Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Kl6MZ33nbnMmfBTwCgX-thtXCHc.roa
File: Kl6MZ33nbnMmfBTwCgX-thtXCHc.roa (raw, json)
Hash identifier: xsnEXbRTcoGjpVJqwAnz92DS3wUW8P9iw7QCZOxUolg=
Subject key identifier: 2A:5E:8C:67:7D:E7:6E:73:26:7C:14:F0:0A:05:FE:B6:1B:57:08:77
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0AD6
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Kl6MZ33nbnMmfBTwCgX-thtXCHc.roa
Signing time: Thu 16 Dec 2021 06:29:43 +0000
ROA not before: Thu 16 Dec 2021 06:29:43 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 27.96.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2774 (0xad6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:29:43 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=2A5E8C677DE76E73267C14F00A05FEB61B570877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:43:11:45:f6:3a:51:89:c5:e2:16:5a:7c:2a:
70:52:3b:ea:92:9d:da:28:ca:44:68:ca:48:94:d7:
a5:ce:29:db:f6:b8:7c:35:ca:a3:2a:ed:7a:ce:a0:
06:1d:9a:0f:d2:b9:2d:ef:37:2c:03:02:6f:e9:3f:
57:a6:bb:ad:75:72:35:eb:77:8e:ef:76:df:29:f2:
f6:da:f1:b8:1b:6e:35:f2:68:66:15:8a:d6:4d:15:
8d:ce:51:d9:5a:3e:7b:f7:f8:c9:15:6b:b1:dc:f2:
29:4e:2f:b2:88:2e:de:8d:02:7d:ae:06:56:71:14:
52:7f:b2:50:cc:40:c7:3b:2d:28:69:84:fb:cb:70:
e4:19:ed:8f:30:d7:4c:fd:e0:2f:fe:e9:cf:8a:d2:
34:d0:cd:94:1b:6f:3f:47:91:a6:07:d2:b3:85:2a:
94:e3:28:42:4d:e4:f4:5d:ca:53:56:cf:9e:c1:03:
8b:a1:38:42:49:74:78:a2:45:0e:f3:ce:4e:37:ab:
4a:7f:19:51:a7:ed:bf:74:3a:06:2d:1d:f8:59:61:
a5:06:80:02:64:26:80:fc:72:3b:08:93:a4:14:75:
62:92:7c:71:af:d0:b6:ed:f9:c3:a6:ce:6f:3a:e4:
bc:bd:d8:19:1f:80:19:a4:b6:1d:df:5b:ba:1b:cc:
0b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5E:8C:67:7D:E7:6E:73:26:7C:14:F0:0A:05:FE:B6:1B:57:08:77
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Kl6MZ33nbnMmfBTwCgX-thtXCHc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.240.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:c3:73:ae:b2:29:fe:95:7b:67:5d:7d:1f:5f:18:1b:ea:48:
4a:8a:f7:e7:1f:2a:dd:c7:28:76:0d:93:24:b0:98:39:3e:ea:
60:c3:58:6a:f8:73:10:a9:53:f3:e4:db:b1:79:4e:25:72:f8:
48:c6:4e:c4:72:8f:aa:fa:0d:a4:21:6d:76:5f:80:e9:f3:c3:
19:ee:64:4e:65:91:6b:65:69:80:5d:0b:96:ae:dd:a7:d8:4b:
0c:e6:98:91:a6:d1:79:9f:b1:b4:6b:3c:1b:bd:b7:3c:9d:c6:
d6:35:17:de:6a:19:46:93:72:8b:00:ce:83:70:53:6d:e1:94:
e9:2b:c0:f9:bd:5c:1e:e9:dc:39:e1:08:b0:3a:75:54:67:63:
45:6c:1e:92:76:18:51:78:a0:77:67:c4:96:40:5a:55:45:6a:
4e:3b:41:85:0b:17:0e:7e:d6:32:2d:de:8f:d0:bb:16:7f:6a:
42:c7:b8:c9:ee:25:40:fa:d2:d2:a3:62:07:3a:89:1d:6b:3f:
ce:8b:85:5e:55:4d:a9:1c:ab:6f:e6:80:0a:45:c7:5b:7d:10:
ca:5b:62:2b:d6:9c:29:b6:84:4e:a5:54:cf:b6:de:53:42:18:
fb:2c:ed:c2:04:30:49:87:a0:da:b4:7c:bb:fd:8e:78:42:d6:
03:de:cb:eb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjI5NDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDJBNUU4QzY3N0RFNzZF
NzMyNjdDMTRGMDBBMDVGRUI2MUI1NzA4NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBQxFF9jpRicXiFlp8KnBSO+qSndooykRoykiU16XOKdv2uHw1
yqMq7XrOoAYdmg/SuS3vNywDAm/pP1emu611cjXrd47vdt8p8vba8bgbbjXyaGYV
itZNFY3OUdlaPnv3+MkVa7Hc8ilOL7KILt6NAn2uBlZxFFJ/slDMQMc7LShphPvL
cOQZ7Y8w10z94C/+6c+K0jTQzZQbbz9HkaYH0rOFKpTjKEJN5PRdylNWz57BA4uh
OEJJdHiiRQ7zzk43q0p/GVGn7b90OgYtHfhZYaUGgAJkJoD8cjsIk6QUdWKSfHGv
0Lbt+cOmzm865Ly92BkfgBmkth3fW7obzAsFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKl6MZ33nbnMmfBTwCgX+thtXCHcwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvS2w2TVozM25ibk1tZkJUd0NnWC10
aHRYQ0hjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAxtg8DAN
BgkqhkiG9w0BAQsFAAOCAQEAC8NzrrIp/pV7Z119H18YG+pISor35x8q3ccodg2T
JLCYOT7qYMNYavhzEKlT8+TbsXlOJXL4SMZOxHKPqvoNpCFtdl+A6fPDGe5kTmWR
a2VpgF0Llq7dp9hLDOaYkabReZ+xtGs8G723PJ3G1jUX3moZRpNyiwDOg3BTbeGU
6SvA+b1cHuncOeEIsDp1VGdjRWweknYYUXigd2fElkBaVUVqTjtBhQsXDn7WMi3e
j9C7Fn9qQse4ye4lQPrS0qNiBzqJHWs/zouFXlVNqRyrb+aACkXHW30QyltiK9ac
KbaETqVUz7beU0IY+yztwgQwSYeg2rR8u/2OeELWA97L6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org