Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/IyPXmHPgxO5Pi0aCzdier7ZN5nw.roa
File: IyPXmHPgxO5Pi0aCzdier7ZN5nw.roa (raw, json)
Hash identifier: ugI+jXUubCnH8cX6psMMiGKm5IXp7DNKToR0y/KhSlI=
Subject key identifier: 23:23:D7:98:73:E0:C4:EE:4F:8B:46:82:CD:D8:9E:AF:B6:4D:E6:7C
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CB3
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/IyPXmHPgxO5Pi0aCzdier7ZN5nw.roa
Signing time: Wed 26 Apr 2023 06:07:17 +0000
ROA not before: Wed 26 Apr 2023 06:07:17 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.64.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3251 (0xcb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 06:07:17 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2323D79873E0C4EE4F8B4682CDD89EAFB64DE67C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:65:51:5b:0c:b1:df:b3:ab:d8:01:a0:ef:a0:
a5:cf:f2:81:42:8d:a5:97:32:88:f9:e3:45:90:6b:
3d:e3:bb:62:b0:74:14:35:62:35:04:44:5e:aa:cb:
a9:99:b3:57:a4:b1:4e:04:88:9b:a2:ec:fa:74:d7:
c7:8e:ba:bb:e3:d1:34:89:24:a1:c1:4b:dd:84:d5:
e4:08:44:f5:2e:16:c5:dd:b4:05:f1:e2:ee:3d:05:
86:05:e6:89:4f:df:63:ad:79:94:1d:3c:22:7c:06:
48:ea:94:0b:de:31:cc:06:de:31:9a:b0:db:35:b4:
45:97:86:69:6a:f4:dd:e2:e3:65:30:78:61:58:dd:
be:b7:da:54:fc:bb:21:5d:62:a2:64:b8:f2:e8:b2:
a2:7b:16:34:b7:6a:4c:a5:6e:d5:6c:dd:ba:ca:18:
57:68:99:a1:63:d9:be:8c:fb:c9:f6:5a:6a:64:2d:
46:07:65:c7:95:c7:cb:dc:73:85:1b:37:da:91:a9:
d2:93:17:81:41:85:c3:9a:d2:d3:6f:08:06:26:36:
3b:ee:f2:e8:bd:13:81:97:88:d7:70:bd:5c:f4:c6:
af:3d:b5:4d:3d:79:e0:4c:09:8a:43:0b:90:dc:0b:
44:d5:bc:3e:84:0b:fe:a9:1b:1e:69:0a:99:17:7c:
e5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:23:D7:98:73:E0:C4:EE:4F:8B:46:82:CD:D8:9E:AF:B6:4D:E6:7C
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/IyPXmHPgxO5Pi0aCzdier7ZN5nw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.64.0/19
Signature Algorithm: sha256WithRSAEncryption
12:5e:a1:1d:bf:39:1e:e4:2c:25:2e:91:43:0f:18:c9:be:d7:
ab:e8:6d:2e:50:c9:a7:4e:d2:69:b7:5d:8e:e3:25:fc:81:66:
db:a3:5e:fc:d5:16:ab:ad:8a:15:0c:58:27:70:fb:02:c5:ca:
77:61:31:c8:bf:08:b2:a6:6b:6f:ae:ff:be:ec:7f:d7:a2:56:
da:f8:51:41:f0:0c:11:6d:35:42:a4:1c:56:e1:53:74:a1:d1:
76:39:21:2d:05:36:72:c8:f2:b3:73:6f:df:80:90:64:dc:8f:
12:f6:bd:bd:55:ec:cb:72:ca:41:41:4e:f3:8c:8f:cd:a0:b6:
17:1c:ba:82:0c:56:6e:42:eb:3f:86:2a:c2:e1:41:b8:65:98:
a0:03:0c:36:30:d1:95:0a:5e:90:f5:3c:c5:21:23:3e:7d:de:
fa:e2:53:dc:6b:21:66:17:be:b4:2d:85:89:43:cf:19:d7:4f:
92:fc:50:f7:27:58:47:0a:77:42:ea:6f:bc:a3:ba:f2:cd:5c:
5b:ce:4d:e0:1f:bf:4a:c9:9c:94:6e:0f:b1:23:27:e0:c9:20:
16:62:ce:ee:de:cb:92:e8:d3:7a:55:d3:a5:7b:75:d2:f8:14:
22:be:c9:da:86:e7:18:a2:08:6f:c7:f6:9d:ba:f1:cc:92:55:
e8:02:7b:e6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDLMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjA3MTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIzMjNENzk4NzNFMEM0
RUU0RjhCNDY4MkNERDg5RUFGQjY0REU2N0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXZVFbDLHfs6vYAaDvoKXP8oFCjaWXMoj540WQaz3ju2KwdBQ1
YjUERF6qy6mZs1eksU4EiJui7Pp018eOurvj0TSJJKHBS92E1eQIRPUuFsXdtAXx
4u49BYYF5olP32OteZQdPCJ8BkjqlAveMcwG3jGasNs1tEWXhmlq9N3i42UweGFY
3b632lT8uyFdYqJkuPLosqJ7FjS3akylbtVs3brKGFdomaFj2b6M+8n2WmpkLUYH
ZceVx8vcc4UbN9qRqdKTF4FBhcOa0tNvCAYmNjvu8ui9E4GXiNdwvVz0xq89tU09
eeBMCYpDC5DcC0TVvD6EC/6pGx5pCpkXfOWXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUIyPXmHPgxO5Pi0aCzdier7ZN5nwwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvSXlQWG1IUGd4TzVQaTBhQ3pkaWVy
N1pONW53LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBXn+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAEl6hHb85HuQsJS6RQw8Yyb7Xq+htLlDJp07Sabdd
juMl/IFm26Ne/NUWq62KFQxYJ3D7AsXKd2ExyL8IsqZrb67/vux/16JW2vhRQfAM
EW01QqQcVuFTdKHRdjkhLQU2csjys3Nv34CQZNyPEva9vVXsy3LKQUFO84yPzaC2
Fxy6ggxWbkLrP4YqwuFBuGWYoAMMNjDRlQpekPU8xSEjPn3e+uJT3GshZhe+tC2F
iUPPGddPkvxQ9ydYRwp3QupvvKO68s1cW85N4B+/SsmclG4PsSMn4MkgFmLO7t7L
kujTelXTpXt10vgUIr7J2obnGKIIb8f2nbrxzJJV6AJ75g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org