b9:82:
99:58:6e:14:3c:97:de:22:40:40:b7:9b:4f:60:9b:
a2:e0:80:3f:ab:b3:63:cc:b6:06:14:79:e2:79:bb:
54:2e:a7:db:bc:3b:01:74:c2:85:40:34:34:98:13:
6a:58:17:ec:f2:c0:5c:c5:13:b6:43:78:90:74:ae:
e1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:87:EA:62:66:99:46:96:3A:30:82:D6:A7:8C:C8:9E:4B:FB:44:CE
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/3YfqYmaZRpY6MILWp4zInkv7RM4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.0.0/22
Signature Algorithm: sha256WithRSAEncryption
30:21:eb:44:0c:67:ae:68:09:53:10:05:48:3b:95:7a:b0:95:
1d:d9:ee:56:64:78:b0:06:ea:d7:88:62:d3:6b:2a:11:93:6c:
3a:a1:2d:8a:33:4c:a1:fb:d4:a0:a2:ac:7a:3d:de:de:2c:57:
66:a1:81:e0:12:75:5f:d3:12:31:2a:78:c1:39:61:d4:ca:66:
3e:68:ee:52:ba:cf:de:d0:8a:7d:17:3f:48:a4:95:1b:a8:dc:
56:11:70:00:ad:dd:89:12:e1:39:c1:d0:d0:9d:fe:f5:75:6a:
2e:21:77:08:65:aa:e6:ad:16:5c:a0:43:b3:2a:6b:79:1c:b6:
c0:c9:85:b3:1e:c9:6f:96:25:4b:84:62:0d:92:0b:02:c4:fe:
8f:3b:a6:df:57:24:64:7d:c5:ea:73:e5:79:fe:f8:84:50:e9:
dc:fb:bc:f5:e0:3b:b7:55:d6:e1:65:47:0e:06:51:b7:6a:1f:
a9:dd:25:68:0d:2e:df:49:c3:b3:16:13:1d:cd:93:c3:19:a5:
57:45:09:df:09:63:c1:33:a5:6c:4f:5f:02:d2:5f:1c:b0:b2:
0e:31:d3:15:22:3a:68:dc:d7:35:eb:d3:3f:1d:b5:5b:ad:c8:
85:25:2f:eb:36:a5:63:82:0f:1c:bd:9b:2e:f3:34:b9:c7:79:
23:dc:33:1f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCyAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjQ5NDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEREODdFQTYyNjY5OTQ2
OTYzQTMwODJENkE3OENDODlFNEJGQjQ0Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfFScr+iJBbtdw2YXGhiVuq6Nd+HwAIJNvlq/snNJjhmP1dBSe
qWRNcN3WffOPBwbJrmwvaKFH4OJe0mMtUlvt3oi/xhhgVlMhtzCRWkgVx4etvKKu
714mw2F59nfEKGZjSFdP/AJRMWaXbYGW9RX9jII5QDt0f9EyTmfJjCAGO5+41RlW
E5mVfDYeG/wZmzsy+0vAkItTaLR+6vJ88NHXJcrXHMC5derpf7H2PNWoUs+ihIrF
3GPHE/eCJvkPb6q5gplYbhQ8l94iQEC3m09gm6LggD+rs2PMtgYUeeJ5u1Qup9u8
OwF0woVANDSYE2pYF+zywFzFE7ZDeJB0ruEJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3YfqYmaZRpY6MILWp4zInkv7RM4wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvM1lmcVltYVpScFk2TUlMV3A0eklu
a3Y3Uk00LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveADAN
BgkqhkiG9w0BAQsFAAOCAQEAMCHrRAxnrmgJUxAFSDuVerCVHdnuVmR4sAbq14hi
02sqEZNsOqEtijNMofvUoKKsej3e3ixXZqGB4BJ1X9MSMSp4wTlh1MpmPmjuUrrP
3tCKfRc/SKSVG6jcVhFwAK3diRLhOcHQ0J3+9XVqLiF3CGWq5q0WXKBDsypreRy2
wMmFsx7Jb5YlS4RiDZILAsT+jzum31ckZH3F6nPlef74hFDp3Pu89eA7t1XW4WVH
DgZRt2ofqd0laA0u30nDsxYTHc2TwxmlV0UJ3wljwTOlbE9fAtJfHLCyDjHTFSI6
aNzXNevTPx21W63IhSUv6zalY4IPHL2bLvM0ucd5I9wzHw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:00 2023 by rpki-client on console-fra.rpki-client.org