Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/mE9z5ktRwwXHPTmAVTYyG--l4yU.roa
File: mE9z5ktRwwXHPTmAVTYyG--l4yU.roa (raw, json)
Hash identifier: hp1qCfU1L5xgY/WjgN+Ng/sYA1kVK6LRqjAFsBDs2w4=
Subject key identifier: 98:4F:73:E6:4B:51:C3:05:C7:3D:39:80:55:36:32:1B:EF:A5:E3:25
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D31
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/mE9z5ktRwwXHPTmAVTYyG--l4yU.roa
Signing time: Wed 26 Apr 2023 10:31:39 +0000
ROA not before: Wed 26 Apr 2023 10:31:39 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3377 (0xd31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:39 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=984F73E64B51C305C73D39805536321BEFA5E325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9a:04:c5:2c:75:00:cd:4e:fc:f3:e5:ff:7a:
89:51:17:de:46:d6:52:77:87:95:9a:6b:0e:92:51:
0c:b0:5f:39:54:b1:3d:f0:d2:56:d6:90:a4:26:1f:
6d:fb:ec:1c:fd:09:e3:37:54:35:b0:42:fd:2d:b4:
cb:76:e7:43:6f:8a:3a:40:46:1b:4b:3a:66:96:e4:
39:15:21:11:60:7d:dd:4f:22:b6:b0:fb:fc:73:ad:
1c:35:c3:f6:83:fa:bd:79:ba:ab:5e:1f:44:ce:ca:
97:03:fa:86:78:2b:21:3d:45:2f:67:07:e8:ff:95:
fd:fb:df:73:d3:2b:06:2d:da:23:ba:33:b2:35:31:
cf:5e:bd:26:a2:80:7a:53:49:af:0a:33:9e:32:78:
2e:36:76:86:3d:32:d2:fb:0a:20:4e:c0:01:3c:f4:
a3:fb:63:10:96:7e:0a:35:02:4d:c3:fe:de:5a:54:
ee:d1:56:ea:aa:3c:ef:ed:5f:df:20:eb:f4:5d:2c:
ff:9d:05:ce:24:48:f2:9a:06:54:ba:ea:4a:76:f3:
ca:55:ca:61:90:38:7a:d0:a7:71:24:ce:6d:9f:d1:
ec:82:86:e8:06:a0:ef:48:be:c2:c5:62:55:3c:d5:
40:3a:65:85:87:eb:be:54:1d:83:c5:65:3a:12:da:
7b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:4F:73:E6:4B:51:C3:05:C7:3D:39:80:55:36:32:1B:EF:A5:E3:25
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/mE9z5ktRwwXHPTmAVTYyG--l4yU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.120.0/21
Signature Algorithm: sha256WithRSAEncryption
67:6a:2d:9f:ba:70:4d:97:a0:65:27:5c:8d:1a:ad:da:c8:f9:
8a:dc:a1:01:f5:54:33:7a:71:ea:0b:74:11:f9:cb:19:52:3b:
fb:37:99:b6:a7:f3:cf:f6:3c:c0:67:fe:d3:4b:66:94:a7:68:
58:4f:0c:48:80:26:b9:ec:b2:9f:58:cb:ff:e2:36:e6:bd:12:
30:7d:ea:20:8a:0b:ec:b9:c6:22:e5:68:b5:8c:9a:05:d2:c6:
db:66:75:9f:bc:05:8d:1e:75:34:c9:93:ea:42:a1:f3:3d:a0:
a5:b5:a0:2a:3a:85:41:23:95:1f:0a:c2:1a:25:a8:da:e3:82:
bf:ae:80:9c:21:f2:bf:00:30:00:fd:b0:0d:52:ae:e2:f2:2d:
51:c2:48:0e:85:ee:13:ef:bd:fd:94:3d:36:62:2a:e0:5a:af:
a4:b5:ce:e2:03:da:63:a9:ba:6b:84:4a:eb:e7:c8:16:48:d6:
e1:40:3f:e4:eb:8a:c8:1d:85:89:0e:21:98:a0:05:97:83:20:
18:b6:bb:fc:62:e4:8a:3f:31:ae:76:c9:99:47:ed:cd:8d:a1:
65:f4:0f:9b:d1:60:63:33:43:83:d1:a4:0c:9d:95:51:ee:02:
b3:93:c1:20:e5:4a:7b:e8:d0:1f:62:8e:9f:6b:d2:a4:21:33:
29:f6:08:29
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDTEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMzlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk4NEY3M0U2NEI1MUMz
MDVDNzNEMzk4MDU1MzYzMjFCRUZBNUUzMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPmgTFLHUAzU788+X/eolRF95G1lJ3h5Waaw6SUQywXzlUsT3w
0lbWkKQmH2377Bz9CeM3VDWwQv0ttMt250NvijpARhtLOmaW5DkVIRFgfd1PIraw
+/xzrRw1w/aD+r15uqteH0TOypcD+oZ4KyE9RS9nB+j/lf3733PTKwYt2iO6M7I1
Mc9evSaigHpTSa8KM54yeC42doY9MtL7CiBOwAE89KP7YxCWfgo1Ak3D/t5aVO7R
VuqqPO/tX98g6/RdLP+dBc4kSPKaBlS66kp288pVymGQOHrQp3Ekzm2f0eyChugG
oO9IvsLFYlU81UA6ZYWH675UHYPFZToS2nsvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUmE9z5ktRwwXHPTmAVTYyG++l4yUwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvbUU5ejVrdFJ3d1hIUFRtQVZUWXlH
LS1sNHlVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+eDAN
BgkqhkiG9w0BAQsFAAOCAQEAZ2otn7pwTZegZSdcjRqt2sj5ityhAfVUM3px6gt0
EfnLGVI7+zeZtqfzz/Y8wGf+00tmlKdoWE8MSIAmueyyn1jL/+I25r0SMH3qIIoL
7LnGIuVotYyaBdLG22Z1n7wFjR51NMmT6kKh8z2gpbWgKjqFQSOVHwrCGiWo2uOC
v66AnCHyvwAwAP2wDVKu4vItUcJIDoXuE++9/ZQ9NmIq4FqvpLXO4gPaY6m6a4RK
6+fIFkjW4UA/5OuKyB2FiQ4hmKAFl4MgGLa7/GLkij8xrnbJmUftzY2hZfQPm9Fg
YzNDg9GkDJ2VUe4Cs5PBIOVKe+jQH2KOn2vSpCEzKfYIKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org