Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/mNsEl8ACbKbYFegZ2f2PV8QnO_s.roa
File: mNsEl8ACbKbYFegZ2f2PV8QnO_s.roa (raw, json)
Hash identifier: W1KPv7KnmxhJ8Lm2nrLEfWa24UcRGKoOBmrsn3+bLRs=
Subject key identifier: 98:DB:04:97:C0:02:6C:A6:D8:15:E8:19:D9:FD:8F:57:C4:27:3B:FB
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CE4
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/mNsEl8ACbKbYFegZ2f2PV8QnO_s.roa
Signing time: Wed 26 Apr 2023 10:31:19 +0000
ROA not before: Wed 26 Apr 2023 10:31:19 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3300 (0xce4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:19 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=98DB0497C0026CA6D815E819D9FD8F57C4273BFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:84:11:a4:56:b3:25:b8:7b:fb:43:09:88:35:
4c:f0:53:dc:2f:da:58:a5:e6:7c:d6:1a:e3:02:6b:
ba:db:0d:6c:d3:9b:ee:90:30:19:67:9f:fa:df:22:
20:91:c7:df:e1:66:09:3b:fb:e7:8f:c5:6e:66:0c:
f1:e2:2f:4f:f2:8d:68:47:7f:a8:5a:0b:f4:64:ff:
6c:42:77:4a:37:b9:84:b3:42:11:d8:31:3f:6b:cb:
38:8f:b5:29:58:b3:b2:03:97:ad:d3:fc:fc:53:73:
c0:82:f5:1b:37:01:71:77:ed:2c:4b:fb:7e:59:44:
93:25:a1:76:6d:55:01:06:8a:0f:d8:76:a6:01:8f:
b0:94:c3:5b:7f:d7:75:fe:31:11:58:44:0b:84:cd:
b8:3c:0f:b0:02:d7:15:18:58:e7:86:06:19:09:d0:
98:21:e5:95:9c:a8:b9:fb:da:d2:ea:ba:60:db:49:
5c:76:56:93:b3:e9:ea:9e:52:91:34:0a:ef:72:0b:
a1:b8:fc:d6:e0:ba:9b:44:8d:79:5c:c3:2f:d9:c3:
d7:6e:c2:49:8c:8a:bc:91:2a:d3:80:a8:ec:d1:93:
9a:d5:9e:d1:d8:1c:d9:3a:00:55:9f:00:91:1e:29:
36:fe:2a:70:f1:d2:2e:91:4e:7f:36:20:5e:e4:1f:
9f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DB:04:97:C0:02:6C:A6:D8:15:E8:19:D9:FD:8F:57:C4:27:3B:FB
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/mNsEl8ACbKbYFegZ2f2PV8QnO_s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.112.0/21
Signature Algorithm: sha256WithRSAEncryption
65:d7:ba:a4:d2:7d:9f:72:74:ad:bb:15:04:5f:0c:ea:8b:0a:
51:d1:63:90:53:c1:32:4a:a8:c5:f4:85:1c:20:7c:ab:c7:c4:
3c:07:a7:59:92:c0:a9:70:93:67:10:0f:85:57:4d:d0:e5:88:
88:55:78:88:89:88:52:84:c2:42:e8:3f:66:31:32:ab:23:e8:
66:55:3b:e2:0c:cf:2d:12:7b:a4:2d:d4:cf:9a:33:2a:1b:3a:
09:50:03:08:20:04:3e:84:74:52:83:04:26:75:de:40:bc:f6:
eb:ff:8a:ac:a5:a1:fc:86:97:ff:94:6f:6d:f0:9f:da:c0:b3:
c7:d1:11:de:0c:00:d9:ef:c4:9d:6e:52:12:6a:8d:3c:5c:c3:
e0:8d:83:be:fc:2d:62:9f:ab:93:e4:f3:fc:5e:64:1a:39:7f:
d8:63:ea:0d:a5:c0:71:89:4e:ba:ed:9b:81:2d:40:57:5e:db:
44:d9:56:13:8a:68:4b:6a:b9:8e:c5:67:71:ba:a0:c9:9f:84:
19:81:f8:d3:d5:f1:90:e3:55:9a:55:fe:fb:b5:e4:c3:ed:a3:
4e:47:ff:03:01:93:3d:c4:4c:e8:c3:33:da:0c:53:47:1a:bb:
22:44:03:d6:02:68:b5:c8:11:e9:68:1b:07:b5:f4:0f:40:28:
f7:57:ab:98
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk4REIwNDk3QzAwMjZD
QTZEODE1RTgxOUQ5RkQ4RjU3QzQyNzNCRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEhBGkVrMluHv7QwmINUzwU9wv2lil5nzWGuMCa7rbDWzTm+6Q
MBlnn/rfIiCRx9/hZgk7++ePxW5mDPHiL0/yjWhHf6haC/Rk/2xCd0o3uYSzQhHY
MT9ryziPtSlYs7IDl63T/PxTc8CC9Rs3AXF37SxL+35ZRJMloXZtVQEGig/YdqYB
j7CUw1t/13X+MRFYRAuEzbg8D7AC1xUYWOeGBhkJ0Jgh5ZWcqLn72tLqumDbSVx2
VpOz6eqeUpE0Cu9yC6G4/NbguptEjXlcwy/Zw9duwkmMiryRKtOAqOzRk5rVntHY
HNk6AFWfAJEeKTb+KnDx0i6RTn82IF7kH59PAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUmNsEl8ACbKbYFegZ2f2PV8QnO/swHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvbU5zRWw4QUNiS2JZRmVnWjJmMlBW
OFFuT19zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8vZcDAN
BgkqhkiG9w0BAQsFAAOCAQEAZde6pNJ9n3J0rbsVBF8M6osKUdFjkFPBMkqoxfSF
HCB8q8fEPAenWZLAqXCTZxAPhVdN0OWIiFV4iImIUoTCQug/ZjEyqyPoZlU74gzP
LRJ7pC3Uz5ozKhs6CVADCCAEPoR0UoMEJnXeQLz26/+KrKWh/IaX/5RvbfCf2sCz
x9ER3gwA2e/EnW5SEmqNPFzD4I2DvvwtYp+rk+Tz/F5kGjl/2GPqDaXAcYlOuu2b
gS1AV17bRNlWE4poS2q5jsVncbqgyZ+EGYH409XxkONVmlX++7Xkw+2jTkf/AwGT
PcRM6MMz2gxTRxq7IkQD1gJotcgR6WgbB7X0D0Ao91ermA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org