Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Kst0sPu89YjRBMJyeYxfdZn1tH8.roa
File: Kst0sPu89YjRBMJyeYxfdZn1tH8.roa (raw, json)
Hash identifier: EPdG6Lmy/spAym/FeF1biNBbmE7NNV9hgpAX9q19jsI=
Subject key identifier: 2A:CB:74:B0:FB:BC:F5:88:D1:04:C2:72:79:8C:5F:75:99:F5:B4:7F
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E72
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Kst0sPu89YjRBMJyeYxfdZn1tH8.roa
Signing time: Fri 01 Sep 2023 08:49:42 +0000
ROA not before: Fri 01 Sep 2023 08:49:42 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 121.254.64.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3698 (0xe72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:42 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2ACB74B0FBBCF588D104C272798C5F7599F5B47F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a5:21:da:32:cc:78:34:96:d0:51:53:0f:64:
7f:9e:3b:75:8f:f0:af:bf:47:01:64:41:2d:9c:74:
79:2c:a6:a0:7d:96:c1:ef:65:bc:dd:58:e3:89:b0:
15:08:e5:47:61:9c:19:81:30:72:98:26:2e:e8:6b:
8c:93:09:a7:5c:98:f0:7c:fe:39:a6:bf:b8:2f:7d:
9b:d7:15:44:92:90:19:40:6a:ab:45:bd:ab:48:b8:
c2:58:40:5f:18:f2:73:2b:bd:64:8d:fc:6d:32:c6:
3d:34:da:87:75:e5:01:70:15:83:2b:c3:9a:60:16:
c1:1b:71:6d:30:f4:fb:58:18:13:1a:05:b9:04:6b:
5e:9a:f1:d9:9f:b6:5a:ff:59:a0:c1:e2:58:df:22:
d3:d0:f9:00:63:65:33:a8:fa:77:b1:9e:7a:8d:40:
c7:34:90:de:0c:16:a7:19:44:aa:d5:c5:2a:de:1b:
d2:d3:e0:bd:0c:3c:d7:fa:f3:91:3a:35:5d:4c:6a:
75:e6:bb:4e:2e:0e:37:71:88:ba:da:bb:69:55:e1:
05:92:bd:bb:da:19:58:df:be:61:9b:a8:3e:1d:b4:
e1:7d:55:72:52:da:4a:c5:69:4c:47:2f:b0:ee:b9:
b7:b6:66:bc:94:53:af:a2:48:0d:8c:a2:f6:68:85:
9d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CB:74:B0:FB:BC:F5:88:D1:04:C2:72:79:8C:5F:75:99:F5:B4:7F
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Kst0sPu89YjRBMJyeYxfdZn1tH8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.64.0/21
Signature Algorithm: sha256WithRSAEncryption
65:d7:72:60:49:59:fc:8b:1d:c4:c1:5f:03:e3:98:49:05:ae:
4d:02:65:62:61:2b:fc:a5:68:9f:4b:ec:5a:37:19:56:f1:34:
3c:b8:54:4e:79:75:ed:fd:34:99:a0:53:e9:86:9f:1f:26:45:
88:17:1f:5f:fe:57:6b:3e:95:82:8a:6c:23:ec:eb:87:b6:11:
2f:67:79:43:b3:99:f1:12:e9:50:59:28:9a:8f:b6:88:45:66:
c2:70:2e:5f:62:35:58:05:4a:b1:b1:ca:4c:d7:c7:2e:8c:aa:
81:2f:76:a3:28:fd:09:28:df:f2:d4:65:a9:50:c4:8a:26:17:
f5:da:fc:0d:67:43:7b:08:23:23:78:ae:ea:ac:16:fb:c1:10:
53:cc:85:8f:a3:f9:c9:bc:ed:2c:aa:60:f4:32:5e:a5:a2:61:
c2:33:1b:8e:43:3d:08:34:59:ce:2d:57:5c:02:0e:2d:4d:34:
51:6a:b2:33:18:74:56:49:e2:45:6a:ce:23:09:72:90:f4:18:
2b:83:9e:0e:f4:23:22:a7:10:24:16:34:d3:b3:17:d4:08:5e:
70:f8:35:7d:0b:1a:46:26:bd:61:6a:31:60:15:49:a9:38:35:
4b:2c:48:79:d3:aa:b3:17:93:b3:71:65:08:1a:bf:02:52:23:
1c:af:66:e0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5NDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJBQ0I3NEIwRkJCQ0Y1
ODhEMTA0QzI3Mjc5OEM1Rjc1OTlGNUI0N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqpSHaMsx4NJbQUVMPZH+eO3WP8K+/RwFkQS2cdHkspqB9lsHv
ZbzdWOOJsBUI5UdhnBmBMHKYJi7oa4yTCadcmPB8/jmmv7gvfZvXFUSSkBlAaqtF
vatIuMJYQF8Y8nMrvWSN/G0yxj002od15QFwFYMrw5pgFsEbcW0w9PtYGBMaBbkE
a16a8dmftlr/WaDB4ljfItPQ+QBjZTOo+nexnnqNQMc0kN4MFqcZRKrVxSreG9LT
4L0MPNf685E6NV1ManXmu04uDjdxiLrau2lV4QWSvbvaGVjfvmGbqD4dtOF9VXJS
2krFaUxHL7Duube2ZryUU6+iSA2MovZohZ3dAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKst0sPu89YjRBMJyeYxfdZn1tH8wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvS3N0MHNQdTg5WWpSQk1KeWVZeGZk
Wm4xdEg4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAZddyYElZ/IsdxMFfA+OYSQWuTQJlYmEr/KVon0vs
WjcZVvE0PLhUTnl17f00maBT6YafHyZFiBcfX/5Xaz6VgopsI+zrh7YRL2d5Q7OZ
8RLpUFkomo+2iEVmwnAuX2I1WAVKsbHKTNfHLoyqgS92oyj9CSjf8tRlqVDEiiYX
9dr8DWdDewgjI3iu6qwW+8EQU8yFj6P5ybztLKpg9DJepaJhwjMbjkM9CDRZzi1X
XAIOLU00UWqyMxh0VkniRWrOIwlykPQYK4OeDvQjIqcQJBY007MX1AhecPg1fQsa
Ria9YWoxYBVJqTg1SyxIedOqsxeTs3FlCBq/AlIjHK9m4A==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:23:58 2025 by rpki-client