Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/FheEhULriHOj4br0M0aLCwaCV04.roa
File: FheEhULriHOj4br0M0aLCwaCV04.roa (raw, json)
Hash identifier: N913/RnLHRHU5RsbtjUsomv9h0ofXeXwF8TTwiuxzDA=
Subject key identifier: 16:17:84:85:42:EB:88:73:A3:E1:BA:F4:33:46:8B:0B:06:82:57:4E
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CDC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/FheEhULriHOj4br0M0aLCwaCV04.roa
Signing time: Wed 26 Apr 2023 07:14:12 +0000
ROA not before: Wed 26 Apr 2023 07:14:12 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 210.209.128.0/17 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3292 (0xcdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 07:14:12 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1617848542EB8873A3E1BAF433468B0B0682574E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ef:b6:22:bd:da:6b:ec:50:ae:e0:ed:f3:75:
d8:5c:a6:b5:bd:0d:f0:ca:43:cf:3e:01:b2:df:43:
08:83:13:44:e9:e8:47:ce:10:8d:51:ff:28:d1:a2:
45:2e:2e:a8:f5:34:a0:bc:a1:1e:81:51:e8:f6:12:
d2:7f:30:bb:39:54:53:59:a9:28:0f:b3:bb:e4:e8:
bd:40:76:7d:75:d5:f9:bc:18:be:15:4e:af:9c:11:
eb:28:70:4a:4a:1f:f7:47:ea:d0:24:59:a1:67:05:
7b:9a:48:31:84:4c:0e:32:a6:f5:73:f6:9c:4b:37:
95:75:58:34:fa:a4:1c:c9:bc:d0:60:3d:ab:08:99:
c6:78:13:16:a9:49:1e:02:30:b1:92:55:0c:f8:b1:
94:7a:9b:52:3f:a1:bf:1d:8a:d5:08:b1:bd:4e:09:
79:0e:3e:29:a4:14:03:7e:31:f8:9e:01:c4:4c:58:
ce:89:a5:6f:08:71:4a:27:12:a3:11:19:f5:75:d7:
2d:5b:62:a2:1a:0b:d6:da:20:4b:01:3c:4a:70:84:
ab:73:e2:b1:a2:f2:6e:77:fb:e9:a9:ad:a1:99:5a:
c5:d7:fb:00:06:3d:99:31:9d:d6:18:f4:b8:a9:07:
d1:fe:32:96:91:7a:8b:42:cc:57:22:af:1f:f8:8a:
57:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:17:84:85:42:EB:88:73:A3:E1:BA:F4:33:46:8B:0B:06:82:57:4E
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/FheEhULriHOj4br0M0aLCwaCV04.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.209.128.0/17
Signature Algorithm: sha256WithRSAEncryption
8f:44:ed:f5:ef:45:81:d0:39:8a:f7:bf:40:7d:f9:e5:39:3b:
24:23:57:b9:af:17:45:4b:75:95:15:50:fd:8e:c8:04:b2:f5:
18:00:ba:cc:8d:ac:6f:db:9e:a1:e2:da:09:f0:c1:c9:bb:0e:
a0:2c:ab:99:c8:56:15:f2:18:ad:25:5e:be:1e:63:db:fd:83:
38:56:6e:e1:d4:08:b3:bc:82:59:32:13:62:6e:5a:30:fb:34:
fb:98:b0:c9:f8:ae:1d:38:3d:d4:62:6c:36:42:c7:23:be:ae:
e1:4f:19:6c:e8:7d:1b:63:ff:6d:39:03:e0:45:76:87:40:a5:
84:d7:00:fc:49:93:43:11:96:a2:22:92:10:3b:c2:05:a3:e3:
40:0e:11:ed:09:6a:a3:6e:76:d7:e9:36:12:c3:d5:07:97:2e:
65:20:4f:9f:13:2a:d6:62:0e:24:67:4d:ca:45:be:67:22:f7:
ca:cb:da:0c:c7:36:56:94:00:13:0a:45:d6:ce:00:18:78:5a:
df:89:e8:61:85:d8:48:c7:8b:0f:45:70:ec:dc:91:9a:74:b3:
f3:13:7f:5c:54:dd:b4:73:d7:2d:81:67:eb:f8:fc:d4:e2:38:
32:ad:20:56:5d:15:af:da:24:ae:79:ee:36:d5:00:30:a5:e2:
0e:c6:31:4b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NzE0MTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDE2MTc4NDg1NDJFQjg4
NzNBM0UxQkFGNDMzNDY4QjBCMDY4MjU3NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC377Yivdpr7FCu4O3zddhcprW9DfDKQ88+AbLfQwiDE0Tp6EfO
EI1R/yjRokUuLqj1NKC8oR6BUej2EtJ/MLs5VFNZqSgPs7vk6L1Adn111fm8GL4V
Tq+cEesocEpKH/dH6tAkWaFnBXuaSDGETA4ypvVz9pxLN5V1WDT6pBzJvNBgPasI
mcZ4ExapSR4CMLGSVQz4sZR6m1I/ob8ditUIsb1OCXkOPimkFAN+MfieAcRMWM6J
pW8IcUonEqMRGfV11y1bYqIaC9baIEsBPEpwhKtz4rGi8m53++mpraGZWsXX+wAG
PZkxndYY9LipB9H+MpaReotCzFcirx/4ilf9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUFheEhULriHOj4br0M0aLCwaCV04wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvRmhlRWhVTHJpSE9qNGJyME0wYUxD
d2FDVjA0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LRgDAN
BgkqhkiG9w0BAQsFAAOCAQEAj0Tt9e9FgdA5ive/QH355Tk7JCNXua8XRUt1lRVQ
/Y7IBLL1GAC6zI2sb9ueoeLaCfDBybsOoCyrmchWFfIYrSVevh5j2/2DOFZu4dQI
s7yCWTITYm5aMPs0+5iwyfiuHTg91GJsNkLHI76u4U8ZbOh9G2P/bTkD4EV2h0Cl
hNcA/EmTQxGWoiKSEDvCBaPjQA4R7Qlqo2521+k2EsPVB5cuZSBPnxMq1mIOJGdN
ykW+ZyL3ysvaDMc2VpQAEwpF1s4AGHha34noYYXYSMeLD0Vw7NyRmnSz8xN/XFTd
tHPXLYFn6/j81OI4Mq0gVl0Vr9okrnnuNtUAMKXiDsYxSw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:47 2025 by rpki-client