Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Hgq-UFIH4Edpr4PN-fXp0wEcBVQ.roa
File: Hgq-UFIH4Edpr4PN-fXp0wEcBVQ.roa (raw, json)
Hash identifier: 4zmM6NSBuu6kPi4cXzJ51+nYJv6fIZ5wwHjkSqzGasU=
Subject key identifier: 1E:0A:BE:50:52:07:E0:47:69:AF:83:CD:F9:F5:E9:D3:01:1C:05:54
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Hgq-UFIH4Edpr4PN-fXp0wEcBVQ.roa
Signing time: Thu 15 Sep 2022 02:37:27 +0000
ROA not before: Thu 15 Sep 2022 02:37:27 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:27 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1E0ABE505207E04769AF83CDF9F5E9D3011C0554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:85:ce:a7:18:ab:1d:2c:1f:fe:b4:dc:ba:70:
68:af:a1:47:29:52:2d:34:9b:15:2c:0e:d7:9e:02:
c0:56:61:38:fd:66:37:0d:25:1e:95:57:cb:28:ef:
43:a7:d1:e2:24:f5:00:09:e1:1e:ad:a4:fd:2c:36:
d6:b3:76:9a:75:e9:e4:16:23:ac:8f:9d:fc:5b:99:
75:e4:63:5b:26:a6:39:97:09:b1:a9:34:60:8f:1e:
8f:e4:ad:07:d8:f0:74:74:48:40:12:9f:ff:9e:5c:
b7:93:2f:2a:6b:7e:58:d1:c7:da:1e:d9:49:1f:8e:
2b:b3:26:fc:5b:b6:13:82:53:55:08:f0:4c:e8:97:
14:f4:93:83:ed:df:19:93:c6:11:a9:94:56:ef:a5:
85:7e:ad:60:f0:b8:6b:36:e4:68:f0:f4:93:74:b3:
d7:3a:a1:45:e1:cd:a0:c9:d3:7b:f3:cd:28:60:61:
e5:9a:e7:22:ca:8d:37:41:75:de:54:1d:31:67:63:
ff:bb:ca:52:dd:69:85:3e:33:3e:aa:20:f8:cc:a1:
ac:c8:7e:79:81:cd:c2:f4:0b:c4:db:5f:2f:76:61:
6b:a4:2e:5a:f2:11:9b:24:8a:64:0d:12:66:09:18:
98:99:a3:82:6e:13:76:9a:fa:93:89:63:40:d4:40:
eb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0A:BE:50:52:07:E0:47:69:AF:83:CD:F9:F5:E9:D3:01:1C:05:54
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Hgq-UFIH4Edpr4PN-fXp0wEcBVQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.112.0/21
Signature Algorithm: sha256WithRSAEncryption
18:d3:69:36:d7:f1:d4:90:8c:ea:75:e7:b3:14:9e:e6:2e:26:
6d:a5:52:0d:54:00:d2:73:65:53:57:27:46:bc:35:83:63:be:
69:c9:ac:99:1f:5c:03:73:48:81:61:1a:09:f0:9f:e7:cb:14:
57:10:38:0f:11:17:6f:4f:07:38:30:b6:fc:21:eb:c4:ee:7c:
2c:44:0f:e4:ac:5a:64:bb:d8:8b:d0:21:cc:40:82:a3:45:4e:
db:d5:95:cf:6e:01:2d:8d:4f:0d:c5:8d:6b:fc:20:cc:db:ca:
c2:25:63:64:d3:f8:9c:89:90:62:b7:67:9e:8c:2e:5b:57:3f:
2f:56:26:b7:38:b2:a1:e4:40:17:27:9b:e9:3a:42:39:5e:6f:
3f:5f:2e:ed:d3:44:85:c9:07:5e:fe:c6:4e:38:bf:62:a9:8f:
9a:e3:23:60:cb:03:09:4b:6f:3a:3b:95:67:0f:a2:88:91:48:
21:cc:7d:82:7c:56:a7:3c:83:af:64:2a:c6:16:1e:de:eb:4f:
57:4e:b6:13:f7:45:c7:be:d2:e1:36:99:77:e5:bc:be:63:cb:
bd:7f:62:bf:9b:50:7d:ac:8c:33:8e:ce:4e:e2:33:5a:f1:6d:
bb:c2:5b:b2:ae:06:85:4b:e0:21:71:ba:d5:c1:c6:4f:60:bc:
40:c5:ab:4e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFFMEFCRTUwNTIwN0Uw
NDc2OUFGODNDREY5RjVFOUQzMDExQzA1NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvhc6nGKsdLB/+tNy6cGivoUcpUi00mxUsDteeAsBWYTj9ZjcN
JR6VV8so70On0eIk9QAJ4R6tpP0sNtazdpp16eQWI6yPnfxbmXXkY1smpjmXCbGp
NGCPHo/krQfY8HR0SEASn/+eXLeTLyprfljRx9oe2UkfjiuzJvxbthOCU1UI8Ezo
lxT0k4Pt3xmTxhGplFbvpYV+rWDwuGs25Gjw9JN0s9c6oUXhzaDJ03vzzShgYeWa
5yLKjTdBdd5UHTFnY/+7ylLdaYU+Mz6qIPjMoazIfnmBzcL0C8TbXy92YWukLlry
EZskimQNEmYJGJiZo4JuE3aa+pOJY0DUQOvLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHgq+UFIH4Edpr4PN+fXp0wEcBVQwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvSGdxLVVGSUg0RWRwcjRQTi1mWHAw
d0VjQlZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+cDAN
BgkqhkiG9w0BAQsFAAOCAQEAGNNpNtfx1JCM6nXnsxSe5i4mbaVSDVQA0nNlU1cn
Rrw1g2O+acmsmR9cA3NIgWEaCfCf58sUVxA4DxEXb08HODC2/CHrxO58LEQP5Kxa
ZLvYi9AhzECCo0VO29WVz24BLY1PDcWNa/wgzNvKwiVjZNP4nImQYrdnnowuW1c/
L1YmtziyoeRAFyeb6TpCOV5vP18u7dNEhckHXv7GTji/YqmPmuMjYMsDCUtvOjuV
Zw+iiJFIIcx9gnxWpzyDr2QqxhYe3utPV062E/dFx77S4TaZd+W8vmPLvX9iv5tQ
fayMM47OTuIzWvFtu8Jbsq4GhUvgIXG61cHGT2C8QMWrTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org