Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/iPTLlBnEx751QLNeDv9hi0edTaI.roa
File: iPTLlBnEx751QLNeDv9hi0edTaI.roa (raw, json)
Hash identifier: iDNI6oxXOaEw5dDKa1W/Brg5TeRgPov+huMrJXwvV6o=
Subject key identifier: 88:F4:CB:94:19:C4:C7:BE:75:40:B3:5E:0E:FF:61:8B:47:9D:4D:A2
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0ADC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/iPTLlBnEx751QLNeDv9hi0edTaI.roa
Signing time: Thu 16 Dec 2021 06:30:36 +0000
ROA not before: Thu 16 Dec 2021 06:30:36 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 27.96.248.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2780 (0xadc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:30:36 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=88F4CB9419C4C7BE7540B35E0EFF618B479D4DA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:73:a4:0f:43:6e:71:7d:03:b3:c6:ce:ba:88:
78:07:73:b7:b8:8f:d1:c6:ee:78:b1:6c:25:3d:8a:
75:78:01:07:1c:2c:ed:93:25:6c:d6:80:d3:d1:ae:
a4:09:8d:cd:d1:fa:08:14:81:81:00:ba:f0:a0:d2:
70:60:3f:12:c0:5f:cd:11:79:7b:af:b4:14:f4:f7:
86:06:f2:f3:94:33:60:ee:f7:5c:3f:1d:d3:55:3f:
04:87:6f:d2:93:81:6b:07:e9:b1:cb:cd:d9:26:02:
ed:f8:8f:18:86:aa:32:b7:80:ed:9b:a0:63:b1:08:
1a:a8:8c:c2:c4:c7:cb:5a:71:7b:c7:58:91:65:a0:
b1:8a:a2:74:cd:1f:00:4a:87:66:db:86:cf:8c:0b:
24:1f:6d:87:d6:81:66:e2:a0:a7:8e:9e:56:fc:a8:
e3:4f:bd:33:61:4a:bb:0f:ad:10:2b:fb:96:39:71:
51:99:97:3d:9e:a6:53:f7:cb:9e:ed:26:84:99:be:
8c:96:b7:71:ef:57:aa:a4:2b:6e:5b:26:53:eb:31:
d7:d7:87:d6:1c:c0:69:d4:96:d7:6e:22:40:7c:a7:
1f:2f:e3:e5:b7:6b:73:9e:e7:ee:d0:58:1e:c5:47:
8d:94:ec:f0:76:0a:df:bb:ec:6a:2d:1b:cf:44:65:
a6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F4:CB:94:19:C4:C7:BE:75:40:B3:5E:0E:FF:61:8B:47:9D:4D:A2
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/iPTLlBnEx751QLNeDv9hi0edTaI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.248.0/21
Signature Algorithm: sha256WithRSAEncryption
22:9e:c2:9f:1f:b4:17:96:f1:ae:03:d3:fd:03:54:c0:c7:cd:
71:ad:bb:a8:42:07:ee:8c:c3:27:ef:e8:05:d5:2a:28:4f:77:
c2:18:51:15:38:b9:3a:28:1d:0b:dc:bc:88:c3:ea:78:55:02:
17:59:bd:f4:c1:4f:e3:c4:4b:bf:c6:80:cf:19:1c:ae:f4:ab:
a0:d7:52:bd:8b:ce:17:1e:5e:ea:fb:42:60:c2:67:61:e3:54:
dc:0d:af:4e:e0:ef:2d:3e:b6:ad:dc:29:7d:78:34:a1:b8:58:
23:40:14:bf:dd:c2:06:e0:03:ce:23:02:7a:bd:5d:96:48:ad:
16:50:a3:ad:dc:99:47:a3:38:22:2e:db:3a:6c:15:3e:21:2d:
3d:31:f4:6e:12:f7:7c:06:7a:20:e2:98:a9:c7:0d:b4:b6:89:
b2:07:13:ed:18:79:22:90:13:f2:1f:b7:c9:68:7c:eb:91:80:
53:63:e8:31:71:2a:2a:8f:2d:52:f6:fc:93:b7:ca:72:c6:f5:
93:c8:31:08:25:f0:0b:0a:7b:fb:8a:db:f0:e1:42:23:45:c1:
79:1e:d1:89:32:e0:ec:e3:e1:ea:98:83:c0:90:f7:53:e6:b0:
99:37:db:82:c7:0d:9b:e1:b9:27:4d:03:f5:5c:69:b0:11:53:
d4:24:a9:61
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjMwMzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg4RjRDQjk0MTlDNEM3
QkU3NTQwQjM1RTBFRkY2MThCNDc5RDREQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXc6QPQ25xfQOzxs66iHgHc7e4j9HG7nixbCU9inV4AQccLO2T
JWzWgNPRrqQJjc3R+ggUgYEAuvCg0nBgPxLAX80ReXuvtBT094YG8vOUM2Du91w/
HdNVPwSHb9KTgWsH6bHLzdkmAu34jxiGqjK3gO2boGOxCBqojMLEx8tacXvHWJFl
oLGKonTNHwBKh2bbhs+MCyQfbYfWgWbioKeOnlb8qONPvTNhSrsPrRAr+5Y5cVGZ
lz2eplP3y57tJoSZvoyWt3HvV6qkK25bJlPrMdfXh9YcwGnUltduIkB8px8v4+W3
a3Oe5+7QWB7FR42U7PB2Ct+77GotG89EZaZZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUiPTLlBnEx751QLNeDv9hi0edTaIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvaVBUTGxCbkV4NzUxUUxOZUR2OWhp
MGVkVGFJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAxtg+DAN
BgkqhkiG9w0BAQsFAAOCAQEAIp7Cnx+0F5bxrgPT/QNUwMfNca27qEIH7ozDJ+/o
BdUqKE93whhRFTi5OigdC9y8iMPqeFUCF1m99MFP48RLv8aAzxkcrvSroNdSvYvO
Fx5e6vtCYMJnYeNU3A2vTuDvLT62rdwpfXg0obhYI0AUv93CBuADziMCer1dlkit
FlCjrdyZR6M4Ii7bOmwVPiEtPTH0bhL3fAZ6IOKYqccNtLaJsgcT7Rh5IpAT8h+3
yWh865GAU2PoMXEqKo8tUvb8k7fKcsb1k8gxCCXwCwp7+4rb8OFCI0XBeR7RiTLg
7OPh6piDwJD3U+awmTfbgscNm+G5J00D9VxpsBFT1CSpYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org