Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/eOwrfKt47JnatPmQSFlLohRppPA.roa
File: eOwrfKt47JnatPmQSFlLohRppPA.roa (raw, json)
Hash identifier: UbCQaoN+6zjK6WwQg9LR/7Q5pDsn2ehiR5rup1hzKSU=
Subject key identifier: 78:EC:2B:7C:AB:78:EC:99:DA:B4:F9:90:48:59:4B:A2:14:69:A4:F0
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/eOwrfKt47JnatPmQSFlLohRppPA.roa
Signing time: Thu 15 Sep 2022 02:37:20 +0000
ROA not before: Thu 15 Sep 2022 02:37:20 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.222.4.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:20 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=78EC2B7CAB78EC99DAB4F99048594BA21469A4F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b9:08:f3:67:a0:a6:31:52:45:bc:31:ac:42:
06:68:e8:78:d7:3c:bc:cb:7b:74:ae:a1:30:7d:45:
a8:24:7b:0c:30:d0:10:3b:e1:a3:d0:bd:30:58:6a:
d7:43:19:00:8f:bf:38:b5:a2:47:cf:a8:78:4f:87:
57:9c:f7:2d:fd:e7:eb:d4:2d:43:ab:83:5b:37:d0:
ec:89:13:66:ed:4a:7f:65:bd:d0:06:cd:76:be:0c:
23:ca:b6:5c:15:f5:b8:bb:07:ed:68:68:ab:29:7e:
d0:ce:cd:a4:34:d9:de:ea:38:0a:45:7d:41:83:a3:
a0:d2:49:32:07:44:c9:71:41:30:73:c7:c7:70:7b:
b3:27:cb:98:14:b8:6c:14:ab:67:58:dd:d7:55:ae:
68:e6:cb:a8:4e:27:ee:e8:2e:6a:17:47:07:30:1d:
63:df:f6:a2:de:00:64:b0:37:72:68:34:14:a9:90:
7f:af:ff:85:a5:62:05:51:cf:ac:e6:bb:17:7e:0b:
6a:42:3c:e6:2a:7c:ac:53:45:e3:0e:b2:62:8a:0c:
d5:1c:22:f4:92:e0:32:9b:86:21:44:b0:69:23:59:
a0:9b:e2:02:01:f9:2a:93:f5:46:fe:43:ce:40:92:
63:ab:c8:a4:8b:33:60:d2:8b:ff:60:7b:c0:4f:d7:
13:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:EC:2B:7C:AB:78:EC:99:DA:B4:F9:90:48:59:4B:A2:14:69:A4:F0
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/eOwrfKt47JnatPmQSFlLohRppPA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.4.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:d5:cb:9c:aa:d3:36:49:01:6b:de:41:97:0a:c4:3e:17:33:
e8:7e:b0:71:02:22:4f:4a:6c:f3:fa:2a:4f:4e:90:19:7c:a1:
80:7f:44:46:7e:ba:d3:be:48:85:37:b6:1a:12:e1:e9:6f:c5:
97:fa:ec:a8:02:54:6f:32:60:68:1d:2e:2d:0f:ce:e7:44:5a:
74:b9:6c:cb:d7:7f:f5:1f:cd:37:71:47:20:c5:a7:32:de:f7:
26:b6:20:e0:9c:17:4e:06:88:d9:87:8d:9b:40:2e:7a:e4:91:
e3:cb:e5:57:61:44:d3:1c:01:f6:57:92:3c:e3:32:48:1a:ca:
b4:e8:27:3c:2f:1c:62:9d:4f:5e:a3:a9:23:ae:c5:5e:8a:0a:
8d:7d:e5:9c:49:09:a5:e5:d6:ca:b6:f0:5c:c2:a9:ec:91:7e:
fb:ab:7a:2d:e2:1d:da:99:27:d7:7b:3b:5c:0d:ad:22:a3:d6:
1e:94:8f:28:b1:e0:d1:11:f3:d7:d8:43:be:02:74:c3:73:31:
7d:60:75:57:61:c6:f0:56:33:29:9e:d6:6d:e1:b1:31:45:b6:
ad:65:64:0d:4c:b0:ce:63:03:37:ff:16:84:b5:9c:d3:ba:ae:
21:06:60:7d:af:cf:cd:76:61:a3:8e:ca:2b:09:84:8f:e0:30:
e4:c8:ed:f1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDc4RUMyQjdDQUI3OEVD
OTlEQUI0Rjk5MDQ4NTk0QkEyMTQ2OUE0RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpuQjzZ6CmMVJFvDGsQgZo6HjXPLzLe3SuoTB9Ragkewww0BA7
4aPQvTBYatdDGQCPvzi1okfPqHhPh1ec9y395+vULUOrg1s30OyJE2btSn9lvdAG
zXa+DCPKtlwV9bi7B+1oaKspftDOzaQ02d7qOApFfUGDo6DSSTIHRMlxQTBzx8dw
e7Mny5gUuGwUq2dY3ddVrmjmy6hOJ+7oLmoXRwcwHWPf9qLeAGSwN3JoNBSpkH+v
/4WlYgVRz6zmuxd+C2pCPOYqfKxTReMOsmKKDNUcIvSS4DKbhiFEsGkjWaCb4gIB
+SqT9Ub+Q85AkmOryKSLM2DSi/9ge8BP1xMFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUeOwrfKt47JnatPmQSFlLohRppPAwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvZU93cmZLdDQ3Sm5hdFBtUVNGbExv
aFJwcFBBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveBDAN
BgkqhkiG9w0BAQsFAAOCAQEATNXLnKrTNkkBa95BlwrEPhcz6H6wcQIiT0ps8/oq
T06QGXyhgH9ERn66075IhTe2GhLh6W/Fl/rsqAJUbzJgaB0uLQ/O50RadLlsy9d/
9R/NN3FHIMWnMt73JrYg4JwXTgaI2YeNm0AueuSR48vlV2FE0xwB9leSPOMySBrK
tOgnPC8cYp1PXqOpI67FXooKjX3lnEkJpeXWyrbwXMKp7JF++6t6LeId2pkn13s7
XA2tIqPWHpSPKLHg0RHz19hDvgJ0w3MxfWB1V2HG8FYzKZ7WbeGxMUW2rWVkDUyw
zmMDN/8WhLWc07quIQZgfa/PzXZho47KKwmEj+Aw5Mjt8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org