Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/_qmFDdVMXL1XJC6fi1oouoH1fmo.roa
File: _qmFDdVMXL1XJC6fi1oouoH1fmo.roa (raw, json)
Hash identifier: KQuHHZ/j/KeD3JOCjAQ+sLTghRjSGXyfqnztFhVgmmc=
Subject key identifier: FE:A9:85:0D:D5:4C:5C:BD:57:24:2E:9F:8B:5A:28:BA:81:F5:7E:6A
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 096C
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/_qmFDdVMXL1XJC6fi1oouoH1fmo.roa
Signing time: Thu 21 Jan 2021 10:24:24 +0000
ROA not before: Thu 21 Jan 2021 10:24:24 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17809
IP address blocks: 203.222.0.0/19 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2412 (0x96c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Jan 21 10:24:24 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=FEA9850DD54C5CBD57242E9F8B5A28BA81F57E6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:62:df:5d:49:64:06:97:7d:f0:71:57:74:1d:
6e:84:70:5f:a3:81:2d:fb:ff:95:70:45:e4:6c:9d:
e6:97:5b:03:c9:43:67:94:ff:f1:6c:b5:6a:f5:76:
be:30:21:69:da:bf:4f:1c:27:b2:68:d0:5b:d5:36:
c1:75:14:80:e4:35:de:26:20:1d:a2:c8:91:d0:5d:
8f:59:9d:5a:15:d1:58:46:34:95:48:47:43:d5:67:
af:09:e8:d1:db:db:d7:0b:f3:4d:0d:e5:9e:60:52:
25:be:7c:41:dc:1d:12:54:64:90:78:58:88:e1:d4:
38:b3:ac:ad:0e:28:a4:d7:fe:aa:91:ce:da:b3:a4:
ee:6c:6a:93:9b:c0:81:8a:49:da:58:43:8b:10:c6:
c1:88:20:a1:f8:6d:4f:eb:c7:41:09:02:a6:0a:b1:
54:ad:a9:59:14:f8:ce:ed:b9:7d:c6:8d:34:b2:4c:
4d:62:de:59:1f:61:be:62:37:37:b6:fb:87:d5:ac:
e3:d4:6c:05:72:c9:5b:6e:dc:74:f7:44:71:9d:89:
62:0c:df:4f:be:54:c0:07:33:38:b7:dd:8f:a2:5a:
5c:b9:c4:19:e4:14:ed:d9:94:fe:a1:18:f9:29:e8:
18:81:07:c3:4c:ac:af:0b:9c:7a:a0:da:2d:36:8b:
d8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A9:85:0D:D5:4C:5C:BD:57:24:2E:9F:8B:5A:28:BA:81:F5:7E:6A
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/_qmFDdVMXL1XJC6fi1oouoH1fmo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.0.0/19
Signature Algorithm: sha256WithRSAEncryption
88:52:90:72:27:82:9b:22:69:70:ec:e7:ea:8f:65:e9:06:8c:
c0:b2:56:cd:50:5b:22:d4:15:ff:88:c3:f4:b9:81:74:94:8a:
53:a2:51:da:71:af:b2:8b:7f:6e:3a:98:3b:38:e8:61:5f:cb:
38:7d:e2:1f:92:3d:0f:72:07:0b:9e:f3:3d:9a:c5:82:b2:ae:
21:3d:da:80:1e:a3:9f:6d:7b:b2:33:4c:79:55:d3:1f:b7:03:
d6:c0:13:0c:ac:f1:7d:99:45:b7:4c:95:e4:b9:30:92:5f:76:
e9:38:57:b3:6c:5c:d2:7d:aa:e5:76:a7:92:9a:40:48:02:58:
39:3f:8c:ab:d0:6c:32:25:86:ec:94:ba:df:34:74:60:b9:d5:
20:85:4a:c4:33:0b:48:e5:61:77:e1:2c:ed:d6:b6:65:d5:7c:
35:f0:3b:e1:c9:59:1e:7f:eb:13:10:31:a7:ce:ec:46:39:65:
9d:04:dc:f0:f4:78:2d:d2:70:c7:6c:13:61:48:e1:b8:4e:67:
e3:05:3c:f3:19:a1:3d:80:da:7b:d6:1e:69:ba:4c:cf:c4:7c:
9d:22:1f:31:8b:d6:8d:71:45:ea:dc:a4:5e:9e:d6:6e:29:ae:
60:9f:ed:91:3d:f7:cd:f5:44:b6:03:89:8b:cc:1d:2d:8e:0a:
bd:78:74:cd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTAxMjEx
MDI0MjRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEZFQTk4NTBERDU0QzVD
QkQ1NzI0MkU5RjhCNUEyOEJBODFGNTdFNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsYt9dSWQGl33wcVd0HW6EcF+jgS37/5VwReRsneaXWwPJQ2eU
//FstWr1dr4wIWnav08cJ7Jo0FvVNsF1FIDkNd4mIB2iyJHQXY9ZnVoV0VhGNJVI
R0PVZ68J6NHb29cL800N5Z5gUiW+fEHcHRJUZJB4WIjh1DizrK0OKKTX/qqRztqz
pO5sapObwIGKSdpYQ4sQxsGIIKH4bU/rx0EJAqYKsVStqVkU+M7tuX3GjTSyTE1i
3lkfYb5iNze2+4fVrOPUbAVyyVtu3HT3RHGdiWIM30++VMAHMzi33Y+iWly5xBnk
FO3ZlP6hGPkp6BiBB8NMrK8LnHqg2i02i9glAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU/qmFDdVMXL1XJC6fi1oouoH1fmowHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvX3FtRkRkVk1YTDFYSkM2Zmkxb291
b0gxZm1vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcveADAN
BgkqhkiG9w0BAQsFAAOCAQEAiFKQcieCmyJpcOzn6o9l6QaMwLJWzVBbItQV/4jD
9LmBdJSKU6JR2nGvsot/bjqYOzjoYV/LOH3iH5I9D3IHC57zPZrFgrKuIT3agB6j
n217sjNMeVXTH7cD1sATDKzxfZlFt0yV5Lkwkl926ThXs2xc0n2q5XankppASAJY
OT+Mq9BsMiWG7JS63zR0YLnVIIVKxDMLSOVhd+Es7da2ZdV8NfA74clZHn/rExAx
p87sRjllnQTc8PR4LdJwx2wTYUjhuE5n4wU88xmhPYDae9YeabpMz8R8nSIfMYvW
jXFF6tykXp7WbimuYJ/tkT33zfVEtgOJi8wdLY4KvXh0zQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org