Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/dnpbwaIg02pphaVOMKUCX7GaJis.roa
File: dnpbwaIg02pphaVOMKUCX7GaJis.roa (raw, json)
Hash identifier: m/pVmXUGmdWCw3Dr3jGornHbHXAxl3KeeDy+C/e0diQ=
Subject key identifier: 76:7A:5B:C1:A2:20:D3:6A:69:85:A5:4E:30:A5:02:5F:B1:9A:26:2B
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0962
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/dnpbwaIg02pphaVOMKUCX7GaJis.roa
Signing time: Thu 21 Jan 2021 10:16:38 +0000
ROA not before: Thu 21 Jan 2021 10:16:38 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17809
IP address blocks: 111.67.48.0/21 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2402 (0x962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Jan 21 10:16:38 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=767A5BC1A220D36A6985A54E30A5025FB19A262B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ec:73:b0:04:74:22:e2:c2:41:75:6b:ff:aa:
ee:5b:ee:86:3a:ef:88:3a:d7:f9:f4:11:37:19:fc:
fb:bc:d3:a7:eb:a5:70:08:3a:7c:ec:42:1c:be:96:
da:96:da:21:dc:53:aa:61:2f:2e:fb:73:e1:31:4a:
8b:ba:35:ce:01:cc:56:15:fe:41:1c:0a:55:92:e6:
44:f1:4e:ac:77:ea:aa:09:2c:72:9a:8b:00:d7:96:
ae:a3:e9:f6:47:63:56:d9:37:69:09:f7:3f:d0:c4:
ce:ad:1d:70:e9:8d:50:fb:24:1a:d2:cc:8f:4f:77:
0a:26:b3:0b:60:04:a4:cd:47:f5:c1:f2:fb:43:48:
a2:a4:6c:47:20:96:f7:b3:2b:19:4c:c3:df:13:81:
2d:fe:29:78:fd:1b:ac:8b:f1:b2:a8:25:4d:59:35:
e5:e6:bc:be:84:03:0a:ed:02:a5:20:5a:74:d2:59:
af:a5:38:01:70:5f:b7:7c:b3:52:91:4b:6e:c4:fc:
22:b1:64:9a:f5:2c:55:29:8e:33:60:8f:00:ba:8e:
e5:22:b7:78:45:15:28:2a:62:d7:ef:6f:87:a5:c1:
40:dc:2b:f8:21:17:80:eb:92:ed:95:90:df:4f:fe:
dd:90:64:6d:e1:24:69:50:1a:fb:c4:35:0f:c8:ed:
c7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7A:5B:C1:A2:20:D3:6A:69:85:A5:4E:30:A5:02:5F:B1:9A:26:2B
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/dnpbwaIg02pphaVOMKUCX7GaJis.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.67.48.0/21
Signature Algorithm: sha256WithRSAEncryption
79:e1:23:b7:b7:4c:96:a6:ec:ce:32:d1:3e:23:0c:4c:e1:5c:
30:23:d9:93:99:60:8b:8f:08:c1:1c:23:88:80:71:b5:fd:1c:
b3:97:7e:b0:e8:a4:23:8a:9f:ea:65:a3:72:2e:0f:cf:4a:43:
f4:78:d6:40:94:2b:be:71:bb:09:88:f7:95:aa:c6:c8:e9:51:
cf:55:f3:ec:04:5c:6e:63:e2:4e:86:8c:28:24:54:d9:d0:f3:
64:30:5b:85:d2:eb:3a:47:c4:44:ba:05:47:1d:59:d4:f5:91:
9b:67:2c:60:59:81:6f:a4:c9:2b:f9:fa:98:2b:72:a3:5e:ed:
83:42:f8:fb:f6:6e:a4:60:c6:08:72:f4:20:c0:cd:47:6b:55:
9e:e7:8d:1a:aa:5e:62:a6:ef:43:db:70:c8:77:bb:dd:f3:7f:
4b:3c:7b:e6:ec:4f:3b:0d:0a:96:d8:f2:4f:66:d2:a0:07:4a:
c7:cd:6c:a6:d9:ab:0b:ad:24:0c:b5:07:94:18:ed:24:6c:ff:
9a:fb:af:20:74:4c:11:24:3e:fd:57:74:65:78:eb:c4:1e:e9:
f8:cd:92:a2:af:36:02:38:5b:ef:b8:9d:ff:50:ae:22:5f:b1:
84:a6:4d:a7:a0:7d:6e:d3:84:d1:b4:d7:e0:5e:da:72:bf:48:
25:db:79:c6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTAxMjEx
MDE2MzhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDc2N0E1QkMxQTIyMEQz
NkE2OTg1QTU0RTMwQTUwMjVGQjE5QTI2MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCh7HOwBHQi4sJBdWv/qu5b7oY674g61/n0ETcZ/Pu806frpXAI
OnzsQhy+ltqW2iHcU6phLy77c+ExSou6Nc4BzFYV/kEcClWS5kTxTqx36qoJLHKa
iwDXlq6j6fZHY1bZN2kJ9z/QxM6tHXDpjVD7JBrSzI9PdwomswtgBKTNR/XB8vtD
SKKkbEcglvezKxlMw98TgS3+KXj9G6yL8bKoJU1ZNeXmvL6EAwrtAqUgWnTSWa+l
OAFwX7d8s1KRS27E/CKxZJr1LFUpjjNgjwC6juUit3hFFSgqYtfvb4elwUDcK/gh
F4Drku2VkN9P/t2QZG3hJGlQGvvENQ/I7ceTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUdnpbwaIg02pphaVOMKUCX7GaJiswHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvZG5wYndhSWcwMnBwaGFWT01LVUNY
N0dhSmlzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA29DMDAN
BgkqhkiG9w0BAQsFAAOCAQEAeeEjt7dMlqbszjLRPiMMTOFcMCPZk5lgi48IwRwj
iIBxtf0cs5d+sOikI4qf6mWjci4Pz0pD9HjWQJQrvnG7CYj3larGyOlRz1Xz7ARc
bmPiToaMKCRU2dDzZDBbhdLrOkfERLoFRx1Z1PWRm2csYFmBb6TJK/n6mCtyo17t
g0L4+/ZupGDGCHL0IMDNR2tVnueNGqpeYqbvQ9twyHe73fN/Szx75uxPOw0Kltjy
T2bSoAdKx81sptmrC60kDLUHlBjtJGz/mvuvIHRMESQ+/Vd0ZXjrxB7p+M2Soq82
Ajhb77id/1CuIl+xhKZNp6B9btOE0bTX4F7acr9IJdt5xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org