Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/OC0XA70-AI-I7eAruCKz6MxycAQ.roa
File: OC0XA70-AI-I7eAruCKz6MxycAQ.roa (raw, json)
Hash identifier: AUZMH8Je6d4LznSayy7XB4hkQfrz9Di+I3/0kC3SIzg=
Subject key identifier: 38:2D:17:03:BD:3E:00:8F:88:ED:E0:2B:B8:22:B3:E8:CC:72:70:04
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0C25
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/OC0XA70-AI-I7eAruCKz6MxycAQ.roa
Signing time: Mon 07 Nov 2022 06:11:48 +0000
ROA not before: Mon 07 Nov 2022 06:11:48 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18046
IP address blocks: 119.15.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3109 (0xc25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Nov 7 06:11:48 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=382D1703BD3E008F88EDE02BB822B3E8CC727004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d5:aa:27:3b:22:4a:ec:ff:27:69:b9:a5:4e:
86:fb:74:68:f5:d1:ab:07:c7:8b:3c:c5:fa:ff:6e:
5a:ac:ac:00:0a:92:b5:99:d5:dd:f6:61:e4:67:45:
2b:0b:13:4c:13:21:49:29:5a:58:ac:70:8b:b2:07:
8e:5c:d4:91:83:9f:99:b1:de:73:0a:59:6f:7d:89:
bf:ee:42:87:53:64:48:39:d9:de:71:6a:b2:0a:7e:
12:cc:cf:6e:4f:7f:ed:2c:a1:e4:d7:38:fd:e1:50:
2a:21:aa:ff:73:3f:2a:2c:4f:0e:b4:8d:63:1d:ef:
13:fd:fd:30:39:18:e8:b5:a4:0c:de:c1:f5:3f:ad:
c7:2e:21:ee:3a:14:95:cd:8f:14:98:87:e0:a4:97:
02:02:7c:78:87:dd:ee:2d:77:a4:31:78:79:73:90:
c8:f4:ea:80:80:36:59:f6:68:a2:c5:6e:0b:d1:c3:
d2:9a:59:47:cc:a9:85:8f:be:c4:51:af:96:b2:8e:
c6:25:0a:e2:17:19:aa:a2:a0:23:44:4f:33:de:43:
cb:c1:c0:07:88:9c:0e:ad:05:ad:4b:30:cb:3a:43:
4d:59:ae:94:24:24:95:22:8b:b3:12:d4:dd:3f:1f:
93:61:a7:ec:c2:f9:06:d8:46:89:71:70:88:29:31:
49:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2D:17:03:BD:3E:00:8F:88:ED:E0:2B:B8:22:B3:E8:CC:72:70:04
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/OC0XA70-AI-I7eAruCKz6MxycAQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.208.0/21
Signature Algorithm: sha256WithRSAEncryption
90:12:ca:cf:d6:6c:01:b6:8f:ed:86:77:c8:6a:b7:77:85:5b:
79:13:4b:0f:a6:e0:80:c8:c9:38:8a:60:62:bf:2a:22:d4:5e:
f3:bd:e5:e6:0c:5a:8c:58:52:05:83:b9:95:4d:49:fb:2a:04:
27:7e:a8:49:2f:ce:0a:fd:fd:ad:72:c3:a3:dd:0f:6d:cf:26:
b5:68:0a:de:2b:09:38:26:38:ab:60:1d:f3:0f:19:1a:b3:a5:
a7:80:5c:a6:da:80:ac:bf:2e:bc:b6:44:f1:99:61:af:76:0f:
46:4e:a8:03:ec:2e:20:ee:b0:1a:47:a4:8e:42:e1:a4:5a:ea:
30:94:92:2d:da:cc:38:ec:e9:24:3a:7c:94:f9:c6:1a:50:67:
ca:6a:36:d4:e0:b6:70:69:ed:b1:96:e4:5e:33:b1:48:65:5a:
d1:ae:69:a0:68:96:5b:67:7a:8d:f4:a1:3c:dd:55:b8:b2:7a:
49:4e:b5:45:f0:66:1e:80:f5:51:e5:28:ff:64:38:73:ac:76:
c9:63:c5:72:90:2c:af:ab:09:e7:e6:da:1c:f0:88:3f:3a:9a:
a4:0c:77:a4:a4:13:dc:c6:64:8f:4d:38:e1:da:f9:7d:9f:86:
a5:28:35:30:d2:fe:5d:e5:89:63:53:34:49:4b:72:d7:6a:1c:
55:01:8a:9c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjExMDcw
NjExNDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM4MkQxNzAzQkQzRTAw
OEY4OEVERTAyQkI4MjJCM0U4Q0M3MjcwMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY1aonOyJK7P8nabmlTob7dGj10asHx4s8xfr/blqsrAAKkrWZ
1d32YeRnRSsLE0wTIUkpWliscIuyB45c1JGDn5mx3nMKWW99ib/uQodTZEg52d5x
arIKfhLMz25Pf+0soeTXOP3hUCohqv9zPyosTw60jWMd7xP9/TA5GOi1pAzewfU/
rccuIe46FJXNjxSYh+CklwICfHiH3e4td6QxeHlzkMj06oCANln2aKLFbgvRw9Ka
WUfMqYWPvsRRr5ayjsYlCuIXGaqioCNETzPeQ8vBwAeInA6tBa1LMMs6Q01ZrpQk
JJUii7MS1N0/H5Nhp+zC+QbYRolxcIgpMUl9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOC0XA70+AI+I7eAruCKz6MxycAQwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvT0MwWEE3MC1BSS1JN2VBcnVDS3o2
TXh5Y0FRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3cP0DAN
BgkqhkiG9w0BAQsFAAOCAQEAkBLKz9ZsAbaP7YZ3yGq3d4VbeRNLD6bggMjJOIpg
Yr8qItRe873l5gxajFhSBYO5lU1J+yoEJ36oSS/OCv39rXLDo90Pbc8mtWgK3isJ
OCY4q2Ad8w8ZGrOlp4BcptqArL8uvLZE8Zlhr3YPRk6oA+wuIO6wGkekjkLhpFrq
MJSSLdrMOOzpJDp8lPnGGlBnymo21OC2cGntsZbkXjOxSGVa0a5poGiWW2d6jfSh
PN1VuLJ6SU61RfBmHoD1UeUo/2Q4c6x2yWPFcpAsr6sJ5+baHPCIPzqapAx3pKQT
3MZkj0044dr5fZ+GpSg1MNL+XeWJY1M0SUty12ocVQGKnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org