Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/IfkDNApGgLDORZwNwEx1g1fh0L8.roa
File: IfkDNApGgLDORZwNwEx1g1fh0L8.roa (raw, json)
Hash identifier: yNXhayls3MkUXFq3KvMDx6yTmx/ehG5i0tlrmDtG3r0=
Subject key identifier: 21:F9:03:34:0A:46:80:B0:CE:45:9C:0D:C0:4C:75:83:57:E1:D0:BF
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 095A
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/IfkDNApGgLDORZwNwEx1g1fh0L8.roa
Signing time: Thu 21 Jan 2021 10:04:43 +0000
ROA not before: Thu 21 Jan 2021 10:04:43 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38851
IP address blocks: 119.15.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2394 (0x95a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Jan 21 10:04:43 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=21F903340A4680B0CE459C0DC04C758357E1D0BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:79:c2:54:9c:8a:91:12:a9:71:02:cd:63:68:
e6:98:f7:bb:02:51:3b:03:8b:64:40:a4:58:72:44:
c5:a8:05:f5:28:bc:db:3b:04:db:77:4b:7f:b9:e4:
e8:d1:2f:bd:0a:5d:66:e5:38:ef:f5:c8:83:48:bc:
a8:28:2d:02:0b:96:11:98:f8:bd:d3:cf:ba:3c:c1:
3e:e3:2a:ef:a6:ec:eb:6b:61:51:76:d8:40:e7:75:
47:9f:7a:53:20:24:59:29:ab:58:3a:cb:fa:02:2f:
f8:ab:2e:14:c1:46:54:e0:ce:2c:c1:aa:a5:8e:fd:
29:12:b0:e2:01:fd:54:e5:56:2f:62:72:83:2f:f1:
df:1a:26:94:4c:b6:2d:07:dc:2e:be:14:35:e3:15:
7b:8d:b9:b2:8c:c9:6c:65:09:1f:03:95:ab:73:6b:
bd:29:ba:bf:b4:b1:87:f5:92:8a:cb:6f:07:a3:7d:
3f:ea:bf:6e:46:be:5c:6f:18:1e:86:d7:16:d1:2b:
c0:2d:f5:1f:d0:84:76:a3:10:d2:b3:87:77:9c:b5:
8b:3e:7a:db:a1:4e:f0:02:a1:7b:8f:ca:4e:c3:4d:
ec:eb:6a:7b:c7:5d:58:c2:9d:af:38:23:82:be:70:
65:8a:5f:71:c9:c5:99:3e:cb:21:56:f2:37:34:cc:
bc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F9:03:34:0A:46:80:B0:CE:45:9C:0D:C0:4C:75:83:57:E1:D0:BF
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/IfkDNApGgLDORZwNwEx1g1fh0L8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.200.0/21
Signature Algorithm: sha256WithRSAEncryption
44:80:f6:95:7c:06:73:3c:b3:2a:d8:0b:0a:59:2a:b3:a9:5d:
78:2b:e1:f9:5c:0d:de:1e:b4:8f:f3:86:10:4e:a2:0e:63:40:
a1:7c:e6:6d:0b:7a:bd:37:a7:29:11:d3:5d:73:61:6d:fa:c8:
53:83:e4:f0:37:fd:eb:99:6a:ab:d8:ea:75:f7:c9:03:9a:11:
61:2d:1a:92:ec:ae:14:09:6b:8b:19:55:e7:3b:db:0c:9a:54:
1c:c2:e9:88:60:11:77:3c:60:a1:7d:b1:4f:e2:8f:9b:8b:1c:
9e:59:6c:90:2b:ae:a8:ca:06:3c:d9:3c:1b:99:82:7f:25:77:
7b:4c:9e:75:53:6e:23:dc:70:77:85:29:93:f2:70:2f:ea:24:
94:9f:0e:3e:a0:d3:05:7f:ab:9d:80:22:3c:f2:1f:bd:9b:b7:
56:2e:03:6b:de:08:08:f3:d1:fd:99:d6:8e:de:da:b6:d9:bd:
39:c5:fc:93:1f:fb:50:fe:18:ba:45:1c:5b:a6:72:9d:1b:04:
1a:db:2e:1f:0f:68:a7:e4:68:73:48:88:fc:95:45:15:47:3b:
31:47:8c:61:e3:00:75:35:a0:21:2d:de:74:d7:9d:3b:d0:b2:
d1:32:4a:62:08:07:71:b3:55:1b:3e:9e:a5:92:e3:40:39:a0:
c2:b4:cd:32
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTAxMjEx
MDA0NDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDIxRjkwMzM0MEE0Njgw
QjBDRTQ1OUMwREMwNEM3NTgzNTdFMUQwQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7ecJUnIqREqlxAs1jaOaY97sCUTsDi2RApFhyRMWoBfUovNs7
BNt3S3+55OjRL70KXWblOO/1yINIvKgoLQILlhGY+L3Tz7o8wT7jKu+m7OtrYVF2
2EDndUefelMgJFkpq1g6y/oCL/irLhTBRlTgzizBqqWO/SkSsOIB/VTlVi9icoMv
8d8aJpRMti0H3C6+FDXjFXuNubKMyWxlCR8Dlatza70pur+0sYf1korLbwejfT/q
v25GvlxvGB6G1xbRK8At9R/QhHajENKzh3ectYs+etuhTvACoXuPyk7DTezranvH
XVjCna84I4K+cGWKX3HJxZk+yyFW8jc0zLwVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUIfkDNApGgLDORZwNwEx1g1fh0L8wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvSWZrRE5BcEdnTERPUlp3TndFeDFn
MWZoMEw4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3cPyDAN
BgkqhkiG9w0BAQsFAAOCAQEARID2lXwGczyzKtgLClkqs6ldeCvh+VwN3h60j/OG
EE6iDmNAoXzmbQt6vTenKRHTXXNhbfrIU4Pk8Df965lqq9jqdffJA5oRYS0akuyu
FAlrixlV5zvbDJpUHMLpiGARdzxgoX2xT+KPm4scnllskCuuqMoGPNk8G5mCfyV3
e0yedVNuI9xwd4Upk/JwL+oklJ8OPqDTBX+rnYAiPPIfvZu3Vi4Da94ICPPR/ZnW
jt7attm9OcX8kx/7UP4YukUcW6ZynRsEGtsuHw9op+Roc0iI/JVFFUc7MUeMYeMA
dTWgIS3edNedO9Cy0TJKYggHcbNVGz6epZLjQDmgwrTNMg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:53 2023 by rpki-client on console-ams.rpki-client.org