Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/NZU9Zsjd35KUphKQMjLIER5isEw.roa
File: NZU9Zsjd35KUphKQMjLIER5isEw.roa (raw, json)
Hash identifier: BKzPCkg7/0/cKzPr/LfZ6H0ckiCSgmYOUDx746uqy24=
Subject key identifier: 35:95:3D:66:C8:DD:DF:92:94:A6:12:90:32:32:C8:11:1E:62:B0:4C
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CC7
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/NZU9Zsjd35KUphKQMjLIER5isEw.roa
Signing time: Wed 26 Apr 2023 06:27:32 +0000
ROA not before: Wed 26 Apr 2023 06:27:32 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.222.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3271 (0xcc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 06:27:32 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=35953D66C8DDDF9294A612903232C8111E62B04C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:84:a1:dc:4f:9f:94:cd:50:6e:d3:6d:5b:f1:
f5:a3:47:3f:24:37:d8:73:21:fa:09:25:ce:17:f9:
9e:3c:81:99:ab:ee:c5:60:cc:41:57:91:3d:f1:c9:
b8:3d:48:a3:bc:7b:62:6e:fe:b2:18:e0:ed:e9:c2:
6a:a8:e0:69:37:b0:ac:a2:dc:c5:68:27:e1:05:fe:
d4:38:0d:b2:9e:a7:9a:65:0c:4b:34:c6:a5:de:05:
4f:a2:ed:7e:4d:8e:b8:c4:94:75:4c:6d:ae:06:85:
af:b9:5b:25:f1:99:0a:ff:68:b5:dc:c3:b8:d6:a6:
fb:0c:ba:09:10:8e:51:ee:f4:9f:7b:77:e8:56:ba:
d1:44:78:ed:1f:a7:c9:17:8e:75:ac:34:c0:2d:dc:
0c:02:c1:cb:1f:e1:cc:62:2d:6f:33:09:af:86:ce:
d6:dc:bd:2a:eb:7f:14:74:25:2c:80:c5:32:67:79:
f0:d7:45:a3:8e:c2:01:c4:b1:c8:99:a8:fe:ce:4d:
40:ab:0e:5b:ad:cc:84:3a:43:75:d0:f2:7c:85:f3:
1d:86:46:79:d6:d6:51:e6:31:93:6d:dd:05:26:82:
12:a0:96:03:81:b3:ed:33:c7:36:c0:49:28:ce:b9:
08:8e:78:eb:0d:54:18:83:59:94:94:29:78:b7:33:
ec:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:95:3D:66:C8:DD:DF:92:94:A6:12:90:32:32:C8:11:1E:62:B0:4C
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/NZU9Zsjd35KUphKQMjLIER5isEw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a2:9b:90:24:10:57:a2:a1:64:c5:05:de:e0:a2:ee:32:d1:54:
f5:af:4a:54:c2:63:83:fe:4a:b7:da:1e:b6:22:f7:87:3d:d8:
66:f4:3a:c9:64:b1:47:40:70:14:21:7b:c6:13:b1:cb:db:d5:
50:e6:d9:7d:83:38:12:7a:36:72:cd:e7:05:43:05:cb:5e:5d:
9e:fa:cc:03:e2:2f:75:d3:4a:c7:ef:53:2a:7c:0a:86:b2:42:
75:da:cc:f0:ee:b6:2c:f8:8a:ca:1c:8b:6d:6d:f3:e0:a3:ef:
46:1f:db:44:c3:36:6c:9c:bd:cd:c1:72:6b:bd:d5:f8:c6:55:
89:6c:2d:cb:29:33:c0:89:1e:c9:1a:b8:d4:d3:0a:b6:1f:1f:
94:cd:a1:22:93:e7:f7:fc:e9:3f:b6:c0:ef:9e:51:c6:12:2c:
d1:76:c3:00:9c:0b:ff:dd:e4:66:2e:d7:ec:86:c3:3d:1c:07:
c0:e1:84:e8:3a:08:d7:cb:08:2c:07:9f:83:08:5b:e6:06:e9:
46:55:d6:cc:ae:a2:87:92:07:5a:33:57:4f:e1:81:37:a1:24:
95:f1:b1:14:5b:fd:b4:29:09:bd:1a:07:a1:e1:fa:6a:a2:eb:
4f:9f:de:0d:36:90:a3:a3:bb:f7:8f:5d:7f:45:7d:44:d9:66:
d9:d6:27:2b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjI3MzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM1OTUzRDY2QzhERERG
OTI5NEE2MTI5MDMyMzJDODExMUU2MkIwNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+hKHcT5+UzVBu021b8fWjRz8kN9hzIfoJJc4X+Z48gZmr7sVg
zEFXkT3xybg9SKO8e2Ju/rIY4O3pwmqo4Gk3sKyi3MVoJ+EF/tQ4DbKep5plDEs0
xqXeBU+i7X5NjrjElHVMba4Gha+5WyXxmQr/aLXcw7jWpvsMugkQjlHu9J97d+hW
utFEeO0fp8kXjnWsNMAt3AwCwcsf4cxiLW8zCa+GztbcvSrrfxR0JSyAxTJnefDX
RaOOwgHEsciZqP7OTUCrDlutzIQ6Q3XQ8nyF8x2GRnnW1lHmMZNt3QUmghKglgOB
s+0zxzbASSjOuQiOeOsNVBiDWZSUKXi3M+z/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNZU9Zsjd35KUphKQMjLIER5isEwwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTlpVOVpzamQzNUtVcGhLUU1qTElF
UjVpc0V3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcveADAN
BgkqhkiG9w0BAQsFAAOCAQEAopuQJBBXoqFkxQXe4KLuMtFU9a9KVMJjg/5Kt9oe
tiL3hz3YZvQ6yWSxR0BwFCF7xhOxy9vVUObZfYM4Eno2cs3nBUMFy15dnvrMA+Iv
ddNKx+9TKnwKhrJCddrM8O62LPiKyhyLbW3z4KPvRh/bRMM2bJy9zcFya73V+MZV
iWwtyykzwIkeyRq41NMKth8flM2hIpPn9/zpP7bA755RxhIs0XbDAJwL/93kZi7X
7IbDPRwHwOGE6DoI18sILAefgwhb5gbpRlXWzK6ih5IHWjNXT+GBN6EklfGxFFv9
tCkJvRoHoeH6aqLrT5/eDTaQo6O7949df0V9RNlm2dYnKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org