Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/4YfxGGPskYKAL-9RIaw7impxwmM.roa
File: 4YfxGGPskYKAL-9RIaw7impxwmM.roa (raw, json)
Hash identifier: xPomzbbuyjfNKr+QRSycvuoK8QKT1Rm1jfBdflURCNs=
Subject key identifier: E1:87:F1:18:63:EC:91:82:80:2F:EF:51:21:AC:3B:8A:6A:71:C2:63
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D06
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/4YfxGGPskYKAL-9RIaw7impxwmM.roa
Signing time: Wed 26 Apr 2023 10:31:27 +0000
ROA not before: Wed 26 Apr 2023 10:31:27 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.222.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3334 (0xd06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:27 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E187F11863EC9182802FEF5121AC3B8A6A71C263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2a:80:75:16:32:f7:ab:80:62:71:b8:4a:a9:
e5:9d:6f:ef:5c:10:d9:0c:0f:44:02:5b:0f:38:ce:
44:bd:c7:92:c7:b2:af:db:04:0b:55:9a:c6:5b:cb:
1f:72:01:52:9e:8f:99:a6:84:4b:10:1f:be:79:b6:
6d:ff:3e:dc:ce:79:3e:ce:c1:3c:f4:94:ef:aa:40:
a3:4a:61:06:06:7c:9f:21:d2:ce:72:a3:7b:ac:82:
8a:85:6c:5f:03:2f:90:6b:05:1a:2e:f9:fd:64:50:
c4:f2:b7:43:65:73:90:a5:18:46:de:82:72:ca:b0:
c8:56:fd:8f:c3:2d:46:55:ab:4e:80:ec:23:8d:ee:
7b:8a:09:47:3b:c3:a7:60:50:1f:10:16:3b:68:a3:
84:a6:a2:d2:ed:6f:99:5d:5b:f7:f9:b5:a4:0a:27:
a6:c7:c1:55:05:75:66:04:d4:5c:41:d6:0f:88:de:
bd:22:3e:0d:c0:99:7a:ad:97:7f:87:0c:d0:fe:f5:
6c:31:22:3d:29:39:c9:43:29:5f:7a:55:a4:b4:2a:
c2:91:f4:92:89:21:b7:d0:13:a3:b8:46:f3:9d:6b:
de:18:de:ef:d0:16:38:bd:ee:bc:38:4b:92:3e:1f:
38:ab:0f:4f:25:f8:28:4d:05:3b:7b:cf:02:9e:f8:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:87:F1:18:63:EC:91:82:80:2F:EF:51:21:AC:3B:8A:6A:71:C2:63
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/4YfxGGPskYKAL-9RIaw7impxwmM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:00:18:d5:ca:64:61:83:8c:df:0f:78:46:0e:34:fa:03:64:
12:b7:d2:eb:0f:92:ef:1c:a2:48:e3:4b:ee:fb:38:08:89:b2:
50:78:31:33:0a:55:da:bd:ae:76:ab:0d:a1:8a:dc:de:32:1f:
d7:79:7d:a5:d8:3d:83:6e:f1:f7:d1:0e:f0:11:60:71:f3:70:
91:68:80:19:89:91:71:e1:2c:23:63:25:70:46:d9:62:1a:55:
f3:7a:69:07:91:2f:fe:77:1c:6c:90:41:20:e6:43:d1:6a:5f:
31:2a:c3:49:88:88:3b:2e:26:b8:9e:ae:0e:a1:86:a5:40:2e:
7e:64:47:ed:ff:bc:87:2e:3d:ab:b9:6d:b4:c9:20:1e:71:a4:
80:29:7d:e2:93:d8:d9:14:f7:b1:9c:91:46:d4:e7:da:9c:a5:
51:15:1c:40:21:4f:a9:49:24:44:f7:b4:2c:b0:ab:2d:29:49:
ad:25:7f:66:59:45:49:85:dd:46:5f:5a:d1:5d:9d:57:ea:e8:
61:10:91:92:8a:95:9f:34:a6:8a:1d:e5:db:98:7e:3a:8a:46:
e1:70:85:51:0b:d1:6f:f5:0f:2a:64:8a:3c:d9:fe:91:14:e0:
85:db:40:c3:4d:02:a1:53:3d:80:f1:d1:61:ad:a7:9a:70:c6:
10:02:fe:4a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUxODdGMTE4NjNFQzkx
ODI4MDJGRUY1MTIxQUMzQjhBNkE3MUMyNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxKoB1FjL3q4BicbhKqeWdb+9cENkMD0QCWw84zkS9x5LHsq/b
BAtVmsZbyx9yAVKej5mmhEsQH755tm3/PtzOeT7OwTz0lO+qQKNKYQYGfJ8h0s5y
o3usgoqFbF8DL5BrBRou+f1kUMTyt0Nlc5ClGEbegnLKsMhW/Y/DLUZVq06A7CON
7nuKCUc7w6dgUB8QFjtoo4SmotLtb5ldW/f5taQKJ6bHwVUFdWYE1FxB1g+I3r0i
Pg3AmXqtl3+HDND+9WwxIj0pOclDKV96VaS0KsKR9JKJIbfQE6O4RvOda94Y3u/Q
Fji97rw4S5I+HzirD08l+ChNBTt7zwKe+CMpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU4YfxGGPskYKAL+9RIaw7impxwmMwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvNFlmeEdHUHNrWUtBTC05Uklhdzdp
bXB4d21NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcveADAN
BgkqhkiG9w0BAQsFAAOCAQEAbQAY1cpkYYOM3w94Rg40+gNkErfS6w+S7xyiSONL
7vs4CImyUHgxMwpV2r2udqsNoYrc3jIf13l9pdg9g27x99EO8BFgcfNwkWiAGYmR
ceEsI2MlcEbZYhpV83ppB5Ev/nccbJBBIOZD0WpfMSrDSYiIOy4muJ6uDqGGpUAu
fmRH7f+8hy49q7lttMkgHnGkgCl94pPY2RT3sZyRRtTn2pylURUcQCFPqUkkRPe0
LLCrLSlJrSV/ZllFSYXdRl9a0V2dV+roYRCRkoqVnzSmih3l25h+OopG4XCFUQvR
b/UPKmSKPNn+kRTghdtAw00CoVM9gPHRYa2nmnDGEAL+Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org