Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/X8xi7hopE4aWoDtM9UImP_KsdoE.roa
File: X8xi7hopE4aWoDtM9UImP_KsdoE.roa (raw, json)
Hash identifier: oANFgZNr6RKC9Ntp7EM3Jy1LkIvskEQDFaTnq5/n3+g=
Subject key identifier: 5F:CC:62:EE:1A:29:13:86:96:A0:3B:4C:F5:42:26:3F:F2:AC:76:81
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D2D
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/X8xi7hopE4aWoDtM9UImP_KsdoE.roa
Signing time: Wed 26 Apr 2023 10:31:38 +0000
ROA not before: Wed 26 Apr 2023 10:31:38 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.96.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3373 (0xd2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:38 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5FCC62EE1A29138696A03B4CF542263FF2AC7681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:76:13:fc:07:4e:03:74:6b:11:83:6a:d3:a9:
92:f5:81:c6:35:e3:45:90:b8:97:9a:cf:8d:97:64:
12:e1:0f:13:ea:85:84:9a:ab:6a:35:00:26:fb:ab:
1d:26:55:8c:0c:ff:96:52:c2:ce:84:46:93:cf:ea:
82:d7:38:02:e5:67:01:cf:71:d1:76:ef:16:ac:73:
f8:18:e1:24:87:c6:68:6f:eb:57:42:4d:09:41:08:
da:ff:b3:2c:21:dc:03:8f:36:3a:d0:2f:3e:d2:7a:
21:d5:51:35:9d:ef:ef:b6:b4:84:d0:2b:95:26:f5:
31:87:62:e8:66:8e:13:35:1b:65:eb:d7:ad:7b:e5:
e2:73:80:41:4d:8f:6b:e8:cb:43:fb:52:98:62:f9:
1f:2d:9e:19:75:1d:8b:48:6d:6c:d0:fb:81:87:2c:
cd:05:7a:09:71:c0:af:a4:c7:df:b6:6d:23:70:f0:
28:8a:ed:ab:a4:1d:8f:48:9a:1c:fd:92:53:6b:48:
42:d0:ef:83:0f:cf:e7:dd:c8:7e:98:63:51:dd:bf:
3c:c3:da:5a:56:55:b2:db:88:55:a5:98:85:66:b9:
db:32:72:ca:77:98:ac:ab:23:3b:89:ee:16:38:3c:
ed:1b:ce:3b:23:3d:1e:68:a6:a7:45:e6:39:61:9b:
20:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CC:62:EE:1A:29:13:86:96:A0:3B:4C:F5:42:26:3F:F2:AC:76:81
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/X8xi7hopE4aWoDtM9UImP_KsdoE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.96.0/19
Signature Algorithm: sha256WithRSAEncryption
43:96:a5:45:ac:98:e2:a1:ee:77:43:a9:d2:ff:e7:4e:55:14:
f0:5c:0d:a3:3b:de:40:7d:30:22:8d:8f:2c:20:49:ed:a8:45:
f6:15:67:75:db:8f:c5:99:11:74:25:fa:1a:ea:3b:2e:18:8b:
72:a6:d6:34:c0:5b:4d:c6:56:17:78:ad:ed:6b:3e:1f:1d:45:
18:e6:99:55:bf:9e:e5:e8:9b:60:30:31:a8:dd:4a:69:fd:5c:
9b:f4:25:36:92:c8:7d:8f:a2:a6:10:a5:7f:6b:40:de:43:36:
5d:5d:33:b7:a5:8f:9f:37:ca:84:98:31:bf:c7:41:06:a5:79:
93:85:9c:25:d7:b1:4d:38:a6:e9:4f:d1:69:6c:29:32:cb:f7:
f7:fd:da:ca:7c:3c:85:1e:12:fc:f9:9b:86:0d:1b:62:6d:1e:
fb:40:55:60:32:8d:e6:25:f7:ff:08:50:dd:d8:5d:dd:61:2c:
07:81:9b:cd:23:f7:ec:c1:34:b1:85:45:e5:c3:6d:87:1e:dd:
15:4b:8f:ae:33:61:b0:d6:72:c1:83:f4:ef:cd:18:ac:78:66:
f4:fb:2f:ec:1d:3f:a2:2f:b5:30:c9:86:9c:14:91:0c:e5:90:
c1:f4:c3:5f:58:20:71:26:28:13:fe:0e:31:99:4d:23:63:04:
52:be:0d:62
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDS0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMzhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVGQ0M2MkVFMUEyOTEz
ODY5NkEwM0I0Q0Y1NDIyNjNGRjJBQzc2ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKdhP8B04DdGsRg2rTqZL1gcY140WQuJeaz42XZBLhDxPqhYSa
q2o1ACb7qx0mVYwM/5ZSws6ERpPP6oLXOALlZwHPcdF27xasc/gY4SSHxmhv61dC
TQlBCNr/sywh3AOPNjrQLz7SeiHVUTWd7++2tITQK5Um9TGHYuhmjhM1G2Xr1617
5eJzgEFNj2voy0P7Uphi+R8tnhl1HYtIbWzQ+4GHLM0FeglxwK+kx9+2bSNw8CiK
7aukHY9Imhz9klNrSELQ74MPz+fdyH6YY1HdvzzD2lpWVbLbiFWlmIVmudsycsp3
mKyrIzuJ7hY4PO0bzjsjPR5opqdF5jlhmyBJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUX8xi7hopE4aWoDtM9UImP/KsdoEwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWDh4aTdob3BFNGFXb0R0TTlVSW1Q
X0tzZG9FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcvZYDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ5alRayY4qHud0Op0v/nTlUU8FwNozveQH0wIo2P
LCBJ7ahF9hVndduPxZkRdCX6Guo7LhiLcqbWNMBbTcZWF3it7Ws+Hx1FGOaZVb+e
5eibYDAxqN1Kaf1cm/QlNpLIfY+iphClf2tA3kM2XV0zt6WPnzfKhJgxv8dBBqV5
k4WcJdexTTim6U/RaWwpMsv39/3aynw8hR4S/Pmbhg0bYm0e+0BVYDKN5iX3/whQ
3dhd3WEsB4GbzSP37ME0sYVF5cNthx7dFUuPrjNhsNZywYP0780YrHhm9Psv7B0/
oi+1MMmGnBSRDOWQwfTDX1ggcSYoE/4OMZlNI2MEUr4NYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org