Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/PMc7_eWKb-jwyRKML--8e2lGsHE.roa
File: PMc7_eWKb-jwyRKML--8e2lGsHE.roa (raw, json)
Hash identifier: CNAgFsBNtXvKzL0SigVORXaaEB8fyZPr/DJ5kbJ7cno=
Subject key identifier: 3C:C7:3B:FD:E5:8A:6F:E8:F0:C9:12:8C:2F:EF:BC:7B:69:46:B0:71
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CB5
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PMc7_eWKb-jwyRKML--8e2lGsHE.roa
Signing time: Wed 26 Apr 2023 06:09:09 +0000
ROA not before: Wed 26 Apr 2023 06:09:09 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.96.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3253 (0xcb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 06:09:09 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3CC73BFDE58A6FE8F0C9128C2FEFBC7B6946B071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:15:95:51:2d:14:b6:b5:c1:e2:a6:ba:04:44:
d5:a5:1e:4a:de:d1:55:04:4b:b1:d1:16:07:d7:c9:
59:a1:a5:68:d7:69:df:e9:ea:d7:2a:01:9d:88:b7:
64:2c:c3:be:65:16:d9:0b:60:d8:3f:13:42:8f:e9:
3c:a2:e7:cb:4f:f0:14:59:60:7c:61:33:27:e2:bf:
b5:ba:4e:a7:8c:93:3b:3a:d2:3f:a7:05:eb:ef:38:
f9:0e:c9:6d:19:53:81:0f:c4:89:50:19:2f:91:ca:
88:a6:80:51:26:97:1d:b0:89:37:07:84:ef:2c:b4:
0e:95:9d:42:11:1a:b2:a3:7c:37:c0:b4:31:46:5b:
c1:b6:7c:a7:cf:15:ed:13:b0:e3:af:fa:7f:48:af:
48:76:e2:4f:be:05:14:0b:fd:38:75:bf:16:45:99:
69:77:45:80:bd:25:e5:1b:c2:ea:1e:e9:f9:4d:30:
ef:11:20:4a:13:5e:c2:c9:bd:b8:cc:bb:57:71:17:
90:74:37:b4:5d:44:16:30:e8:54:12:ec:71:cf:b1:
6b:55:dd:2c:0f:eb:12:86:5f:72:0d:62:e2:37:59:
b3:8a:4d:13:5d:f7:05:35:0a:ef:ea:58:e1:0c:50:
19:94:cb:6a:32:b7:9c:c8:51:ee:a3:a5:bc:03:8f:
ae:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C7:3B:FD:E5:8A:6F:E8:F0:C9:12:8C:2F:EF:BC:7B:69:46:B0:71
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PMc7_eWKb-jwyRKML--8e2lGsHE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.96.0/19
Signature Algorithm: sha256WithRSAEncryption
36:ec:1f:3c:47:05:74:ab:7f:fd:2f:2b:f3:e0:8e:f5:13:be:
6d:9c:98:49:86:76:79:99:46:af:26:2c:a0:09:51:1c:b6:9f:
29:2a:c9:a8:81:41:e6:c9:e7:f7:ca:0f:76:69:95:b3:f6:7a:
ec:d3:d1:0c:5c:8f:63:94:36:00:00:99:cd:36:3a:06:f1:b3:
14:21:84:36:f6:eb:af:3d:82:f6:c8:5c:f3:dd:73:95:64:b3:
48:8c:06:1f:c3:33:f1:8e:07:11:e1:cf:66:8e:91:c7:a2:4f:
f8:ba:61:08:d4:85:3f:e5:16:fd:2a:b2:2c:cd:8a:6d:bb:f9:
86:37:83:e9:64:fb:bb:b5:f9:f9:cb:9d:b3:21:53:eb:f1:37:
45:89:b7:f1:04:bc:c6:ce:7c:64:df:e0:f6:62:a2:2c:03:47:
23:19:bd:4a:a3:2c:13:af:36:eb:8b:a1:7b:40:cb:0a:ce:57:
e6:7f:6d:be:e2:65:c4:74:63:0e:99:64:48:4f:4b:b8:4e:df:
e9:9a:6c:35:ba:8f:19:8d:6e:4b:6a:d0:4c:a5:58:49:af:9a:
89:c7:70:75:2b:0b:cd:49:52:f2:09:f0:67:8a:6f:d0:19:e9:
75:d1:c7:dd:d4:ef:42:33:04:33:21:55:51:e3:63:8a:d9:39:
83:13:0c:c5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjA5MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNDQzczQkZERTU4QTZG
RThGMEM5MTI4QzJGRUZCQzdCNjk0NkIwNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiFZVRLRS2tcHiproERNWlHkre0VUES7HRFgfXyVmhpWjXad/p
6tcqAZ2It2Qsw75lFtkLYNg/E0KP6Tyi58tP8BRZYHxhMyfiv7W6TqeMkzs60j+n
BevvOPkOyW0ZU4EPxIlQGS+RyoimgFEmlx2wiTcHhO8stA6VnUIRGrKjfDfAtDFG
W8G2fKfPFe0TsOOv+n9Ir0h24k++BRQL/Th1vxZFmWl3RYC9JeUbwuoe6flNMO8R
IEoTXsLJvbjMu1dxF5B0N7RdRBYw6FQS7HHPsWtV3SwP6xKGX3INYuI3WbOKTRNd
9wU1Cu/qWOEMUBmUy2oyt5zIUe6jpbwDj64rAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPMc7/eWKb+jwyRKML++8e2lGsHEwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvUE1jN19lV0tiLWp3eVJLTUwtLThl
MmxHc0hFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBXn+YDAN
BgkqhkiG9w0BAQsFAAOCAQEANuwfPEcFdKt//S8r8+CO9RO+bZyYSYZ2eZlGryYs
oAlRHLafKSrJqIFB5snn98oPdmmVs/Z67NPRDFyPY5Q2AACZzTY6BvGzFCGENvbr
rz2C9shc891zlWSzSIwGH8Mz8Y4HEeHPZo6Rx6JP+LphCNSFP+UW/SqyLM2Kbbv5
hjeD6WT7u7X5+cudsyFT6/E3RYm38QS8xs58ZN/g9mKiLANHIxm9SqMsE68264uh
e0DLCs5X5n9tvuJlxHRjDplkSE9LuE7f6ZpsNbqPGY1uS2rQTKVYSa+aicdwdSsL
zUlS8gnwZ4pv0BnpddHH3dTvQjMEMyFVUeNjitk5gxMMxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org