Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/PfYHvKepWQR6y5x9WzvJi7QmSgA.roa
File: PfYHvKepWQR6y5x9WzvJi7QmSgA.roa (raw, json)
Hash identifier: 9XeH21J6yVoCqpTwoApQtpB4B7tzOQlOeLVz0hsf40Q=
Subject key identifier: 3D:F6:07:BC:A7:A9:59:04:7A:CB:9C:7D:5B:3B:C9:8B:B4:26:4A:00
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D17
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PfYHvKepWQR6y5x9WzvJi7QmSgA.roa
Signing time: Wed 26 Apr 2023 10:31:32 +0000
ROA not before: Wed 26 Apr 2023 10:31:32 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.222.16.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3351 (0xd17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:32 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3DF607BCA7A959047ACB9C7D5B3BC98BB4264A00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:48:eb:7e:56:da:fb:b4:6e:34:71:48:13:
b4:80:bc:bf:04:f2:8a:72:ec:43:df:40:8a:ce:fc:
79:dd:5e:38:09:e9:34:c4:40:3c:4c:38:a0:fd:e1:
29:1e:1c:36:aa:7d:76:fa:7f:5f:64:d7:bb:eb:9b:
42:58:ea:48:eb:b6:22:15:bc:21:11:61:41:d0:13:
4b:5e:9c:43:32:3e:49:d0:d8:08:b3:a9:32:1d:c2:
8b:a2:da:65:69:84:4c:fd:6f:81:ff:5c:a2:e9:90:
a4:06:31:84:91:02:af:03:9c:e5:3c:95:b7:d9:b4:
e6:bf:90:62:bf:11:0d:2d:6d:ca:5f:e6:61:0b:41:
e0:9c:8c:6c:bc:ea:50:2a:18:a5:c7:79:93:e5:c1:
e8:fd:f9:65:10:42:d7:85:18:a5:95:a1:bf:a4:44:
50:e4:ed:7f:74:c7:ea:cb:86:22:36:a2:9f:ee:50:
99:82:ba:42:8b:4d:f4:3d:37:f2:ee:99:c7:27:b0:
e2:06:dc:70:c2:e5:86:9b:a1:72:04:b1:78:89:88:
65:59:cf:b1:db:e3:32:7b:f8:20:7d:cf:0d:96:7e:
d1:d5:fa:18:98:f4:57:24:d6:77:4b:87:4e:b2:f5:
4e:10:0b:8c:b0:8a:37:e2:af:b3:04:7c:1b:49:08:
b0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F6:07:BC:A7:A9:59:04:7A:CB:9C:7D:5B:3B:C9:8B:B4:26:4A:00
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PfYHvKepWQR6y5x9WzvJi7QmSgA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.16.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:d8:fc:ff:0e:33:93:bb:23:77:fa:eb:2c:c7:65:7d:75:b2:
e4:da:09:47:de:ea:ef:62:83:3c:6e:8d:db:5b:ef:b4:9a:00:
4c:a9:5c:26:67:2b:4f:c9:19:b2:9d:46:38:34:78:05:0e:bd:
57:57:a1:b0:2b:9b:50:9f:d8:f6:8c:62:68:20:9b:de:ad:74:
33:ec:e5:6f:b8:b7:7e:c2:5b:1f:3f:8d:4d:0f:22:10:43:59:
44:15:b8:6b:8e:28:f8:19:02:82:bb:82:4f:76:8a:81:53:64:
ef:3d:a5:29:8f:9e:bd:32:ad:9f:b5:88:5e:03:78:b4:1c:6e:
b2:22:fe:1a:61:60:bb:99:4d:39:00:08:66:28:49:65:ed:30:
aa:48:6e:2a:13:de:23:79:05:d3:2a:79:6c:c5:24:9b:37:4e:
0e:55:0c:b9:f7:95:5d:b6:b2:74:f6:e6:b0:90:c9:29:20:0d:
f7:4c:6d:bb:95:0b:75:58:7c:1c:a0:ea:ab:45:af:4a:24:f7:
d4:1e:8a:00:16:dc:80:fb:3f:01:9f:f7:45:c7:7b:3b:9a:94:
02:d9:af:5a:92:1a:4a:ba:8f:6a:36:0f:7f:37:9a:96:2a:2a:
4f:d5:0c:26:4a:0c:36:44:cf:b1:af:d8:27:ae:d5:91:3c:75:
18:dc:13:02
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDRcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNERjYwN0JDQTdBOTU5
MDQ3QUNCOUM3RDVCM0JDOThCQjQyNjRBMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxukjrflba+7RuNHFIE7SAvL8E8opy7EPfQIrO/HndXjgJ6TTE
QDxMOKD94SkeHDaqfXb6f19k17vrm0JY6kjrtiIVvCERYUHQE0tenEMyPknQ2Aiz
qTIdwoui2mVphEz9b4H/XKLpkKQGMYSRAq8DnOU8lbfZtOa/kGK/EQ0tbcpf5mEL
QeCcjGy86lAqGKXHeZPlwej9+WUQQteFGKWVob+kRFDk7X90x+rLhiI2op/uUJmC
ukKLTfQ9N/LumccnsOIG3HDC5YaboXIEsXiJiGVZz7Hb4zJ7+CB9zw2WftHV+hiY
9Fck1ndLh06y9U4QC4ywijfir7MEfBtJCLC5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPfYHvKepWQR6y5x9WzvJi7QmSgAwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvUGZZSHZLZXBXUVI2eTV4OVd6dkpp
N1FtU2dBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veEDAN
BgkqhkiG9w0BAQsFAAOCAQEALNj8/w4zk7sjd/rrLMdlfXWy5NoJR97q72KDPG6N
21vvtJoATKlcJmcrT8kZsp1GODR4BQ69V1ehsCubUJ/Y9oxiaCCb3q10M+zlb7i3
fsJbHz+NTQ8iEENZRBW4a44o+BkCgruCT3aKgVNk7z2lKY+evTKtn7WIXgN4tBxu
siL+GmFgu5lNOQAIZihJZe0wqkhuKhPeI3kF0yp5bMUkmzdODlUMufeVXbaydPbm
sJDJKSAN90xtu5ULdVh8HKDqq0WvSiT31B6KABbcgPs/AZ/3Rcd7O5qUAtmvWpIa
SrqPajYPfzealioqT9UMJkoMNkTPsa/YJ67VkTx1GNwTAg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:55 2025 by rpki-client