Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/D-jh5GiDcU12vd-p6NW4N94ZuLQ.roa
File: D-jh5GiDcU12vd-p6NW4N94ZuLQ.roa (raw, json)
Hash identifier: vLDKtF36ci4FPHIFtu2eIIiaysEAEXJjSqoKC0IKqOo=
Subject key identifier: 0F:E8:E1:E4:68:83:71:4D:76:BD:DF:A9:E8:D5:B8:37:DE:19:B8:B4
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CEF
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/D-jh5GiDcU12vd-p6NW4N94ZuLQ.roa
Signing time: Wed 26 Apr 2023 10:31:22 +0000
ROA not before: Wed 26 Apr 2023 10:31:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 113.61.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3311 (0xcef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:22 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0FE8E1E46883714D76BDDFA9E8D5B837DE19B8B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:36:77:6c:4e:c8:3e:5b:d6:77:27:dc:c7:cb:
f4:f2:89:2f:1c:ab:94:2f:2c:80:fc:93:cc:9a:61:
d3:50:80:b9:d1:85:b0:93:b7:5a:02:cb:76:7b:ad:
e7:69:81:66:4c:b2:ec:48:f1:d1:2f:1d:a7:8e:73:
78:2f:9d:e4:3f:9c:36:4d:9a:17:de:ce:ce:73:69:
2c:c1:84:e6:14:38:97:07:d0:8b:a8:e0:ce:77:bb:
93:fa:94:6e:48:ce:0f:f3:a9:1a:e4:90:ed:92:44:
50:f6:88:46:11:95:71:5b:58:60:bd:e5:96:db:32:
b1:67:98:2e:df:47:14:cc:39:17:19:e7:81:da:e7:
0a:b0:c2:52:36:6b:c4:c1:04:e5:09:36:26:4f:ec:
fb:4c:f0:fc:fc:64:3e:bd:b0:32:57:99:14:8d:13:
de:72:3a:0d:59:7d:98:3a:ca:db:ec:73:77:67:06:
11:9f:65:96:62:ed:36:49:f7:03:bd:63:c3:c1:16:
fa:e1:f1:e8:01:b3:d2:91:9b:57:c8:c5:a9:3b:50:
51:76:77:3b:75:a1:4c:f1:1d:37:47:53:b8:7a:ad:
a0:7a:c6:1b:b7:9a:2a:05:e6:69:8e:49:e3:66:b8:
c1:cf:51:69:dc:11:5a:57:4d:7c:f3:74:37:af:e2:
af:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E8:E1:E4:68:83:71:4D:76:BD:DF:A9:E8:D5:B8:37:DE:19:B8:B4
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/D-jh5GiDcU12vd-p6NW4N94ZuLQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.61.168.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:3a:3f:42:c9:31:16:6a:4d:50:7b:bf:82:ef:e4:eb:9b:f1:
45:a2:5d:3e:dd:9c:2a:6c:8f:ee:d9:54:69:3d:46:4a:53:62:
ae:36:2b:fc:23:c6:e2:9c:0f:7a:62:9c:cf:70:60:c4:20:fc:
20:67:3d:30:8a:1c:90:4c:5d:66:db:1c:ff:2d:5f:c2:ff:a5:
66:da:ed:81:14:21:fb:b5:3d:c2:4a:a5:a4:1e:25:6a:04:b5:
1d:01:0c:a1:a8:54:13:8d:e2:b0:a6:74:a7:2f:8e:1e:1f:95:
e2:cc:db:3d:73:7f:fd:89:44:07:e7:de:68:28:6c:07:8d:e9:
57:cd:21:1b:4b:1e:f4:62:40:e2:e3:73:77:c0:ee:67:19:f3:
af:38:71:25:b8:eb:9d:b5:33:d1:1e:67:bb:a7:c9:5b:c9:25:
23:15:80:ff:2f:79:f5:b3:4e:88:82:77:11:f2:a0:8d:a5:2e:
ef:0b:da:40:be:e1:4c:86:1c:f6:7c:d3:59:7e:9f:a4:ef:cb:
58:e7:4c:1d:b1:06:12:a6:5c:ba:d7:b1:5c:46:a1:e2:2c:1d:
bf:07:fb:6f:8f:83:17:f0:4e:1f:fb:80:af:98:56:4f:80:c6:
0d:68:90:8c:82:c8:90:11:84:cf:b4:11:8a:27:26:b5:56:98:
4b:7e:a5:6a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBGRThFMUU0Njg4Mzcx
NEQ3NkJEREZBOUU4RDVCODM3REUxOUI4QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKNndsTsg+W9Z3J9zHy/TyiS8cq5QvLID8k8yaYdNQgLnRhbCT
t1oCy3Z7redpgWZMsuxI8dEvHaeOc3gvneQ/nDZNmhfezs5zaSzBhOYUOJcH0Iuo
4M53u5P6lG5Izg/zqRrkkO2SRFD2iEYRlXFbWGC95ZbbMrFnmC7fRxTMORcZ54Ha
5wqwwlI2a8TBBOUJNiZP7PtM8Pz8ZD69sDJXmRSNE95yOg1ZfZg6ytvsc3dnBhGf
ZZZi7TZJ9wO9Y8PBFvrh8egBs9KRm1fIxak7UFF2dzt1oUzxHTdHU7h6raB6xhu3
mioF5mmOSeNmuMHPUWncEVpXTXzzdDev4q9FAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUD+jh5GiDcU12vd+p6NW4N94ZuLQwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvRC1qaDVHaURjVTEydmQtcDZOVzRO
OTRadUxRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHE9qDAN
BgkqhkiG9w0BAQsFAAOCAQEAHzo/QskxFmpNUHu/gu/k65vxRaJdPt2cKmyP7tlU
aT1GSlNirjYr/CPG4pwPemKcz3BgxCD8IGc9MIockExdZtsc/y1fwv+lZtrtgRQh
+7U9wkqlpB4lagS1HQEMoahUE43isKZ0py+OHh+V4szbPXN//YlEB+feaChsB43p
V80hG0se9GJA4uNzd8DuZxnzrzhxJbjrnbUz0R5nu6fJW8klIxWA/y959bNOiIJ3
EfKgjaUu7wvaQL7hTIYc9nzTWX6fpO/LWOdMHbEGEqZcutexXEah4iwdvwf7b4+D
F/BOH/uAr5hWT4DGDWiQjILIkBGEz7QRiicmtVaYS36lag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org