Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/kfbFbiD2xVyq5yH4RMGQRA4-Cwc.roa
File: kfbFbiD2xVyq5yH4RMGQRA4-Cwc.roa (raw, json)
Hash identifier: hBhbhHWyKH7l/X7xKA+HfSXFfV/rL6hpDZssjyAgaYQ=
Subject key identifier: 91:F6:C5:6E:20:F6:C5:5C:AA:E7:21:F8:44:C1:90:44:0E:3E:0B:07
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/kfbFbiD2xVyq5yH4RMGQRA4-Cwc.roa
Signing time: Thu 15 Sep 2022 02:37:27 +0000
ROA not before: Thu 15 Sep 2022 02:37:27 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 27.96.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:27 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=91F6C56E20F6C55CAAE721F844C190440E3E0B07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:dc:79:a6:9c:33:9f:bd:f6:a1:5d:4e:5c:ad:
55:d9:83:33:13:d6:6e:57:ef:36:10:28:18:20:78:
59:1c:0a:f6:36:24:c6:e6:fe:28:0c:92:8f:ad:13:
30:f9:00:41:6f:49:33:8d:f4:15:2b:5c:3f:94:d2:
99:9b:a6:86:e4:cd:6c:35:33:c0:ab:79:85:bd:df:
79:30:d2:e2:6e:d8:1c:0a:f0:42:fb:df:dd:7a:18:
dc:6a:7b:f9:59:e7:04:4e:90:c5:8e:f4:dc:9a:02:
79:ea:12:fc:d8:01:5e:fe:a8:3e:54:9a:59:b1:ba:
4b:59:ea:e8:52:6c:76:d7:9b:fc:48:05:db:e9:91:
5e:f2:73:a9:1d:75:ad:e2:cc:c3:e5:5a:0d:41:bc:
f7:fc:3e:76:d9:6f:6f:04:bd:96:0a:b4:3c:53:59:
da:9d:5a:12:df:20:92:dc:96:5e:71:27:c3:eb:d5:
f0:2a:68:33:d6:06:26:72:06:5e:60:08:62:32:ec:
1a:3a:ac:b8:81:63:59:21:99:a8:00:d7:42:d0:7a:
c0:8a:40:01:ed:fa:13:bc:36:dc:09:da:b2:b8:6b:
64:c0:d0:6d:50:6e:e9:46:4a:ad:01:d2:c3:ab:50:
8e:8f:a2:de:76:3e:e1:62:53:31:9a:ff:31:fe:5a:
46:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F6:C5:6E:20:F6:C5:5C:AA:E7:21:F8:44:C1:90:44:0E:3E:0B:07
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/kfbFbiD2xVyq5yH4RMGQRA4-Cwc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.240.0/22
Signature Algorithm: sha256WithRSAEncryption
14:5b:98:f1:b6:d1:53:3c:dc:51:c0:ab:a4:5b:9f:b1:e2:4f:
9c:fe:e4:90:fa:83:15:62:8f:f6:36:a6:4e:2e:72:b8:85:df:
a2:e2:e4:27:6a:f6:ef:3f:41:64:70:8c:6a:2f:44:94:a3:cb:
a5:ff:2e:21:be:20:4a:72:10:83:cd:b5:ef:1d:96:8c:d6:de:
71:4c:be:91:53:27:35:12:0a:4f:df:13:47:bb:0c:7c:59:26:
a0:3c:9d:33:30:86:34:5b:f3:5f:3b:6b:d1:e8:ab:b7:ba:30:
2b:67:6b:c8:bf:fc:26:72:b9:32:1c:87:29:46:a2:74:29:93:
d7:5f:ff:21:d4:47:1c:ca:2d:54:d4:c5:94:d0:bb:72:62:b9:
9f:ea:d3:4e:35:46:96:30:08:49:a8:51:8e:34:20:4a:55:20:
94:48:0f:c6:33:35:0b:eb:cf:da:c9:56:9a:41:76:29:af:6c:
fd:b1:d9:21:9f:c4:d4:34:f4:43:84:2a:5d:27:68:b0:72:0d:
0b:0d:31:b7:93:8f:21:e6:23:6f:52:4a:bc:09:ae:5b:98:2b:
b2:52:82:3f:30:25:d4:b9:ae:9e:31:f4:14:3f:57:41:a7:10:
a8:f8:ed:d3:1f:05:80:cf:65:7e:00:07:90:93:14:65:fe:19:
10:15:74:12
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDkxRjZDNTZFMjBGNkM1
NUNBQUU3MjFGODQ0QzE5MDQ0MEUzRTBCMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ3HmmnDOfvfahXU5crVXZgzMT1m5X7zYQKBggeFkcCvY2JMbm
/igMko+tEzD5AEFvSTON9BUrXD+U0pmbpobkzWw1M8CreYW933kw0uJu2BwK8EL7
3916GNxqe/lZ5wROkMWO9NyaAnnqEvzYAV7+qD5UmlmxuktZ6uhSbHbXm/xIBdvp
kV7yc6kdda3izMPlWg1BvPf8PnbZb28EvZYKtDxTWdqdWhLfIJLcll5xJ8Pr1fAq
aDPWBiZyBl5gCGIy7Bo6rLiBY1khmagA10LQesCKQAHt+hO8NtwJ2rK4a2TA0G1Q
bulGSq0B0sOrUI6Pot52PuFiUzGa/zH+WkaDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkfbFbiD2xVyq5yH4RMGQRA4+CwcwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgva2ZiRmJpRDJ4VnlxNXlINFJNR1FS
QTQtQ3djLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg8DAN
BgkqhkiG9w0BAQsFAAOCAQEAFFuY8bbRUzzcUcCrpFufseJPnP7kkPqDFWKP9jam
Ti5yuIXfouLkJ2r27z9BZHCMai9ElKPLpf8uIb4gSnIQg8217x2WjNbecUy+kVMn
NRIKT98TR7sMfFkmoDydMzCGNFvzXztr0eirt7owK2dryL/8JnK5MhyHKUaidCmT
11//IdRHHMotVNTFlNC7cmK5n+rTTjVGljAISahRjjQgSlUglEgPxjM1C+vP2slW
mkF2Ka9s/bHZIZ/E1DT0Q4QqXSdosHINCw0xt5OPIeYjb1JKvAmuW5grslKCPzAl
1LmunjH0FD9XQacQqPjt0x8FgM9lfgAHkJMUZf4ZEBV0Eg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org