Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/fGnTr2CMaf3FpSZR06CMYQH7_zg.roa
File: fGnTr2CMaf3FpSZR06CMYQH7_zg.roa (raw, json)
Hash identifier: io0AHBaj4jZSIp85wN0KI728P6Q6yItdzWd56mXy71Y=
Subject key identifier: 7C:69:D3:AF:60:8C:69:FD:C5:A5:26:51:D3:A0:8C:61:01:FB:FF:38
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CE5
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/fGnTr2CMaf3FpSZR06CMYQH7_zg.roa
Signing time: Wed 26 Apr 2023 10:31:19 +0000
ROA not before: Wed 26 Apr 2023 10:31:19 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18046
IP address blocks: 119.15.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3301 (0xce5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:19 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=7C69D3AF608C69FDC5A52651D3A08C6101FBFF38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0d:1c:8d:e0:f5:3e:d0:80:36:20:98:76:92:
a8:f0:af:b2:b8:46:a6:19:1a:18:1d:58:f1:35:88:
ec:f2:19:58:7e:f2:42:91:4f:0d:5c:26:df:5c:b8:
6e:ec:46:57:dd:94:4e:0a:66:c5:11:29:62:be:55:
b5:a2:ce:bc:18:79:dc:39:6c:68:55:49:bd:0f:c4:
88:ee:a1:dd:5f:a2:bc:57:cc:17:9b:d0:f5:54:01:
78:b2:86:d1:9a:6c:23:03:78:dd:d9:f7:26:1e:a6:
53:d2:cd:61:41:80:3c:2f:32:5f:36:a4:61:2e:b0:
28:9b:f4:43:d2:fc:0b:11:cb:2c:a1:00:0e:65:3d:
49:70:04:7c:ed:99:38:41:bd:ce:54:dc:3f:72:96:
2f:7a:76:4f:38:a8:cd:24:8a:7c:4c:94:60:92:47:
79:d6:e2:95:ad:d1:c5:e7:5f:25:dd:37:0d:2f:43:
dd:c3:3c:30:49:93:5c:26:be:08:29:d1:12:8b:7f:
f4:47:81:1e:b5:41:0b:fc:66:09:a2:4e:4d:73:1e:
38:eb:d5:cd:62:08:0a:4d:d0:25:c3:bd:ac:d3:32:
b3:fb:a4:c7:96:dd:6e:b0:bb:02:52:0f:48:aa:bb:
d6:ed:8b:2a:13:98:a7:4f:b5:69:02:47:9a:86:f8:
72:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:69:D3:AF:60:8C:69:FD:C5:A5:26:51:D3:A0:8C:61:01:FB:FF:38
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/fGnTr2CMaf3FpSZR06CMYQH7_zg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.208.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:20:94:f9:25:3a:f6:11:32:44:fd:a4:f4:d0:c6:c8:27:9a:
05:b2:8e:90:23:92:d9:d4:46:3e:dd:d8:4e:71:fc:ef:fd:00:
9b:91:4f:1f:4d:dd:5d:87:16:fd:7e:ce:25:1e:22:19:05:c0:
31:11:83:e2:48:5d:5d:b4:c4:b4:45:12:55:5f:28:27:a7:63:
e0:66:c1:87:1b:0c:19:37:2f:94:ec:1e:7b:a4:0c:c9:90:d3:
38:c2:17:8f:19:70:c1:9d:32:a8:31:b1:ac:69:1d:aa:7a:3c:
11:8f:cf:86:c4:a7:ce:06:95:30:17:33:e3:03:c4:1e:14:ef:
87:d8:33:40:c0:0d:e2:83:0f:97:59:cb:ff:9d:31:70:35:d5:
cd:75:df:28:b6:d3:85:fe:41:73:15:dd:63:f3:d1:e3:67:4f:
10:4a:33:ac:79:15:9f:63:95:16:46:20:64:ce:df:56:d1:89:
1e:61:d0:a1:a6:f8:9e:d9:8a:3b:29:76:95:c2:4b:bc:3b:d6:
73:c4:23:01:e0:33:8a:3a:42:2e:aa:56:47:dd:ab:2c:a7:a3:
9d:98:e2:69:6a:6b:a5:6b:22:02:75:b7:c6:59:4d:fc:07:52:
3c:15:7c:82:c0:1d:cc:bd:ed:28:e7:c3:9d:50:42:f8:aa:ca:
8d:ff:6b:1b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDdDNjlEM0FGNjA4QzY5
RkRDNUE1MjY1MUQzQTA4QzYxMDFGQkZGMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnDRyN4PU+0IA2IJh2kqjwr7K4RqYZGhgdWPE1iOzyGVh+8kKR
Tw1cJt9cuG7sRlfdlE4KZsURKWK+VbWizrwYedw5bGhVSb0PxIjuod1forxXzBeb
0PVUAXiyhtGabCMDeN3Z9yYeplPSzWFBgDwvMl82pGEusCib9EPS/AsRyyyhAA5l
PUlwBHztmThBvc5U3D9yli96dk84qM0kinxMlGCSR3nW4pWt0cXnXyXdNw0vQ93D
PDBJk1wmvggp0RKLf/RHgR61QQv8ZgmiTk1zHjjr1c1iCApN0CXDvazTMrP7pMeW
3W6wuwJSD0iqu9btiyoTmKdPtWkCR5qG+HIhAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUfGnTr2CMaf3FpSZR06CMYQH7/zgwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvZkduVHIyQ01hZjNGcFNaUjA2Q01Z
UUg3X3pnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3cP0DAN
BgkqhkiG9w0BAQsFAAOCAQEAmiCU+SU69hEyRP2k9NDGyCeaBbKOkCOS2dRGPt3Y
TnH87/0Am5FPH03dXYcW/X7OJR4iGQXAMRGD4khdXbTEtEUSVV8oJ6dj4GbBhxsM
GTcvlOwee6QMyZDTOMIXjxlwwZ0yqDGxrGkdqno8EY/PhsSnzgaVMBcz4wPEHhTv
h9gzQMAN4oMPl1nL/50xcDXVzXXfKLbThf5BcxXdY/PR42dPEEozrHkVn2OVFkYg
ZM7fVtGJHmHQoab4ntmKOyl2lcJLvDvWc8QjAeAzijpCLqpWR92rLKejnZjiaWpr
pWsiAnW3xllN/AdSPBV8gsAdzL3tKOfDnVBC+KrKjf9rGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org