Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/BJjLnJpyfUYyG8L-GaLUgxdQVWc.roa
File: BJjLnJpyfUYyG8L-GaLUgxdQVWc.roa (raw, json)
Hash identifier: n1ZwEc7Y4uxJ8RIJk55Kp6hcZR5vpeotIp+gWI67Yb0=
Subject key identifier: 04:98:CB:9C:9A:72:7D:46:32:1B:C2:FE:19:A2:D4:83:17:50:55:67
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CF3
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/BJjLnJpyfUYyG8L-GaLUgxdQVWc.roa
Signing time: Wed 26 Apr 2023 10:31:23 +0000
ROA not before: Wed 26 Apr 2023 10:31:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38851
IP address blocks: 119.15.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3315 (0xcf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:23 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0498CB9C9A727D46321BC2FE19A2D48317505567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f6:9a:d3:25:52:f8:7f:41:87:24:a7:d9:82:
6a:9b:9f:c7:ec:cb:db:88:9e:24:c9:f8:46:9d:26:
4e:f5:dc:f6:ec:95:3e:d0:79:a8:66:ac:41:1b:5b:
76:35:d6:f6:85:35:05:ee:4e:0c:cf:b8:11:57:95:
9a:1d:d7:bd:87:22:10:91:5e:00:32:54:54:9c:f3:
a2:f8:9b:56:53:e7:ea:fd:c7:28:69:5d:fe:f5:7c:
46:de:b9:8f:ee:25:39:b8:d3:4d:35:a9:75:55:81:
62:e6:9a:b1:ff:87:b1:e7:26:83:f5:c7:67:06:fd:
10:02:d2:b8:2e:55:b7:e4:02:b9:2e:1a:a6:16:b1:
fb:22:9d:dd:62:24:68:80:df:52:2d:1d:27:60:a6:
17:f2:59:f0:5b:77:f8:b0:6c:59:f2:8a:ce:f5:cc:
1e:47:aa:92:9e:84:d5:cd:0d:6c:38:60:90:eb:8b:
f5:a4:3f:94:91:1b:ff:01:7c:9a:20:fd:60:d1:f7:
91:58:ad:21:ff:da:5b:ab:12:cc:d8:7a:63:50:12:
c9:60:44:ad:ce:f8:91:e6:9c:86:40:29:ef:d9:99:
ef:21:d9:32:78:63:4a:c6:07:e5:f7:dd:77:19:6c:
09:7d:c0:05:6a:ee:89:dd:99:29:f1:bf:f8:25:35:
90:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:98:CB:9C:9A:72:7D:46:32:1B:C2:FE:19:A2:D4:83:17:50:55:67
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/BJjLnJpyfUYyG8L-GaLUgxdQVWc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.200.0/21
Signature Algorithm: sha256WithRSAEncryption
21:4d:24:60:a1:94:0d:21:c5:16:c5:06:dc:ca:df:a8:eb:c6:
b6:48:c2:f1:ce:8a:b8:bf:7c:58:3d:22:f3:ba:e4:25:f0:7f:
f0:9e:6f:94:c3:1f:b3:20:48:51:af:76:11:21:39:ee:4f:18:
66:06:d8:8d:9f:c3:34:35:f2:5c:45:dc:34:01:dc:6e:2c:88:
fd:66:a0:e7:eb:4e:c2:9e:f8:aa:c3:8c:21:ce:40:b1:48:4a:
8e:db:7a:91:28:3d:48:9d:e6:4d:3b:41:a7:f2:be:47:51:72:
79:77:89:ac:e8:ce:ad:78:58:39:f5:d1:45:4c:6f:8e:08:60:
e1:9f:04:37:fd:c3:df:f8:fb:a9:bd:44:20:ed:ff:cf:7f:c4:
21:71:6d:ee:15:66:65:1d:62:1c:f7:7d:e5:13:87:fd:15:2c:
af:ea:e0:85:a1:c9:d6:e9:2b:a0:8b:80:57:59:6c:6e:59:01:
bf:30:49:57:c7:8e:92:5c:60:e0:fb:50:92:45:d6:66:c4:a1:
e8:f8:70:3d:3e:eb:8a:c6:f0:e1:c9:22:f2:ab:c1:e7:49:6d:
16:48:ce:a0:f2:26:90:79:95:55:80:9a:7f:c2:a3:7a:bf:af:
3a:5a:00:ce:35:17:b0:4d:ab:f3:83:be:5f:3f:7b:d1:92:b5:
5b:57:56:4f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA0OThDQjlDOUE3MjdE
NDYzMjFCQzJGRTE5QTJENDgzMTc1MDU1NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDt9prTJVL4f0GHJKfZgmqbn8fsy9uIniTJ+EadJk713PbslT7Q
eahmrEEbW3Y11vaFNQXuTgzPuBFXlZod172HIhCRXgAyVFSc86L4m1ZT5+r9xyhp
Xf71fEbeuY/uJTm40001qXVVgWLmmrH/h7HnJoP1x2cG/RAC0rguVbfkArkuGqYW
sfsind1iJGiA31ItHSdgphfyWfBbd/iwbFnyis71zB5HqpKehNXNDWw4YJDri/Wk
P5SRG/8BfJog/WDR95FYrSH/2lurEszYemNQEslgRK3O+JHmnIZAKe/Zme8h2TJ4
Y0rGB+X33XcZbAl9wAVq7ondmSnxv/glNZALAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUBJjLnJpyfUYyG8L+GaLUgxdQVWcwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvQkpqTG5KcHlmVVl5RzhMLUdhTFVn
eGRRVldjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3cPyDAN
BgkqhkiG9w0BAQsFAAOCAQEAIU0kYKGUDSHFFsUG3MrfqOvGtkjC8c6KuL98WD0i
87rkJfB/8J5vlMMfsyBIUa92ESE57k8YZgbYjZ/DNDXyXEXcNAHcbiyI/Wag5+tO
wp74qsOMIc5AsUhKjtt6kSg9SJ3mTTtBp/K+R1FyeXeJrOjOrXhYOfXRRUxvjghg
4Z8EN/3D3/j7qb1EIO3/z3/EIXFt7hVmZR1iHPd95ROH/RUsr+rghaHJ1ukroIuA
V1lsblkBvzBJV8eOklxg4PtQkkXWZsSh6PhwPT7risbw4cki8qvB50ltFkjOoPIm
kHmVVYCaf8Kjer+vOloAzjUXsE2r84O+Xz970ZK1W1dWTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org