Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/EIhYCQbZy0cKh9T4SoKBld_uD6E.roa
File: EIhYCQbZy0cKh9T4SoKBld_uD6E.roa (raw, json)
Hash identifier: saCmEkjDhfbSpaSZOJEK3/E4Gnulhr5RFrzltnrrY3E=
Subject key identifier: 10:88:58:09:06:D9:CB:47:0A:87:D4:F8:4A:82:81:95:DF:EE:0F:A1
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/EIhYCQbZy0cKh9T4SoKBld_uD6E.roa
Signing time: Thu 15 Sep 2022 02:37:31 +0000
ROA not before: Thu 15 Sep 2022 02:37:31 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.64.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:31 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1088580906D9CB470A87D4F84A828195DFEE0FA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:56:fb:32:29:c0:a1:9f:72:43:a5:86:77:89:
0e:e3:49:68:15:1b:1a:4c:10:19:20:c8:c1:ec:86:
30:47:68:47:16:d5:91:02:5d:ff:fe:80:71:f1:cb:
5a:ff:25:a5:49:84:3a:3c:20:d9:c5:9e:ff:81:05:
2f:b2:79:2d:d6:bc:3c:b1:3b:59:68:49:bc:08:41:
53:a4:44:06:f0:1b:a2:06:0c:3c:e0:00:21:5d:74:
08:6a:89:58:4d:36:5a:2a:e4:cd:6c:e2:bf:a6:c0:
98:93:18:86:d9:f8:fc:c0:f7:52:79:3d:f3:fb:18:
be:2c:98:fd:89:7d:ee:69:0f:1e:66:8d:56:16:2c:
99:b2:09:7e:6f:7b:da:d2:3f:1a:8a:ba:27:39:7b:
15:00:2b:81:4e:70:74:6b:43:38:99:b4:14:1a:84:
86:e5:c4:59:e0:20:7f:5b:32:3b:8b:9e:02:92:3e:
8e:2b:2f:c1:36:8c:39:95:92:7c:00:5b:96:2f:9f:
ea:ee:29:69:14:8a:3e:cd:ad:ec:ec:4a:94:d2:22:
18:23:a8:11:cd:a8:47:1b:0b:cf:02:aa:82:76:38:
21:6c:03:b7:d7:bb:8c:0b:cb:ea:9f:62:5e:e8:58:
87:59:ad:9d:d5:32:19:27:eb:aa:a0:14:a3:5e:be:
8c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:88:58:09:06:D9:CB:47:0A:87:D4:F8:4A:82:81:95:DF:EE:0F:A1
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/EIhYCQbZy0cKh9T4SoKBld_uD6E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.64.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:61:16:4d:b9:91:45:13:0e:c6:69:cb:58:81:ee:50:9c:31:
f1:e5:ef:8a:db:79:71:f7:02:8c:0d:5d:5d:fe:a6:f0:b2:ef:
8d:0f:a2:28:f0:f8:fa:44:58:0d:21:1e:5f:6d:08:ba:61:8f:
9e:16:af:3a:37:9d:6a:7d:b0:26:16:aa:77:85:4e:0e:f0:bf:
ec:46:e4:53:85:ea:a0:a4:1e:d7:ce:55:b2:dd:5e:45:c0:ff:
02:cd:8a:76:fc:9e:8d:96:5d:32:8b:a8:ba:ff:40:af:95:4c:
ca:f1:eb:67:83:e2:14:dd:e2:4a:be:40:57:bb:06:91:8c:03:
65:c5:90:5d:a2:b4:16:12:7b:39:9a:b9:a9:2c:d0:ea:0c:ab:
ae:65:87:8f:73:37:43:f5:30:d1:9a:f9:7f:9d:84:b8:12:04:
e6:54:d3:17:07:86:de:68:d8:17:a2:38:5b:06:41:cc:1f:77:
c7:17:86:16:ae:b0:e7:1f:d7:2f:f7:cd:25:6c:d3:68:9e:0b:
06:64:78:de:a1:90:03:cf:81:6e:c9:c1:de:4b:80:3b:3e:35:
44:3a:5d:65:70:3e:78:30:df:75:0b:25:5d:1a:f8:17:9b:c9:
10:a4:ab:19:10:99:95:f5:87:49:05:d7:0f:0a:e9:62:dd:4a:
10:52:d0:3b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MzFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDEwODg1ODA5MDZEOUNC
NDcwQTg3RDRGODRBODI4MTk1REZFRTBGQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAVvsyKcChn3JDpYZ3iQ7jSWgVGxpMEBkgyMHshjBHaEcW1ZEC
Xf/+gHHxy1r/JaVJhDo8INnFnv+BBS+yeS3WvDyxO1loSbwIQVOkRAbwG6IGDDzg
ACFddAhqiVhNNloq5M1s4r+mwJiTGIbZ+PzA91J5PfP7GL4smP2Jfe5pDx5mjVYW
LJmyCX5ve9rSPxqKuic5exUAK4FOcHRrQziZtBQahIblxFngIH9bMjuLngKSPo4r
L8E2jDmVknwAW5Yvn+ruKWkUij7NrezsSpTSIhgjqBHNqEcbC88CqoJ2OCFsA7fX
u4wLy+qfYl7oWIdZrZ3VMhkn66qgFKNevoxzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUEIhYCQbZy0cKh9T4SoKBld/uD6EwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvRUloWUNRYlp5MGNLaDlUNFNvS0Js
ZF91RDZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAC2EWTbmRRRMOxmnLWIHuUJwx8eXvitt5cfcCjA1d
Xf6m8LLvjQ+iKPD4+kRYDSEeX20IumGPnhavOjedan2wJhaqd4VODvC/7EbkU4Xq
oKQe185Vst1eRcD/As2KdvyejZZdMououv9Ar5VMyvHrZ4PiFN3iSr5AV7sGkYwD
ZcWQXaK0FhJ7OZq5qSzQ6gyrrmWHj3M3Q/Uw0Zr5f52EuBIE5lTTFweG3mjYF6I4
WwZBzB93xxeGFq6w5x/XL/fNJWzTaJ4LBmR43qGQA8+BbsnB3kuAOz41RDpdZXA+
eDDfdQslXRr4F5vJEKSrGRCZlfWHSQXXDwrpYt1KEFLQOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org