Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/XzXzydxQoUff1dQ1ydZh2ZOcVq4.roa
File: XzXzydxQoUff1dQ1ydZh2ZOcVq4.roa (raw, json)
Hash identifier: E8BdCH2qPOHnc18RTtQNZWc9TTp73yxkO/wqCJ386cQ=
Subject key identifier: 5F:35:F3:C9:DC:50:A1:47:DF:D5:D4:35:C9:D6:61:D9:93:9C:56:AE
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E12
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XzXzydxQoUff1dQ1ydZh2ZOcVq4.roa
Signing time: Fri 01 Sep 2023 08:49:16 +0000
ROA not before: Fri 01 Sep 2023 08:49:16 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 121.254.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3602 (0xe12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:16 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=5F35F3C9DC50A147DFD5D435C9D661D9939C56AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8d:58:30:31:12:ed:15:0e:9b:a0:6c:f2:b5:
8b:d5:8c:66:97:a6:bc:2a:29:54:bd:18:82:8d:a6:
bd:14:4f:d9:c4:5f:4a:d6:c1:47:31:50:a4:88:cd:
55:ec:70:e5:07:f3:9c:f4:ea:6a:26:d7:97:eb:f9:
b5:43:92:52:9a:11:cf:87:27:f5:a5:20:76:51:1f:
cb:cf:e6:87:5d:63:c6:aa:d8:19:4e:f8:29:58:ca:
f7:47:1d:83:a4:be:ae:71:14:6d:70:65:dd:5f:40:
22:9e:be:8d:6d:c9:94:d8:e0:9f:93:69:7c:05:0c:
4f:85:9d:25:f9:c0:1e:f1:2d:2c:67:5d:33:e6:d7:
5f:72:39:2e:c3:fa:16:7e:bf:12:c4:b0:18:e5:d6:
a3:8a:32:1f:b8:06:73:45:47:be:e7:0a:d5:91:f6:
5f:32:f1:fc:69:eb:87:56:25:33:0f:67:e5:24:fe:
c7:8a:22:58:8e:d3:a3:da:80:2e:b2:3a:94:de:de:
3e:7c:11:20:6b:ee:5f:0b:03:45:58:15:9d:cd:fe:
76:09:3c:36:94:eb:7c:0e:83:19:56:e8:8a:c7:ae:
86:98:6e:61:e4:08:46:d7:53:ae:5a:50:d4:e1:db:
70:d4:8b:60:f1:81:cd:93:07:ab:12:06:4a:ca:46:
97:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:35:F3:C9:DC:50:A1:47:DF:D5:D4:35:C9:D6:61:D9:93:9C:56:AE
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XzXzydxQoUff1dQ1ydZh2ZOcVq4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.96.0/20
Signature Algorithm: sha256WithRSAEncryption
b6:20:89:a2:ea:5e:8b:09:ee:84:dc:3c:30:84:6f:13:d8:a8:
29:4c:41:ac:5e:4e:39:a6:b1:76:97:54:59:66:f9:c0:15:a9:
7f:46:a8:ed:64:8c:ba:03:de:f4:e9:d8:7a:b9:1a:ff:c7:fc:
ae:30:90:e9:9a:da:2f:91:3e:28:00:be:f2:8f:26:5b:fe:79:
62:f9:20:af:68:58:07:11:26:44:a2:ed:fc:6d:9c:e7:b2:48:
fd:de:c2:17:43:ea:33:06:c2:a0:cc:90:9c:02:7f:ce:ef:88:
a8:89:7b:4f:a0:47:49:cd:5a:a4:a6:2e:ab:09:6f:bb:90:9b:
66:08:07:d6:e8:a1:ab:80:d5:06:a0:01:ac:08:5d:b5:df:e2:
7b:ec:8f:29:7e:84:85:67:5b:a9:f0:66:04:46:60:dd:2d:f4:
7b:b7:2f:99:f6:47:96:e5:5f:71:fd:28:d3:97:d2:cf:0e:e1:
5a:16:90:97:c1:46:8a:f4:39:bb:bf:ca:c0:f8:a5:80:1b:31:
a3:16:56:91:7a:8e:99:15:e7:94:26:6b:0f:fc:38:07:4f:e8:
75:0e:ad:4f:30:65:75:8a:09:29:84:29:c5:72:0f:89:88:31:
af:78:5a:71:e4:aa:ac:9a:f6:1f:57:75:2d:5f:90:f4:c3:ad:
4d:01:b9:df
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDhIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDVGMzVGM0M5REM1MEEx
NDdERkQ1RDQzNUM5RDY2MUQ5OTM5QzU2QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqjVgwMRLtFQ6boGzytYvVjGaXprwqKVS9GIKNpr0UT9nEX0rW
wUcxUKSIzVXscOUH85z06mom15fr+bVDklKaEc+HJ/WlIHZRH8vP5oddY8aq2BlO
+ClYyvdHHYOkvq5xFG1wZd1fQCKevo1tyZTY4J+TaXwFDE+FnSX5wB7xLSxnXTPm
119yOS7D+hZ+vxLEsBjl1qOKMh+4BnNFR77nCtWR9l8y8fxp64dWJTMPZ+Uk/seK
IliO06PagC6yOpTe3j58ESBr7l8LA0VYFZ3N/nYJPDaU63wOgxlW6IrHroaYbmHk
CEbXU65aUNTh23DUi2Dxgc2TB6sSBkrKRpcdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXzXzydxQoUff1dQ1ydZh2ZOcVq4wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWHpYenlkeFFvVWZmMWRRMXlkWmgy
Wk9jVnE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHn+YDAN
BgkqhkiG9w0BAQsFAAOCAQEAtiCJoupeiwnuhNw8MIRvE9ioKUxBrF5OOaaxdpdU
WWb5wBWpf0ao7WSMugPe9OnYerka/8f8rjCQ6ZraL5E+KAC+8o8mW/55Yvkgr2hY
BxEmRKLt/G2c57JI/d7CF0PqMwbCoMyQnAJ/zu+IqIl7T6BHSc1apKYuqwlvu5Cb
ZggH1uihq4DVBqABrAhdtd/ie+yPKX6EhWdbqfBmBEZg3S30e7cvmfZHluVfcf0o
05fSzw7hWhaQl8FGivQ5u7/KwPilgBsxoxZWkXqOmRXnlCZrD/w4B0/odQ6tTzBl
dYoJKYQpxXIPiYgxr3haceSqrJr2H1d1LV+Q9MOtTQG53w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:13:00 2025 by rpki-client