Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Nzik2RBRBPDqx2AxkT4f5vtjdiQ.roa
File: Nzik2RBRBPDqx2AxkT4f5vtjdiQ.roa (raw, json)
Hash identifier: 1NGXX0jSDmOXDAzSxyIDlw+KwO61uKnSD8JhmIRQo98=
Subject key identifier: 37:38:A4:D9:10:51:04:F0:EA:C7:60:31:91:3E:1F:E6:FB:63:76:24
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Nzik2RBRBPDqx2AxkT4f5vtjdiQ.roa
Signing time: Thu 15 Sep 2022 02:37:31 +0000
ROA not before: Thu 15 Sep 2022 02:37:31 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:31 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3738A4D9105104F0EAC76031913E1FE6FB637624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:3e:e1:17:64:8b:0f:3e:06:4b:ee:6e:b8:c1:
37:8e:4e:7a:8e:15:12:4e:bb:a9:a2:bd:e8:27:68:
98:8e:ec:6a:dd:c7:af:ab:c0:ae:1a:31:87:15:ac:
d5:68:79:f9:44:22:a0:af:0f:ec:52:19:e3:3a:b6:
92:4d:88:f8:ec:d1:7b:75:d8:dd:f6:1b:d3:0f:cb:
0f:8d:ec:70:eb:22:05:02:9f:64:a4:e5:c0:7d:ea:
7e:64:28:31:dd:31:21:29:37:9a:51:39:66:34:2e:
45:ca:ed:6c:d8:63:ef:18:27:a6:3e:0a:76:90:d8:
b1:5c:3c:38:c8:30:d2:5d:da:69:9f:83:96:35:3f:
58:b4:b1:8a:e5:5a:bc:56:4b:d1:bc:e3:c1:54:e8:
5e:ec:4b:0b:fc:ed:bb:68:df:86:13:cd:df:d7:03:
67:73:65:3d:00:4b:b3:1d:e1:76:86:74:ce:59:d3:
99:b5:4d:6b:74:59:47:4f:35:84:9e:b5:9d:65:a0:
02:4a:48:41:f0:6c:de:26:2f:37:ae:fc:4c:4e:ce:
98:13:ab:04:17:e0:f4:c9:30:dc:82:77:e4:89:e5:
a3:08:95:b1:85:23:4f:a5:a8:b0:fb:6d:de:0e:1c:
61:33:e9:7b:6f:81:83:c6:ab:cf:72:8d:c9:81:d6:
0b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:38:A4:D9:10:51:04:F0:EA:C7:60:31:91:3E:1F:E6:FB:63:76:24
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Nzik2RBRBPDqx2AxkT4f5vtjdiQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.120.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:45:bb:af:f8:b5:70:b7:92:85:0b:ac:72:76:0d:54:de:aa:
aa:3d:b1:eb:1b:2f:bc:f7:51:ae:b0:94:e2:1c:ae:be:e6:ee:
ea:7b:23:7d:2a:46:2e:b1:a9:70:c2:2f:93:21:ee:93:74:1f:
f8:a1:25:89:7a:9e:ce:ad:e9:0d:32:80:34:d4:49:38:a7:37:
3f:f5:36:94:5c:87:73:03:61:b5:55:9b:e9:ec:86:a8:2c:e0:
65:fb:f2:6d:30:f3:8c:7b:8a:8a:be:ac:78:75:fd:7d:74:6f:
70:45:38:e8:a9:f7:38:12:92:87:fa:cc:67:63:8a:30:cb:f4:
c2:16:35:2e:80:9f:cc:54:c1:e5:9d:4c:c7:c5:b1:29:76:c5:
b6:3d:e1:cf:d9:68:7c:9a:40:86:71:e0:65:ec:10:1b:e2:04:
b6:48:48:4f:a4:e9:2d:f7:53:c7:82:c9:32:4b:30:ca:c7:ed:
5e:98:af:b4:84:04:9f:a6:b5:91:48:e8:d8:d7:4b:2a:f8:0b:
2d:c0:05:bc:cd:2c:86:a3:c2:a0:dc:1c:2e:95:77:b0:1e:74:
9f:26:d6:ce:cc:57:18:5c:18:b3:41:ba:45:44:89:8b:91:9e:
7b:e6:cf:36:8c:54:54:08:bc:ef:7c:64:48:ad:09:e0:f9:3c:
9f:19:d5:fd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MzFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM3MzhBNEQ5MTA1MTA0
RjBFQUM3NjAzMTkxM0UxRkU2RkI2Mzc2MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD7PuEXZIsPPgZL7m64wTeOTnqOFRJOu6mivegnaJiO7Grdx6+r
wK4aMYcVrNVoeflEIqCvD+xSGeM6tpJNiPjs0Xt12N32G9MPyw+N7HDrIgUCn2Sk
5cB96n5kKDHdMSEpN5pROWY0LkXK7WzYY+8YJ6Y+CnaQ2LFcPDjIMNJd2mmfg5Y1
P1i0sYrlWrxWS9G848FU6F7sSwv87bto34YTzd/XA2dzZT0AS7Md4XaGdM5Z05m1
TWt0WUdPNYSetZ1loAJKSEHwbN4mLzeu/ExOzpgTqwQX4PTJMNyCd+SJ5aMIlbGF
I0+lqLD7bd4OHGEz6XtvgYPGq89yjcmB1gtdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNzik2RBRBPDqx2AxkT4f5vtjdiQwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTnppazJSQlJCUERxeDJBeGtUNGY1
dnRqZGlRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8vZeDAN
BgkqhkiG9w0BAQsFAAOCAQEAj0W7r/i1cLeShQuscnYNVN6qqj2x6xsvvPdRrrCU
4hyuvubu6nsjfSpGLrGpcMIvkyHuk3Qf+KEliXqezq3pDTKANNRJOKc3P/U2lFyH
cwNhtVWb6eyGqCzgZfvybTDzjHuKir6seHX9fXRvcEU46Kn3OBKSh/rMZ2OKMMv0
whY1LoCfzFTB5Z1Mx8WxKXbFtj3hz9lofJpAhnHgZewQG+IEtkhIT6TpLfdTx4LJ
MkswysftXpivtIQEn6a1kUjo2NdLKvgLLcAFvM0shqPCoNwcLpV3sB50nybWzsxX
GFwYs0G6RUSJi5Gee+bPNoxUVAi873xkSK0J4Pk8nxnV/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org