Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/GCrhf3vY6GNvohXcxi5kqdJ8pKY.roa
File: GCrhf3vY6GNvohXcxi5kqdJ8pKY.roa (raw, json)
Hash identifier: jTqfcnRJN737oMOykbNw49YcL/igUaMjkO5/NXgf/8I=
Subject key identifier: 18:2A:E1:7F:7B:D8:E8:63:6F:A2:15:DC:C6:2E:64:A9:D2:7C:A4:A6
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CD3
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/GCrhf3vY6GNvohXcxi5kqdJ8pKY.roa
Signing time: Wed 26 Apr 2023 06:50:52 +0000
ROA not before: Wed 26 Apr 2023 06:50:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3283 (0xcd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 06:50:52 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=182AE17F7BD8E8636FA215DCC62E64A9D27CA4A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b6:c9:57:ce:5f:d5:79:b2:0c:a3:f4:ec:c5:
9d:88:a1:2d:3f:9c:7b:b8:ba:54:74:29:d8:67:57:
35:29:d1:25:d7:b2:a2:08:f6:b7:32:e0:3a:01:f3:
c0:27:63:30:01:c5:f7:df:24:61:ef:d2:af:7e:a9:
ce:20:87:74:b3:a1:d3:58:72:da:b8:76:5c:fd:15:
b9:bb:dc:fc:c3:f9:7b:9c:b1:52:d9:48:76:6a:f0:
bb:3e:a9:7c:1a:9e:43:d0:6a:a0:90:3b:01:12:5e:
37:ee:59:e3:b7:f4:e6:26:c2:3b:2c:3c:23:fc:65:
e8:58:62:3d:26:f8:8f:2c:49:ea:df:64:24:a5:38:
49:0e:d7:b6:b1:bd:2e:0d:a9:1f:69:8f:1c:1e:93:
e8:f5:00:e7:58:c1:f6:8a:e9:57:3d:01:1b:ec:ff:
2a:c7:c7:ad:ea:da:83:38:8e:81:c7:24:8d:54:50:
f3:70:c7:c3:e7:85:10:3b:03:3d:95:b8:50:df:34:
ee:51:19:4d:30:83:12:ac:f2:d7:13:aa:9a:bc:50:
d1:6e:4d:9d:d3:e0:7c:c0:22:7f:07:83:42:25:b1:
e1:70:6d:f7:c5:57:05:22:ee:4f:29:2c:de:1b:22:
0d:f0:29:1b:0f:7c:c5:a2:70:9d:a4:bf:36:dd:bd:
35:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:2A:E1:7F:7B:D8:E8:63:6F:A2:15:DC:C6:2E:64:A9:D2:7C:A4:A6
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/GCrhf3vY6GNvohXcxi5kqdJ8pKY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.64.0/18
Signature Algorithm: sha256WithRSAEncryption
50:0f:56:45:bb:a0:fd:8c:b5:e0:94:cc:45:0a:b0:80:5c:ab:
4e:13:7f:28:05:5f:74:42:ed:a5:33:49:78:71:a8:44:b4:4e:
fc:63:b9:99:11:91:2b:b6:c7:22:ff:e7:5d:55:47:a0:6b:44:
1a:cf:89:bd:9b:f6:6f:78:eb:5c:97:19:d9:bb:5f:f0:6b:91:
90:19:94:ee:c6:61:e5:e0:69:87:9c:85:74:d3:e7:97:dd:55:
43:5d:f7:1f:c8:e6:27:78:fa:c2:72:79:09:a1:a0:2f:e3:eb:
a0:24:a0:7d:7a:3b:54:88:31:ca:70:98:f3:41:72:16:52:a8:
58:fc:8d:c5:fc:e8:cc:b8:a0:64:dc:14:3c:77:3c:b6:12:8c:
5a:16:50:74:82:64:ff:34:98:ab:56:b4:c6:d8:9e:79:6f:f5:
6b:21:41:31:22:b5:03:f1:29:5a:c4:68:97:d0:3b:89:b2:17:
c9:f0:f0:c6:1b:13:a4:12:c1:ff:7c:cb:82:f9:25:ae:5f:fc:
49:c3:61:da:34:b8:d0:84:48:20:c2:a8:d4:bb:32:e5:88:a5:
82:d8:c6:81:d0:e7:a5:73:a3:58:6f:a9:cc:11:a3:ac:94:ac:
55:95:82:06:97:e9:91:bf:11:71:f4:8b:32:e7:85:c0:18:bc:
1b:9d:2d:6d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjUwNTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDE4MkFFMTdGN0JEOEU4
NjM2RkEyMTVEQ0M2MkU2NEE5RDI3Q0E0QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1tslXzl/VebIMo/TsxZ2IoS0/nHu4ulR0KdhnVzUp0SXXsqII
9rcy4DoB88AnYzABxfffJGHv0q9+qc4gh3SzodNYctq4dlz9Fbm73PzD+XucsVLZ
SHZq8Ls+qXwankPQaqCQOwESXjfuWeO39OYmwjssPCP8ZehYYj0m+I8sSerfZCSl
OEkO17axvS4NqR9pjxwek+j1AOdYwfaK6Vc9ARvs/yrHx63q2oM4joHHJI1UUPNw
x8PnhRA7Az2VuFDfNO5RGU0wgxKs8tcTqpq8UNFuTZ3T4HzAIn8Hg0IlseFwbffF
VwUi7k8pLN4bIg3wKRsPfMWicJ2kvzbdvTUDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUGCrhf3vY6GNvohXcxi5kqdJ8pKYwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvR0NyaGYzdlk2R052b2hYY3hpNWtx
ZEo4cEtZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnn+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAUA9WRbug/Yy14JTMRQqwgFyrThN/KAVfdELtpTNJ
eHGoRLRO/GO5mRGRK7bHIv/nXVVHoGtEGs+JvZv2b3jrXJcZ2btf8GuRkBmU7sZh
5eBph5yFdNPnl91VQ133H8jmJ3j6wnJ5CaGgL+ProCSgfXo7VIgxynCY80FyFlKo
WPyNxfzozLigZNwUPHc8thKMWhZQdIJk/zSYq1a0xtieeW/1ayFBMSK1A/EpWsRo
l9A7ibIXyfDwxhsTpBLB/3zLgvklrl/8ScNh2jS40IRIIMKo1Lsy5YilgtjGgdDn
pXOjWG+pzBGjrJSsVZWCBpfpkb8RcfSLMueFwBi8G50tbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org