Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/cXp0L3iUrAJnNF219raftagkdjI.roa
File: cXp0L3iUrAJnNF219raftagkdjI.roa (raw, json)
Hash identifier: SrE+pFwjHeocXIsGmIMTFiVHjrWd2h5gFhTgBXfZTPI=
Subject key identifier: 71:7A:74:2F:78:94:AC:02:67:34:5D:B5:F6:B6:9F:B5:A8:24:76:32
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D18
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/cXp0L3iUrAJnNF219raftagkdjI.roa
Signing time: Wed 26 Apr 2023 10:31:32 +0000
ROA not before: Wed 26 Apr 2023 10:31:32 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3352 (0xd18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:32 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=717A742F7894AC0267345DB5F6B69FB5A8247632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3b:8b:35:47:8b:c7:ff:ca:32:81:71:5f:11:
d8:d4:30:de:d7:06:c8:0d:a0:46:10:b4:36:c1:1e:
29:9b:86:2d:4b:15:a6:9f:0b:50:f3:8a:3c:27:c1:
68:06:0f:ee:a0:9c:c4:87:b1:a3:c3:58:a7:1f:d5:
ef:be:41:ee:0f:7f:34:66:3d:da:20:46:c7:4b:7a:
4e:3b:6e:00:86:00:74:bb:28:2f:41:34:43:80:d0:
6e:0b:05:ac:51:5f:46:31:49:b7:50:af:12:9c:6d:
16:ae:8c:5b:68:a4:58:ec:ea:77:fc:88:12:f6:71:
80:d6:83:92:65:33:07:d9:c5:e5:35:91:77:92:dc:
3f:e4:db:bc:72:55:9d:0a:8b:11:34:69:bc:f3:38:
d9:cb:ed:bb:6c:bb:98:08:70:72:89:1b:96:91:7d:
84:02:7e:b3:1a:2e:3f:3d:21:ab:69:c7:92:b0:80:
9d:cf:7d:26:96:83:ee:41:26:41:af:ef:c8:48:75:
8b:b7:e0:e7:be:bc:c4:d2:7e:97:d1:bc:69:67:a8:
df:4a:26:56:6f:61:71:b9:3a:3c:1d:49:2e:7a:a7:
bd:4b:e6:55:3d:55:64:17:17:0d:d6:92:ef:d7:1a:
3a:6a:78:35:d7:67:b6:48:c6:93:33:d3:51:69:21:
89:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7A:74:2F:78:94:AC:02:67:34:5D:B5:F6:B6:9F:B5:A8:24:76:32
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/cXp0L3iUrAJnNF219raftagkdjI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.96.0/22
Signature Algorithm: sha256WithRSAEncryption
49:e3:8e:7f:ff:07:a9:24:19:03:be:23:44:7e:27:87:a4:9a:
59:40:f3:2e:da:f2:9a:ad:e0:ce:66:36:d5:19:00:56:ba:ce:
1f:c6:c2:63:69:37:4d:3c:31:e6:44:19:2d:58:81:d6:85:a8:
0b:61:ce:88:af:23:67:58:b5:1d:9d:83:d7:97:bb:5c:a2:1c:
63:8e:73:f9:64:8a:a4:68:1c:80:7f:32:14:8f:3e:1e:17:0c:
05:15:9a:b0:d8:d4:19:f7:f9:20:d5:c2:f2:92:a6:75:29:43:
66:18:84:25:38:1e:c2:54:7b:47:8c:ad:17:89:fc:fd:4f:a6:
a5:85:ee:c4:5d:f3:0c:50:0e:5c:34:36:fe:65:39:05:58:6d:
84:97:ab:35:9c:7f:dc:be:6e:d7:c8:2d:23:e1:60:6c:93:58:
3e:dc:cb:05:66:54:fe:65:cf:da:83:40:db:14:90:ff:ee:eb:
77:5a:ec:36:6d:e3:91:53:49:28:a3:d9:c6:f2:ed:51:ac:d4:
46:81:64:61:d0:b8:91:44:5a:8f:1e:57:9c:a3:8b:a8:9e:1e:
1d:40:04:d4:b2:5d:f4:02:17:d7:97:77:a4:d6:22:78:c8:c2:
91:60:2b:f3:ad:66:8a:2b:2c:44:fe:33:9d:61:da:f9:0a:3f:
a3:60:eb:cb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDRgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDcxN0E3NDJGNzg5NEFD
MDI2NzM0NURCNUY2QjY5RkI1QTgyNDc2MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJO4s1R4vH/8oygXFfEdjUMN7XBsgNoEYQtDbBHimbhi1LFaaf
C1DzijwnwWgGD+6gnMSHsaPDWKcf1e++Qe4PfzRmPdogRsdLek47bgCGAHS7KC9B
NEOA0G4LBaxRX0YxSbdQrxKcbRaujFtopFjs6nf8iBL2cYDWg5JlMwfZxeU1kXeS
3D/k27xyVZ0KixE0abzzONnL7btsu5gIcHKJG5aRfYQCfrMaLj89Iatpx5KwgJ3P
fSaWg+5BJkGv78hIdYu34Oe+vMTSfpfRvGlnqN9KJlZvYXG5OjwdSS56p71L5lU9
VWQXFw3Wku/XGjpqeDXXZ7ZIxpMz01FpIYnXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcXp0L3iUrAJnNF219raftagkdjIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvY1hwMEwzaVVyQUpuTkYyMTlyYWZ0
YWdrZGpJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsvZYDAN
BgkqhkiG9w0BAQsFAAOCAQEASeOOf/8HqSQZA74jRH4nh6SaWUDzLtrymq3gzmY2
1RkAVrrOH8bCY2k3TTwx5kQZLViB1oWoC2HOiK8jZ1i1HZ2D15e7XKIcY45z+WSK
pGgcgH8yFI8+HhcMBRWasNjUGff5INXC8pKmdSlDZhiEJTgewlR7R4ytF4n8/U+m
pYXuxF3zDFAOXDQ2/mU5BVhthJerNZx/3L5u18gtI+FgbJNYPtzLBWZU/mXP2oNA
2xSQ/+7rd1rsNm3jkVNJKKPZxvLtUazURoFkYdC4kURajx5XnKOLqJ4eHUAE1LJd
9AIX15d3pNYieMjCkWAr861miissRP4znWHa+Qo/o2Dryw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org