Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/cvVLmgRjzS_sZml3syjObKz2PN8.roa
File: cvVLmgRjzS_sZml3syjObKz2PN8.roa (raw, json)
Hash identifier: F18mscOlgnJql2w8GvWzcRhrE5q0bOYC94yx8XQSyBo=
Subject key identifier: 72:F5:4B:9A:04:63:CD:2F:EC:66:69:77:B3:28:CE:6C:AC:F6:3C:DF
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E71
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/cvVLmgRjzS_sZml3syjObKz2PN8.roa
Signing time: Fri 01 Sep 2023 08:49:41 +0000
ROA not before: Fri 01 Sep 2023 08:49:41 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 27.96.248.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3697 (0xe71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:41 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=72F54B9A0463CD2FEC666977B328CE6CACF63CDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:20:9c:f8:57:c8:83:2b:34:fa:8a:0f:52:8b:
33:5e:fe:cf:1b:f1:4e:ac:15:17:3d:0b:9c:7a:a2:
0d:e7:dd:e2:5f:8a:f5:f9:dd:e9:4a:9c:61:4d:92:
20:cb:a4:3e:51:64:49:82:d6:60:02:d5:dc:be:bb:
2c:73:13:55:86:4a:83:fa:fb:31:fa:84:bd:aa:e7:
93:d4:b1:1c:5d:27:33:8e:61:d4:51:61:fd:0d:9f:
a4:c7:d4:91:55:b4:2c:6a:58:ab:8a:7a:03:20:be:
68:f8:ce:d7:13:ab:d8:d8:6c:55:6e:51:3a:4e:64:
ef:12:4f:ed:3c:01:72:b4:6b:1e:9f:f7:51:ea:a0:
97:d0:7f:ee:09:90:fb:3b:a2:56:ad:b2:00:63:26:
67:23:19:2e:b6:19:fd:37:a3:59:dd:0e:26:a3:f4:
66:fa:fb:1c:f3:19:be:d3:98:2c:8d:cc:ad:22:79:
30:42:e9:cf:23:d9:a4:b1:4c:fe:28:9b:c4:e6:9c:
4b:81:7d:94:10:ce:09:b8:a3:7c:82:8e:4a:69:88:
37:ed:e0:cf:78:a1:7e:02:cf:8a:ca:a9:f6:89:bd:
68:44:81:cc:df:61:9b:e2:a8:ff:6b:ad:f5:8b:d3:
87:79:71:9b:77:f3:53:72:a7:b5:20:8a:11:b1:2f:
83:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F5:4B:9A:04:63:CD:2F:EC:66:69:77:B3:28:CE:6C:AC:F6:3C:DF
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/cvVLmgRjzS_sZml3syjObKz2PN8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.248.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:c9:2f:04:ab:b0:11:8f:7f:be:b9:c6:46:63:5f:6d:8d:e0:
e2:28:22:65:e3:04:53:db:45:2e:e7:d5:5e:d6:42:49:3a:6f:
0f:1e:27:73:6f:0e:9a:10:a8:6e:ee:1b:af:21:ed:6a:93:05:
9c:8f:58:40:02:5e:43:bb:47:d4:9d:60:ff:ac:3b:e6:6c:12:
ee:06:14:6a:e2:0f:f3:a7:48:e4:08:52:0b:33:28:35:0f:99:
85:21:e0:d3:e2:f3:ee:8c:aa:2c:0d:6b:b8:63:49:46:81:69:
0d:a3:62:9b:e2:87:87:b7:d5:43:00:76:b2:4a:b2:bd:68:8c:
58:f0:25:a1:19:5f:3e:75:65:bf:fd:68:9a:00:89:44:be:f7:
a3:1a:ea:17:74:6f:8d:04:1e:0d:09:da:61:09:57:b3:e4:4e:
65:c2:3f:f7:75:5a:37:4b:cd:96:51:5d:dc:6e:75:63:76:ed:
74:5f:95:e2:27:2a:b0:c8:2c:65:d0:ba:dc:de:3d:7d:98:3e:
65:36:b8:67:27:6b:4a:c5:93:3f:34:26:05:4d:9a:bc:69:90:
8d:ce:ca:2e:9f:5a:52:36:14:4a:b6:44:04:3a:d9:e5:27:e3:
ba:c9:7c:4e:65:c2:e8:3b:e0:85:16:5e:ef:8f:78:69:aa:35:
ba:9e:37:55
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDnEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDcyRjU0QjlBMDQ2M0NE
MkZFQzY2Njk3N0IzMjhDRTZDQUNGNjNDREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyIJz4V8iDKzT6ig9SizNe/s8b8U6sFRc9C5x6og3n3eJfivX5
3elKnGFNkiDLpD5RZEmC1mAC1dy+uyxzE1WGSoP6+zH6hL2q55PUsRxdJzOOYdRR
Yf0Nn6TH1JFVtCxqWKuKegMgvmj4ztcTq9jYbFVuUTpOZO8ST+08AXK0ax6f91Hq
oJfQf+4JkPs7olatsgBjJmcjGS62Gf03o1ndDiaj9Gb6+xzzGb7TmCyNzK0ieTBC
6c8j2aSxTP4om8TmnEuBfZQQzgm4o3yCjkppiDft4M94oX4Cz4rKqfaJvWhEgczf
YZviqP9rrfWL04d5cZt381Nyp7UgihGxL4MHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcvVLmgRjzS/sZml3syjObKz2PN8wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvY3ZWTG1nUmp6U19zWm1sM3N5ak9i
S3oyUE44LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAxtg+DAN
BgkqhkiG9w0BAQsFAAOCAQEAP8kvBKuwEY9/vrnGRmNfbY3g4igiZeMEU9tFLufV
XtZCSTpvDx4nc28OmhCobu4bryHtapMFnI9YQAJeQ7tH1J1g/6w75mwS7gYUauIP
86dI5AhSCzMoNQ+ZhSHg0+Lz7oyqLA1ruGNJRoFpDaNim+KHh7fVQwB2skqyvWiM
WPAloRlfPnVlv/1omgCJRL73oxrqF3RvjQQeDQnaYQlXs+ROZcI/93VaN0vNllFd
3G51Y3btdF+V4icqsMgsZdC63N49fZg+ZTa4ZydrSsWTPzQmBU2avGmQjc7KLp9a
UjYUSrZEBDrZ5Sfjusl8TmXC6DvghRZe7494aao1up43VQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:02 2025 by rpki-client