Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/fHEuMoz1YjNeuGLeOzqr2DVO79c.roa
File: fHEuMoz1YjNeuGLeOzqr2DVO79c.roa (raw, json)
Hash identifier: ziFsxjEfOvVc2iY+wuPGqhlUkzmIwPyCl77P/vXVjDI=
Subject key identifier: 7C:71:2E:32:8C:F5:62:33:5E:B8:62:DE:3B:3A:AB:D8:35:4E:EF:D7
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0B02
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/fHEuMoz1YjNeuGLeOzqr2DVO79c.roa
Signing time: Thu 16 Dec 2021 06:39:59 +0000
ROA not before: Thu 16 Dec 2021 06:39:59 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 121.254.104.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2818 (0xb02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:39:59 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=7C712E328CF562335EB862DE3B3AABD8354EEFD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e4:d0:7b:12:b8:13:67:d8:f6:ff:94:7a:06:
88:29:92:18:f1:c1:1e:fa:e4:80:ac:56:a0:cf:5d:
e3:ce:7d:20:fe:4b:bd:72:22:92:4b:e9:2b:a6:8f:
4b:6e:49:e2:92:4a:e4:3c:4b:9e:ae:2c:f8:b4:55:
20:10:2b:a7:d3:f3:17:88:48:a8:dd:06:77:68:bc:
ca:2c:5c:d0:b4:85:bb:16:a0:2f:7a:62:1e:f7:57:
83:be:db:e0:2b:39:50:58:3c:7f:5f:c1:3c:cb:4d:
1b:ed:45:0b:c5:2d:ed:f3:53:8e:c7:ca:4f:1a:d7:
3f:00:cb:49:b6:6e:db:d5:1a:2c:20:07:20:45:32:
3f:8c:66:38:1e:df:b2:8d:41:47:14:ed:a1:68:77:
31:8b:1e:e9:f6:a4:23:09:46:85:c7:84:ad:32:e7:
78:5e:1c:ac:70:7f:d8:73:20:2a:02:0a:d4:64:c7:
dd:39:69:dc:4f:16:76:2b:d6:0a:11:be:9b:f9:e2:
6e:8a:c3:af:3c:b7:dc:ef:c5:0f:6c:81:9c:6d:62:
cb:ca:34:0d:a1:a6:02:84:42:1d:70:2e:15:7d:9f:
a4:29:ed:fd:2f:91:ce:5e:ec:a3:99:66:c4:e0:56:
fc:c4:80:13:fd:a2:96:3f:5f:32:d5:73:9d:9f:dc:
f3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:71:2E:32:8C:F5:62:33:5E:B8:62:DE:3B:3A:AB:D8:35:4E:EF:D7
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/fHEuMoz1YjNeuGLeOzqr2DVO79c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.104.0/21
Signature Algorithm: sha256WithRSAEncryption
70:71:28:fb:46:cd:c5:b7:7e:47:26:63:7a:e1:f4:29:74:47:
23:03:8c:f2:f3:bf:7f:7e:56:e7:20:00:38:20:34:7c:a2:df:
8f:7d:b9:95:c2:47:59:92:17:e2:d7:3e:d9:d2:dd:16:70:dd:
6b:aa:d6:d4:87:c8:dd:33:f3:c5:80:bd:9c:3b:fd:3f:91:53:
e6:fb:d5:0c:81:55:4b:ca:17:45:f0:d1:d2:60:36:8f:28:6e:
07:79:25:c6:d3:91:11:a4:45:d8:23:ce:e6:49:6f:47:2a:bd:
8f:4a:fb:cf:10:81:2f:70:c4:3f:e0:c4:91:ed:7a:8b:87:20:
ad:20:8c:aa:b6:46:b6:de:7e:47:10:e1:bb:67:25:12:12:16:
c0:e5:40:9a:03:5c:ba:77:65:e7:03:a6:0e:86:aa:e1:a7:fb:
3c:cb:0c:51:b5:53:2e:c6:63:85:7e:24:48:09:8b:58:8a:67:
7a:bf:13:10:4c:4e:48:66:7d:eb:c4:be:ae:33:27:40:63:42:
4c:2b:aa:41:bc:2a:91:a5:fc:a6:a1:66:96:d2:b7:21:95:0a:
b0:0c:a0:1a:da:a2:81:72:ad:ed:70:03:b4:b0:83:f0:a8:31:
04:7c:92:85:9f:27:a5:08:71:fb:3e:ed:ff:6a:7b:d4:7e:7d:
01:7e:bf:e2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjM5NTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDdDNzEyRTMyOENGNTYy
MzM1RUI4NjJERTNCM0FBQkQ4MzU0RUVGRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ5NB7ErgTZ9j2/5R6BogpkhjxwR765ICsVqDPXePOfSD+S71y
IpJL6Sumj0tuSeKSSuQ8S56uLPi0VSAQK6fT8xeISKjdBndovMosXNC0hbsWoC96
Yh73V4O+2+ArOVBYPH9fwTzLTRvtRQvFLe3zU47Hyk8a1z8Ay0m2btvVGiwgByBF
Mj+MZjge37KNQUcU7aFodzGLHun2pCMJRoXHhK0y53heHKxwf9hzICoCCtRkx905
adxPFnYr1goRvpv54m6Kw688t9zvxQ9sgZxtYsvKNA2hpgKEQh1wLhV9n6Qp7f0v
kc5e7KOZZsTgVvzEgBP9opY/XzLVc52f3PO7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUfHEuMoz1YjNeuGLeOzqr2DVO79cwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvZkhFdU1vejFZak5ldUdMZU96cXIy
RFZPNzljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+aDAN
BgkqhkiG9w0BAQsFAAOCAQEAcHEo+0bNxbd+RyZjeuH0KXRHIwOM8vO/f35W5yAA
OCA0fKLfj325lcJHWZIX4tc+2dLdFnDda6rW1IfI3TPzxYC9nDv9P5FT5vvVDIFV
S8oXRfDR0mA2jyhuB3klxtOREaRF2CPO5klvRyq9j0r7zxCBL3DEP+DEke16i4cg
rSCMqrZGtt5+RxDhu2clEhIWwOVAmgNcundl5wOmDoaq4af7PMsMUbVTLsZjhX4k
SAmLWIpner8TEExOSGZ968S+rjMnQGNCTCuqQbwqkaX8pqFmltK3IZUKsAygGtqi
gXKt7XADtLCD8KgxBHyShZ8npQhx+z7t/2p71H59AX6/4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org