Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Xcx5EaTDS9e1RFwLWGIzWwS3IFo.roa
File: Xcx5EaTDS9e1RFwLWGIzWwS3IFo.roa (raw, json)
Hash identifier: 2dR80BI0n3yON2ZlOjUb3gmu1ayFRvRA72mpgOcR+nM=
Subject key identifier: 5D:CC:79:11:A4:C3:4B:D7:B5:44:5C:0B:58:62:33:5B:04:B7:20:5A
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CE9
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Xcx5EaTDS9e1RFwLWGIzWwS3IFo.roa
Signing time: Wed 26 Apr 2023 10:31:20 +0000
ROA not before: Wed 26 Apr 2023 10:31:20 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 111.67.48.0/20 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3305 (0xce9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:20 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5DCC7911A4C34BD7B5445C0B5862335B04B7205A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:07:97:cd:1e:bb:d4:71:a3:cb:14:62:be:95:
09:95:cb:ee:eb:07:33:9f:3c:de:4f:13:92:0d:ff:
c9:58:53:d6:92:e7:e5:d5:b7:38:ca:38:e2:5c:e6:
4f:89:74:cd:f0:22:2b:f4:50:48:17:fe:27:67:35:
e6:5e:cf:17:dd:e8:0b:78:5a:44:cb:d9:64:4b:e7:
12:c8:97:27:20:21:e7:1e:e7:e8:6c:61:b2:ed:34:
67:c6:02:1d:0a:c3:2d:d9:f9:db:85:e5:68:6d:55:
ec:b2:59:d3:75:94:8c:9e:87:4b:2e:7f:44:3b:87:
24:e2:19:db:12:3a:8d:67:d6:eb:c8:46:84:12:df:
c9:81:39:fb:a8:ca:24:4e:00:3a:44:c0:18:c5:29:
25:c0:6c:75:47:e2:d6:a3:d6:6c:6c:42:55:ab:cd:
1f:f8:6d:96:11:cb:08:df:d1:44:ec:56:f9:bb:7f:
35:fe:cc:91:02:85:9a:af:c0:6c:e0:16:aa:93:dd:
8b:61:ef:44:27:13:d5:7c:fd:f6:a4:72:82:c8:64:
a6:16:9d:8c:a2:a1:b1:be:bf:9b:08:97:2f:31:8d:
38:b3:36:86:9e:d2:e4:ad:be:7e:5b:18:88:eb:bf:
b9:6a:aa:49:bc:30:b8:5b:dc:1a:2a:fb:2b:f1:77:
9d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CC:79:11:A4:C3:4B:D7:B5:44:5C:0B:58:62:33:5B:04:B7:20:5A
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Xcx5EaTDS9e1RFwLWGIzWwS3IFo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.67.48.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:c8:84:a2:7d:58:a4:0a:e6:9c:5a:0f:3d:34:8d:90:4b:a8:
d1:4f:bc:73:d0:11:fd:e9:e8:9c:b2:6d:2a:7a:07:14:45:19:
9d:c2:f8:d7:df:f7:e5:66:56:c7:07:29:d0:65:e6:d0:fc:ad:
e0:33:ea:24:19:3e:f9:b6:d5:2a:6f:2d:c5:f0:51:ce:43:ff:
7e:84:da:80:b0:10:fe:65:66:fd:dd:d2:94:ff:80:e4:cd:d6:
8d:2a:53:ba:79:50:53:53:66:e1:75:da:a7:6e:38:3f:d3:a6:
ec:1f:e5:57:4d:aa:cc:b6:52:86:6f:e6:57:d2:34:79:47:02:
ab:cb:30:34:17:1b:9f:8e:91:e3:28:ab:f5:f4:7b:b3:dd:30:
4a:b8:13:15:b2:4e:a8:1b:81:31:96:bf:2d:34:5a:60:8e:d9:
52:00:7a:89:19:9b:1d:a9:c3:3a:89:0e:10:a9:c3:26:05:34:
69:89:c0:00:04:dd:67:48:86:48:e2:3c:4b:49:c0:de:0a:9f:
b7:b4:3e:16:13:8b:75:96:84:14:33:72:d8:fe:97:be:f2:59:
55:f4:df:cf:30:3a:b0:41:8b:f1:6a:c2:ac:eb:95:88:6b:2b:
22:dc:a4:fd:d5:1f:20:5e:8c:3a:b8:79:ac:98:01:a7:17:5d:
84:99:a9:03
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVEQ0M3OTExQTRDMzRC
RDdCNTQ0NUMwQjU4NjIzMzVCMDRCNzIwNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUB5fNHrvUcaPLFGK+lQmVy+7rBzOfPN5PE5IN/8lYU9aS5+XV
tzjKOOJc5k+JdM3wIiv0UEgX/idnNeZezxfd6At4WkTL2WRL5xLIlycgIece5+hs
YbLtNGfGAh0Kwy3Z+duF5WhtVeyyWdN1lIyeh0suf0Q7hyTiGdsSOo1n1uvIRoQS
38mBOfuoyiROADpEwBjFKSXAbHVH4taj1mxsQlWrzR/4bZYRywjf0UTsVvm7fzX+
zJEChZqvwGzgFqqT3Yth70QnE9V8/fakcoLIZKYWnYyiobG+v5sIly8xjTizNoae
0uStvn5bGIjrv7lqqkm8MLhb3Boq+yvxd521AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXcx5EaTDS9e1RFwLWGIzWwS3IFowHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWGN4NUVhVERTOWUxUkZ3TFdHSXpX
d1MzSUZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBG9DMDAN
BgkqhkiG9w0BAQsFAAOCAQEATciEon1YpArmnFoPPTSNkEuo0U+8c9AR/enonLJt
KnoHFEUZncL419/35WZWxwcp0GXm0Pyt4DPqJBk++bbVKm8txfBRzkP/foTagLAQ
/mVm/d3SlP+A5M3WjSpTunlQU1Nm4XXap244P9Om7B/lV02qzLZShm/mV9I0eUcC
q8swNBcbn46R4yir9fR7s90wSrgTFbJOqBuBMZa/LTRaYI7ZUgB6iRmbHanDOokO
EKnDJgU0aYnAAATdZ0iGSOI8S0nA3gqft7Q+FhOLdZaEFDNy2P6XvvJZVfTfzzA6
sEGL8WrCrOuViGsrItyk/dUfIF6MOrh5rJgBpxddhJmpAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org