Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/XcvxNa4w3m_bB9Gip487RuqgfdQ.roa
File: XcvxNa4w3m_bB9Gip487RuqgfdQ.roa (raw, json)
Hash identifier: QYlHaQi/WNI9CFnOYNwW29tyQgCL7aVH69+H9kzvi24=
Subject key identifier: 5D:CB:F1:35:AE:30:DE:6F:DB:07:D1:A2:A7:8F:3B:46:EA:A0:7D:D4
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XcvxNa4w3m_bB9Gip487RuqgfdQ.roa
Signing time: Thu 15 Sep 2022 02:37:24 +0000
ROA not before: Thu 15 Sep 2022 02:37:24 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.222.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:24 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5DCBF135AE30DE6FDB07D1A2A78F3B46EAA07DD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d0:b5:e2:f7:dd:41:13:4e:e8:f8:99:7e:a9:
d9:fc:10:14:c3:cc:0a:96:98:c8:37:1e:d1:b3:60:
03:06:50:a2:8b:38:0b:0c:b2:7b:da:91:2d:af:91:
55:3f:b3:10:b6:e8:f7:19:f2:5d:c5:11:1e:66:45:
e7:22:26:a2:1f:09:08:5e:78:93:f3:83:2c:13:5f:
5a:f2:a6:c1:c7:85:1f:fa:e7:74:b4:a3:a3:04:21:
74:12:41:fa:3c:af:cf:45:4f:5c:76:75:37:84:1a:
37:94:59:7a:79:be:76:e1:5d:cc:e1:7c:12:16:1a:
68:0d:ca:46:d7:fe:5c:18:7a:d6:17:98:af:56:b2:
7e:59:5b:6c:c5:12:68:07:ec:c5:b7:c6:d6:d1:f5:
10:3c:96:36:f9:c7:1b:19:ee:77:7f:01:87:c7:b6:
a4:b0:29:d5:8a:9c:9b:a4:b1:6f:2c:64:b9:65:ed:
1f:04:84:ed:03:05:8c:32:cf:30:9c:5e:e7:b7:e7:
8a:0b:2d:76:02:63:d7:3f:e2:72:79:ee:17:4f:34:
2e:9f:2f:9e:29:dc:dc:e8:cb:78:34:c8:f3:01:98:
b1:7f:1d:c6:40:c5:34:4f:da:a2:71:78:93:dd:1f:
e3:05:9b:7c:bd:a8:6d:3f:65:f1:52:c9:48:ea:fd:
bf:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CB:F1:35:AE:30:DE:6F:DB:07:D1:A2:A7:8F:3B:46:EA:A0:7D:D4
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XcvxNa4w3m_bB9Gip487RuqgfdQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.12.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:a9:5f:08:51:1b:7c:69:2b:0f:39:9e:3e:5a:e5:d9:0f:ed:
e4:ce:38:f2:b5:57:4f:83:3a:47:d8:d5:d5:f2:22:af:6b:3d:
ce:34:03:f6:da:2e:16:69:f6:de:84:b5:d4:d8:49:b7:38:7d:
88:89:94:8b:67:49:ef:3e:d1:1e:86:07:0e:71:5a:50:d4:da:
03:25:57:e0:fa:62:69:56:d7:e5:ee:d2:09:a4:9e:80:59:71:
5e:4e:7c:4d:2d:45:ce:47:99:41:87:87:ce:da:cb:0f:2a:20:
e1:31:b0:be:e7:d9:51:19:c6:49:b0:4d:37:d1:10:7e:b9:5c:
ef:e6:a9:46:45:e7:f9:5e:c7:e6:3f:e1:63:3d:a2:71:92:8f:
21:c7:fd:db:63:88:55:ba:16:58:72:8d:ed:66:5f:f8:d0:19:
1f:d1:d3:4a:d0:a6:98:b5:1e:4b:1b:01:24:74:38:a4:40:f3:
21:38:d2:55:ec:a8:23:54:f2:ac:0d:57:3a:94:f0:25:c8:8b:
2e:b2:6f:90:35:b0:fc:b2:3b:0f:30:4f:0c:38:f0:2f:90:8a:
e6:27:c0:f9:53:0c:f7:e5:d9:08:92:86:7c:3c:81:b8:a5:f3:
16:52:9a:16:c8:09:b4:58:de:af:e2:d3:b8:7b:12:21:ef:38:
c5:a7:aa:d6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVEQ0JGMTM1QUUzMERF
NkZEQjA3RDFBMkE3OEYzQjQ2RUFBMDdERDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC10LXi991BE07o+Jl+qdn8EBTDzAqWmMg3HtGzYAMGUKKLOAsM
snvakS2vkVU/sxC26PcZ8l3FER5mReciJqIfCQheeJPzgywTX1rypsHHhR/653S0
o6MEIXQSQfo8r89FT1x2dTeEGjeUWXp5vnbhXczhfBIWGmgNykbX/lwYetYXmK9W
sn5ZW2zFEmgH7MW3xtbR9RA8ljb5xxsZ7nd/AYfHtqSwKdWKnJuksW8sZLll7R8E
hO0DBYwyzzCcXue354oLLXYCY9c/4nJ57hdPNC6fL54p3Nzoy3g0yPMBmLF/HcZA
xTRP2qJxeJPdH+MFm3y9qG0/ZfFSyUjq/b/PAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXcvxNa4w3m/bB9Gip487RuqgfdQwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWGN2eE5hNHczbV9iQjlHaXA0ODdS
dXFnZmRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveDDAN
BgkqhkiG9w0BAQsFAAOCAQEAiqlfCFEbfGkrDzmePlrl2Q/t5M448rVXT4M6R9jV
1fIir2s9zjQD9touFmn23oS11NhJtzh9iImUi2dJ7z7RHoYHDnFaUNTaAyVX4Ppi
aVbX5e7SCaSegFlxXk58TS1FzkeZQYeHztrLDyog4TGwvufZURnGSbBNN9EQfrlc
7+apRkXn+V7H5j/hYz2icZKPIcf922OIVboWWHKN7WZf+NAZH9HTStCmmLUeSxsB
JHQ4pEDzITjSVeyoI1TyrA1XOpTwJciLLrJvkDWw/LI7DzBPDDjwL5CK5ifA+VMM
9+XZCJKGfDyBuKXzFlKaFsgJtFjer+LTuHsSIe84xaeq1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org