Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/jZet8O_dffg8mfchcBWIBbCv6w8.roa
File: jZet8O_dffg8mfchcBWIBbCv6w8.roa (raw, json)
Hash identifier: 183Hqg24kyUjK56JGvw5DmjPHChyemUyQL8iR8vYWlM=
Subject key identifier: 8D:97:AD:F0:EF:DD:7D:F8:3C:99:F7:21:70:15:88:05:B0:AF:EB:0F
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CFF
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/jZet8O_dffg8mfchcBWIBbCv6w8.roa
Signing time: Wed 26 Apr 2023 10:31:26 +0000
ROA not before: Wed 26 Apr 2023 10:31:26 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.222.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3327 (0xcff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:26 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=8D97ADF0EFDD7DF83C99F72170158805B0AFEB0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:08:1d:ab:2a:0c:7c:9a:92:a9:f0:84:b4:18:
c9:e6:01:21:d7:c8:17:d0:41:c4:d2:3e:7d:cf:6d:
7b:27:b0:4d:a5:e7:dd:3c:1a:50:07:e2:89:0a:93:
00:37:eb:c6:fa:f3:59:17:65:2a:71:d4:36:13:ee:
e3:85:e2:3e:98:a3:1a:d1:dd:62:e1:30:31:f4:f2:
78:f3:d7:28:6a:25:ca:4b:15:a5:ab:ff:2f:bc:f5:
52:22:36:2d:94:a8:c3:cb:5b:f7:46:33:14:5b:89:
4f:46:ea:48:3f:28:e1:59:60:00:62:c6:a0:ef:a1:
f2:eb:70:8c:76:20:c7:e0:0e:47:7e:25:22:f2:97:
a5:c1:6f:48:0a:87:9b:1a:a4:0b:d2:4d:c3:08:9a:
88:6f:ea:d8:5f:be:88:40:80:05:c2:7f:3c:e3:2b:
15:43:16:23:e5:60:c9:ef:e5:36:72:7e:3f:94:c6:
fb:f1:e7:8a:fd:8c:be:2d:9a:65:58:e5:c2:88:f6:
ca:88:13:1a:9a:37:b5:ae:db:4f:d2:d6:46:d0:b2:
3a:6a:83:73:aa:27:1f:a7:85:20:f0:61:3c:57:37:
da:1d:25:a4:f2:98:b5:2d:05:e8:a7:c8:cd:e4:0a:
e7:c7:52:61:f7:45:58:d1:11:7b:8d:c8:aa:7a:24:
95:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:97:AD:F0:EF:DD:7D:F8:3C:99:F7:21:70:15:88:05:B0:AF:EB:0F
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/jZet8O_dffg8mfchcBWIBbCv6w8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.20.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:3c:c1:82:49:c4:32:6c:5a:16:a9:e7:bb:8e:f3:74:70:72:
51:cf:14:06:ba:f0:94:bc:1f:d0:0d:d2:5b:b3:dd:c8:a9:36:
f2:69:d9:29:8f:ec:1c:3b:6e:9a:df:ce:70:50:fd:e0:44:08:
61:00:55:0c:c8:db:5c:63:7b:bb:0b:b2:ca:f7:ed:32:a7:4a:
9e:07:3f:97:10:46:f3:67:73:95:02:d3:df:59:92:b4:0d:97:
07:04:4e:60:97:e2:6d:74:73:97:d4:03:ab:1a:2a:ec:77:08:
c4:6c:e7:ff:db:9c:74:ba:33:e6:8c:7d:73:f7:c9:8a:85:15:
75:fb:0a:8d:46:71:f6:bb:c2:2f:09:df:c2:91:69:73:18:bd:
d6:73:4b:d2:f2:05:5c:4f:4d:8f:a6:94:fb:a5:e2:89:74:50:
a7:fe:fb:83:37:d9:23:7a:71:ce:36:4c:d2:9e:0c:75:b6:5f:
ed:8c:57:f2:bc:d9:24:dd:83:bd:8c:bf:f2:ea:f1:f8:21:17:
52:d3:1d:08:84:fe:8b:6a:e7:02:d1:d3:71:e5:19:9e:6f:11:
aa:84:79:30:f0:aa:38:18:ab:6e:26:59:be:32:be:67:70:de:
b4:21:ff:c1:a4:05:4c:e6:9b:b7:ff:00:38:cc:d4:49:b2:ba:
a1:e5:7d:87
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDP8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDhEOTdBREYwRUZERDdE
RjgzQzk5RjcyMTcwMTU4ODA1QjBBRkVCMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHCB2rKgx8mpKp8IS0GMnmASHXyBfQQcTSPn3PbXsnsE2l5908
GlAH4okKkwA368b681kXZSpx1DYT7uOF4j6YoxrR3WLhMDH08njz1yhqJcpLFaWr
/y+89VIiNi2UqMPLW/dGMxRbiU9G6kg/KOFZYABixqDvofLrcIx2IMfgDkd+JSLy
l6XBb0gKh5sapAvSTcMImohv6thfvohAgAXCfzzjKxVDFiPlYMnv5TZyfj+Uxvvx
54r9jL4tmmVY5cKI9sqIExqaN7Wu20/S1kbQsjpqg3OqJx+nhSDwYTxXN9odJaTy
mLUtBeinyM3kCufHUmH3RVjREXuNyKp6JJUBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUjZet8O/dffg8mfchcBWIBbCv6w8wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvalpldDhPX2RmZmc4bWZjaGNCV0lC
YkN2Nnc4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveFDAN
BgkqhkiG9w0BAQsFAAOCAQEAsjzBgknEMmxaFqnnu47zdHByUc8UBrrwlLwf0A3S
W7PdyKk28mnZKY/sHDtumt/OcFD94EQIYQBVDMjbXGN7uwuyyvftMqdKngc/lxBG
82dzlQLT31mStA2XBwROYJfibXRzl9QDqxoq7HcIxGzn/9ucdLoz5ox9c/fJioUV
dfsKjUZx9rvCLwnfwpFpcxi91nNL0vIFXE9Nj6aU+6XiiXRQp/77gzfZI3pxzjZM
0p4MdbZf7YxX8rzZJN2DvYy/8urx+CEXUtMdCIT+i2rnAtHTceUZnm8RqoR5MPCq
OBirbiZZvjK+Z3DetCH/waQFTOabt/8AOMzUSbK6oeV9hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org