Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ifAQ6IxUfNZ0HeCorMqyQDPwIH0.roa
File: ifAQ6IxUfNZ0HeCorMqyQDPwIH0.roa (raw, json)
Hash identifier: 2AFgZgkiFVljrenFFUgIBm2gaXh+hWZbEKr1v6Jio9k=
Subject key identifier: 89:F0:10:E8:8C:54:7C:D6:74:1D:E0:A8:AC:CA:B2:40:33:F0:20:7D
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D8B
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ifAQ6IxUfNZ0HeCorMqyQDPwIH0.roa
Signing time: Mon 31 Jul 2023 02:55:15 +0000
ROA not before: Mon 31 Jul 2023 02:55:15 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 113.61.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3467 (0xd8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Jul 31 02:55:15 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=89F010E88C547CD6741DE0A8ACCAB24033F0207D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a1:74:ca:49:46:fb:84:70:63:41:d8:79:ca:
97:e8:b9:cc:f7:73:6d:94:e7:c1:55:5a:10:53:9f:
5c:18:87:6f:49:35:83:8b:c2:44:a0:04:39:c1:b3:
51:c7:6d:e6:9b:cf:45:3c:b8:9f:41:0a:6e:2a:dc:
20:e6:5e:6b:8f:2b:45:4d:47:77:5a:db:6d:17:5d:
fa:eb:36:32:c2:17:80:b5:dc:5c:44:6a:d0:90:7d:
e4:68:61:af:00:26:e1:05:c9:34:6b:48:ba:61:d7:
5d:97:73:ff:72:cc:cd:c2:b0:e5:50:1d:25:d4:76:
86:d2:1e:8f:8b:3a:1d:85:d7:a6:6c:02:62:98:ae:
3c:82:e6:c1:e7:7c:23:c1:7f:1b:31:30:a5:ba:58:
4c:d4:28:db:35:7e:df:23:a2:7f:b0:97:76:bd:ee:
00:cf:20:29:3e:45:08:c6:70:30:e0:d0:e5:8f:30:
7f:a9:90:11:95:f3:60:d3:1d:b7:d6:05:d0:96:d6:
78:6e:78:2a:66:a7:ce:ca:80:82:2b:9c:7b:7e:f9:
c6:56:1d:09:6c:5f:81:6d:cd:ea:10:85:ad:22:7d:
96:6b:8e:52:5e:2b:d0:96:0f:cc:46:a7:18:7d:86:
48:f9:85:26:26:a9:65:c4:8c:b4:f1:1f:06:87:06:
42:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F0:10:E8:8C:54:7C:D6:74:1D:E0:A8:AC:CA:B2:40:33:F0:20:7D
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ifAQ6IxUfNZ0HeCorMqyQDPwIH0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.61.173.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:c6:c4:5c:de:28:ad:91:95:18:d5:64:04:f8:f8:bb:06:ab:
60:f9:8f:11:d5:1c:e7:35:1b:83:42:fe:5e:27:3f:38:8e:a9:
b7:dd:0a:a5:41:24:3c:42:c1:43:08:93:bc:70:16:6a:45:f5:
26:b1:35:83:5f:d4:8c:33:86:94:87:20:e8:d1:08:f6:a3:45:
a3:b6:80:c8:6a:9a:b9:25:20:75:e4:55:c2:95:27:c6:b2:b0:
ad:48:e2:7e:90:96:1a:c5:c2:9f:0d:f5:31:57:dc:94:2e:c7:
b3:f6:ab:17:b5:eb:ce:53:93:7e:cc:2d:0f:68:ad:05:67:78:
fc:30:38:75:59:9f:84:37:61:c5:50:90:7d:ae:21:0e:95:05:
5a:f8:8f:c8:99:81:f6:6e:83:87:fd:fd:ac:40:c5:ef:7c:57:
ee:f5:3f:a3:c8:8a:11:2d:5b:85:ef:90:46:2f:e6:a2:d5:e9:
1d:25:7c:b0:81:7d:f0:e3:24:7a:be:cd:9d:d8:4b:c6:5a:82:
9d:0a:b0:da:10:ab:9d:0b:0f:60:3b:3c:40:5c:31:ab:5d:db:
b3:31:d4:4b:95:c6:ff:80:4b:bd:22:e0:a1:22:a2:a9:fa:d7:
4d:47:46:4c:7e:c1:26:57:41:36:31:85:3d:d6:dc:8e:ae:b6:
ce:a6:cd:11
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDYswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA3MzEw
MjU1MTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg5RjAxMEU4OEM1NDdD
RDY3NDFERTBBOEFDQ0FCMjQwMzNGMDIwN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4oXTKSUb7hHBjQdh5ypfoucz3c22U58FVWhBTn1wYh29JNYOL
wkSgBDnBs1HHbeabz0U8uJ9BCm4q3CDmXmuPK0VNR3da220XXfrrNjLCF4C13FxE
atCQfeRoYa8AJuEFyTRrSLph112Xc/9yzM3CsOVQHSXUdobSHo+LOh2F16ZsAmKY
rjyC5sHnfCPBfxsxMKW6WEzUKNs1ft8jon+wl3a97gDPICk+RQjGcDDg0OWPMH+p
kBGV82DTHbfWBdCW1nhueCpmp87KgIIrnHt++cZWHQlsX4FtzeoQha0ifZZrjlJe
K9CWD8xGpxh9hkj5hSYmqWXEjLTxHwaHBkKBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUifAQ6IxUfNZ0HeCorMqyQDPwIH0wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvaWZBUTZJeFVmTlowSGVDb3JNcXlR
RFB3SUgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHE9rTAN
BgkqhkiG9w0BAQsFAAOCAQEAHcbEXN4orZGVGNVkBPj4uwarYPmPEdUc5zUbg0L+
Xic/OI6pt90KpUEkPELBQwiTvHAWakX1JrE1g1/UjDOGlIcg6NEI9qNFo7aAyGqa
uSUgdeRVwpUnxrKwrUjifpCWGsXCnw31MVfclC7Hs/arF7XrzlOTfswtD2itBWd4
/DA4dVmfhDdhxVCQfa4hDpUFWviPyJmB9m6Dh/39rEDF73xX7vU/o8iKES1bhe+Q
Ri/motXpHSV8sIF98OMker7NndhLxlqCnQqw2hCrnQsPYDs8QFwxq13bszHUS5XG
/4BLvSLgoSKiqfrXTUdGTH7BJldBNjGFPdbcjq62zqbNEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org