Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/PCh57wXyTIwJnocboq8Us7wGvMc.roa
File: PCh57wXyTIwJnocboq8Us7wGvMc.roa (raw, json)
Hash identifier: NPqdTy//dcEycZmsMuR5zO7LcMcnBl6BkqjxFGuDt8w=
Subject key identifier: 3C:28:79:EF:05:F2:4C:8C:09:9E:87:1B:A2:AF:14:B3:BC:06:BC:C7
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 098D
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PCh57wXyTIwJnocboq8Us7wGvMc.roa
Signing time: Sun 07 Feb 2021 11:50:57 +0000
ROA not before: Sun 07 Feb 2021 11:50:57 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17809
IP address blocks: 111.67.48.0/20 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2445 (0x98d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 7 11:50:57 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3C2879EF05F24C8C099E871BA2AF14B3BC06BCC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:14:18:a6:1a:40:6e:17:1a:fa:02:be:f4:0c:
7f:0f:a7:f5:21:07:03:26:c8:fa:93:65:49:24:bb:
04:38:cc:f0:45:d4:fb:cb:90:9b:e0:62:f5:a7:21:
96:3f:1d:ea:4b:d6:f0:de:f7:82:c2:fe:22:10:80:
0f:16:c3:d6:07:7e:3f:cb:2e:ca:cd:4a:95:9e:3b:
c4:1e:84:d3:ae:e5:60:41:24:54:0d:ef:66:54:bf:
5d:da:d1:b5:18:6e:ac:0f:bb:0a:f8:78:f1:be:50:
6a:55:80:fc:7e:a8:f4:a5:7c:ae:4e:fc:33:ff:d8:
9a:fd:de:21:a7:0e:c5:e5:35:64:36:99:d2:f4:41:
b8:50:fb:12:2c:8d:4d:f4:06:22:46:ee:de:1a:c9:
cf:58:1b:cd:c8:e3:bd:bf:f6:19:10:8b:96:be:07:
c9:15:6c:5b:11:89:9b:ba:f3:5f:2d:b8:c6:fb:f2:
9d:64:62:63:ae:33:50:6a:b6:ce:09:b7:9d:0d:0c:
89:37:9b:d5:9c:98:ae:7c:42:a2:57:61:92:47:c6:
07:97:1f:f0:b9:10:72:80:cb:9a:c5:ab:a8:f4:59:
21:b0:da:11:ee:30:93:68:80:c8:5b:15:b6:cd:c3:
42:5a:bd:6d:15:1c:7c:fe:7f:ab:bc:54:d5:80:be:
9f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:28:79:EF:05:F2:4C:8C:09:9E:87:1B:A2:AF:14:B3:BC:06:BC:C7
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PCh57wXyTIwJnocboq8Us7wGvMc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.67.48.0/20
Signature Algorithm: sha256WithRSAEncryption
56:c0:23:27:2c:e1:d2:82:ab:09:7b:27:ff:f4:78:29:6e:23:
33:9a:33:75:e9:cb:49:25:46:95:61:ea:6e:b7:bc:b9:63:0e:
f9:40:88:03:28:3a:d3:2e:9f:76:1a:24:37:e5:c1:3a:fc:a0:
28:ae:59:82:a4:9c:5e:22:dc:7a:b7:66:a2:9b:8e:fb:84:b1:
64:8f:42:91:0e:ca:46:59:42:29:96:90:2f:4a:12:2b:40:58:
b8:a5:d4:ad:b9:a6:0e:7b:36:97:39:78:57:d0:84:f0:06:13:
8b:7d:44:2c:39:90:57:79:94:61:67:ec:f2:81:f3:9a:1f:ed:
50:b9:87:53:ec:c1:d4:23:51:c8:06:d2:0d:3f:5b:a7:4e:64:
91:3b:f0:be:a5:af:e3:6b:eb:37:be:00:f1:63:3d:e1:0e:63:
c5:96:27:6e:3b:4f:1e:41:b0:be:05:25:0a:ff:39:91:01:e8:
bc:a9:b7:1a:5d:00:65:fa:1b:6b:3a:a7:56:d5:1d:e1:c1:82:
df:81:d4:0e:54:35:45:36:e2:ee:c8:2f:7f:02:80:ea:27:79:
1f:18:a0:cc:47:d9:39:78:42:2f:af:03:31:4f:78:fe:08:0e:
fe:bc:d2:e8:47:92:f0:37:e5:3e:36:23:eb:19:2b:fc:fa:7b:
fd:50:6f:38
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCY0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTAyMDcx
MTUwNTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNDMjg3OUVGMDVGMjRD
OEMwOTlFODcxQkEyQUYxNEIzQkMwNkJDQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0FBimGkBuFxr6Ar70DH8Pp/UhBwMmyPqTZUkkuwQ4zPBF1PvL
kJvgYvWnIZY/HepL1vDe94LC/iIQgA8Ww9YHfj/LLsrNSpWeO8QehNOu5WBBJFQN
72ZUv13a0bUYbqwPuwr4ePG+UGpVgPx+qPSlfK5O/DP/2Jr93iGnDsXlNWQ2mdL0
QbhQ+xIsjU30BiJG7t4ayc9YG83I472/9hkQi5a+B8kVbFsRiZu6818tuMb78p1k
YmOuM1Bqts4Jt50NDIk3m9WcmK58QqJXYZJHxgeXH/C5EHKAy5rFq6j0WSGw2hHu
MJNogMhbFbbNw0JavW0VHHz+f6u8VNWAvp81AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPCh57wXyTIwJnocboq8Us7wGvMcwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvUENoNTd3WHlUSXdKbm9jYm9xOFVz
N3dHdk1jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBG9DMDAN
BgkqhkiG9w0BAQsFAAOCAQEAVsAjJyzh0oKrCXsn//R4KW4jM5ozdenLSSVGlWHq
bre8uWMO+UCIAyg60y6fdhokN+XBOvygKK5ZgqScXiLcerdmopuO+4SxZI9CkQ7K
RllCKZaQL0oSK0BYuKXUrbmmDns2lzl4V9CE8AYTi31ELDmQV3mUYWfs8oHzmh/t
ULmHU+zB1CNRyAbSDT9bp05kkTvwvqWv42vrN74A8WM94Q5jxZYnbjtPHkGwvgUl
Cv85kQHovKm3Gl0AZfobazqnVtUd4cGC34HUDlQ1RTbi7sgvfwKA6id5HxigzEfZ
OXhCL68DMU94/ggO/rzS6EeS8DflPjYj6xkr/Pp7/VBvOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org