Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/lnXg949jrBW13vwzESg9EerVeIw.roa
File: lnXg949jrBW13vwzESg9EerVeIw.roa (raw, json)
Hash identifier: Gv9BnbpMdJJCnAj7FirWwbZ02pkp3AJbWfBhgNRzJ80=
Subject key identifier: 96:75:E0:F7:8F:63:AC:15:B5:DE:FC:33:11:28:3D:11:EA:D5:78:8C
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0B00
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/lnXg949jrBW13vwzESg9EerVeIw.roa
Signing time: Thu 16 Dec 2021 06:39:44 +0000
ROA not before: Thu 16 Dec 2021 06:39:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 121.254.96.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2816 (0xb00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:39:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9675E0F78F63AC15B5DEFC3311283D11EAD5788C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:8a:72:bd:38:d8:bc:5d:c8:3f:d2:27:74:
51:41:00:48:9d:d3:b1:5f:88:e0:37:7e:ad:ff:8c:
5f:db:a3:47:12:2f:c8:f7:16:99:c9:7b:15:d9:54:
d5:56:31:69:6e:94:be:90:39:c1:1e:7b:b8:7b:fb:
91:19:a1:19:0f:fb:e7:bb:f1:f2:8d:d9:04:cd:f2:
6f:10:fb:1b:56:b5:6c:80:5c:98:3a:5b:36:d2:31:
46:91:1f:f1:bf:e2:59:06:66:57:a9:53:93:88:56:
2c:4d:5d:30:e9:47:cd:17:d8:87:7b:9f:04:2c:f9:
ee:1d:ed:73:2e:21:20:f1:c7:80:1a:69:78:0d:e0:
aa:5a:0b:34:a2:cd:bf:74:ed:71:36:20:a4:be:e0:
0b:9a:ea:85:59:f8:0f:ec:96:89:70:89:f4:88:2f:
91:f2:6e:93:4c:09:7f:58:f8:81:c5:13:76:ed:f5:
f7:bc:31:48:53:d0:a3:65:66:34:7d:ec:71:48:23:
fd:e8:b5:57:49:eb:7a:ec:b8:55:42:6f:a0:be:be:
fd:6d:4a:c5:53:0b:77:e4:60:25:53:0b:18:29:a5:
e3:89:12:2c:df:70:de:79:fd:4b:bb:b6:1e:43:91:
15:49:62:67:bf:aa:40:8a:8b:b3:6d:95:e9:e8:05:
b7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:75:E0:F7:8F:63:AC:15:B5:DE:FC:33:11:28:3D:11:EA:D5:78:8C
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/lnXg949jrBW13vwzESg9EerVeIw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.96.0/21
Signature Algorithm: sha256WithRSAEncryption
62:2e:60:17:f7:9f:1f:93:c5:72:39:84:7f:a1:73:56:d8:68:
e8:51:e1:e8:92:7c:1e:2f:50:cd:76:0e:b1:c2:ab:6a:da:32:
2b:34:4c:52:35:36:4c:97:76:6c:7f:31:cb:d5:84:7f:3f:bf:
25:d9:1b:00:6e:46:20:cb:7e:65:dc:fe:f3:36:e2:ff:db:d6:
0a:51:36:e7:c7:81:20:77:69:9c:a7:c9:b9:b8:5a:c9:4c:94:
51:7b:59:9e:22:32:8a:94:9e:04:20:95:06:67:db:0d:30:fc:
d0:b6:48:27:9d:39:3f:46:ed:7e:1b:3d:94:00:ae:3a:d6:95:
2e:35:cd:26:d8:f3:ae:db:e4:49:f2:dc:2e:0e:f3:70:c0:8b:
3d:83:21:6a:65:43:c5:f5:22:62:68:c6:61:ad:3e:7e:12:12:
71:54:44:47:0f:e3:53:a2:d4:a1:07:32:84:8f:6a:fd:f3:cf:
fd:1e:cd:b2:c7:27:90:86:f3:9f:44:dc:26:7e:c6:46:cc:09:
40:2f:64:6a:77:2c:d3:3f:be:b7:4b:8c:de:da:ff:05:32:c5:
1e:c9:cc:b7:de:9e:71:74:f9:38:92:a2:19:d2:77:56:72:f5:
9a:ef:1a:49:d2:9e:f1:df:67:33:8d:0a:57:45:db:84:02:53:
9b:f0:fa:2a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCwAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjM5NDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk2NzVFMEY3OEY2M0FD
MTVCNURFRkMzMzExMjgzRDExRUFENTc4OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtmIpyvTjYvF3IP9IndFFBAEid07FfiOA3fq3/jF/bo0cSL8j3
FpnJexXZVNVWMWlulL6QOcEee7h7+5EZoRkP++e78fKN2QTN8m8Q+xtWtWyAXJg6
WzbSMUaRH/G/4lkGZlepU5OIVixNXTDpR80X2Id7nwQs+e4d7XMuISDxx4AaaXgN
4KpaCzSizb907XE2IKS+4Aua6oVZ+A/slolwifSIL5HybpNMCX9Y+IHFE3bt9fe8
MUhT0KNlZjR97HFII/3otVdJ63rsuFVCb6C+vv1tSsVTC3fkYCVTCxgppeOJEizf
cN55/Uu7th5DkRVJYme/qkCKi7NtlenoBbeVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUlnXg949jrBW13vwzESg9EerVeIwwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvbG5YZzk0OWpyQlcxM3Z3ekVTZzlF
ZXJWZUl3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+YDAN
BgkqhkiG9w0BAQsFAAOCAQEAYi5gF/efH5PFcjmEf6FzVtho6FHh6JJ8Hi9QzXYO
scKratoyKzRMUjU2TJd2bH8xy9WEfz+/JdkbAG5GIMt+Zdz+8zbi/9vWClE258eB
IHdpnKfJubhayUyUUXtZniIyipSeBCCVBmfbDTD80LZIJ505P0btfhs9lACuOtaV
LjXNJtjzrtvkSfLcLg7zcMCLPYMhamVDxfUiYmjGYa0+fhIScVRERw/jU6LUoQcy
hI9q/fPP/R7NsscnkIbzn0TcJn7GRswJQC9kancs0z++t0uM3tr/BTLFHsnMt96e
cXT5OJKiGdJ3VnL1mu8aSdKe8d9nM40KV0XbhAJTm/D6Kg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org