Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/NF-zVVEarCAeH1FBg-9qLYsmV70.roa
File: NF-zVVEarCAeH1FBg-9qLYsmV70.roa (raw, json)
Hash identifier: ASmittFTnDwfCiAx8I1xr0k0RIDezTjJf+wYwwtz/ws=
Subject key identifier: 34:5F:B3:55:51:1A:AC:20:1E:1F:51:41:83:EF:6A:2D:8B:26:57:BD
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0B30
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/NF-zVVEarCAeH1FBg-9qLYsmV70.roa
Signing time: Thu 16 Dec 2021 06:54:22 +0000
ROA not before: Thu 16 Dec 2021 06:54:22 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 203.222.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2864 (0xb30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:54:22 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=345FB355511AAC201E1F514183EF6A2D8B2657BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ad:4a:3c:5a:68:d3:59:a1:f4:24:19:2d:e6:
7d:c8:06:65:c4:d4:b1:c0:f4:dd:be:9b:e4:d7:cd:
99:09:cb:e6:87:80:62:85:89:9b:83:93:f0:1a:d0:
b0:f3:ee:28:07:9c:2e:a5:b2:3e:97:4d:f9:8d:30:
cc:60:53:9b:13:68:ec:fd:7f:e4:63:76:8e:17:71:
a4:23:4f:42:33:3b:cb:c4:b2:48:3d:94:e1:83:a4:
c3:fd:e6:9e:e5:a3:83:08:7a:7f:45:fc:90:35:8f:
a9:bc:e9:86:a9:27:a2:67:2d:06:81:d2:93:4a:e8:
ad:14:fb:4b:8d:b4:15:d7:5b:52:1e:6f:d4:63:10:
57:99:20:4f:da:a8:41:7a:b4:a1:54:de:95:7b:1f:
0e:d1:17:f1:22:3a:b9:50:70:81:d5:51:9d:a4:75:
15:35:58:fa:5d:bf:92:62:d3:35:d7:97:aa:aa:4a:
2a:81:88:33:78:c0:ca:9c:73:7a:63:b2:e3:e9:71:
37:3d:8e:56:74:bb:8c:56:b8:35:60:a4:d2:8c:35:
22:cd:c4:04:97:51:bb:b2:f0:7b:58:cd:db:56:ef:
f2:99:84:ee:09:66:8b:cb:e8:7d:57:61:99:95:92:
be:91:ac:23:78:98:a7:20:ed:d1:95:8a:da:7d:f6:
30:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5F:B3:55:51:1A:AC:20:1E:1F:51:41:83:EF:6A:2D:8B:26:57:BD
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/NF-zVVEarCAeH1FBg-9qLYsmV70.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.24.0/21
Signature Algorithm: sha256WithRSAEncryption
b6:55:97:6d:5a:8c:33:82:7e:7f:6e:76:47:86:14:0e:83:12:
16:4a:07:22:db:71:92:91:26:01:a9:a0:a5:ca:c6:ed:5d:c8:
f5:b9:ec:42:d6:3c:57:ad:68:2f:fa:63:73:bb:49:97:1a:dd:
b4:fc:fe:81:5e:1b:43:f0:32:cc:e4:6b:13:57:af:9c:d3:c6:
26:2b:cb:57:8d:27:3f:cc:6a:a3:82:f5:df:66:68:58:ad:80:
cc:3c:c5:55:d7:d5:b7:e6:32:c1:44:65:ae:9f:45:82:2a:60:
3e:90:56:4a:df:96:74:82:de:99:c3:0e:6a:c9:97:8b:4b:49:
da:08:49:98:39:bb:f0:bd:16:f4:3d:51:68:b2:9e:34:3f:ab:
7f:a7:b5:42:63:58:6e:95:37:24:1b:4f:63:9a:09:30:9b:c9:
4f:aa:61:f1:85:bd:b3:d2:fa:74:68:e1:eb:2f:74:d1:39:7d:
ce:ff:c6:58:2b:29:27:a6:13:2f:6c:44:df:26:3d:75:fe:c7:
32:5c:52:58:b8:ab:2c:14:97:37:92:55:75:1f:41:23:65:45:
03:26:a8:35:7d:c0:bb:4b:c5:ef:45:5a:28:9f:a2:bd:7e:de:
db:36:5e:dd:30:d7:d4:8d:79:83:23:e0:d9:2a:95:47:bc:3e:
36:f1:ea:03
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCzAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjU0MjJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM0NUZCMzU1NTExQUFD
MjAxRTFGNTE0MTgzRUY2QTJEOEIyNjU3QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrrUo8WmjTWaH0JBkt5n3IBmXE1LHA9N2+m+TXzZkJy+aHgGKF
iZuDk/Aa0LDz7igHnC6lsj6XTfmNMMxgU5sTaOz9f+Rjdo4XcaQjT0IzO8vEskg9
lOGDpMP95p7lo4MIen9F/JA1j6m86YapJ6JnLQaB0pNK6K0U+0uNtBXXW1Ieb9Rj
EFeZIE/aqEF6tKFU3pV7Hw7RF/EiOrlQcIHVUZ2kdRU1WPpdv5Ji0zXXl6qqSiqB
iDN4wMqcc3pjsuPpcTc9jlZ0u4xWuDVgpNKMNSLNxASXUbuy8HtYzdtW7/KZhO4J
ZovL6H1XYZmVkr6RrCN4mKcg7dGVitp99jALAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNF+zVVEarCAeH1FBg+9qLYsmV70wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTkYtelZWRWFyQ0FlSDFGQmctOXFM
WXNtVjcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veGDAN
BgkqhkiG9w0BAQsFAAOCAQEAtlWXbVqMM4J+f252R4YUDoMSFkoHIttxkpEmAamg
pcrG7V3I9bnsQtY8V61oL/pjc7tJlxrdtPz+gV4bQ/AyzORrE1evnNPGJivLV40n
P8xqo4L132ZoWK2AzDzFVdfVt+YywURlrp9FgipgPpBWSt+WdILemcMOasmXi0tJ
2ghJmDm78L0W9D1RaLKeND+rf6e1QmNYbpU3JBtPY5oJMJvJT6ph8YW9s9L6dGjh
6y900Tl9zv/GWCspJ6YTL2xE3yY9df7HMlxSWLirLBSXN5JVdR9BI2VFAyaoNX3A
u0vF70VaKJ+ivX7e2zZe3TDX1I15gyPg2SqVR7w+NvHqAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org