Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/q-d4tw8P0hPMOZ4B0WzithzFfJQ.roa
File: q-d4tw8P0hPMOZ4B0WzithzFfJQ.roa (raw, json)
Hash identifier: 5P0lieIVYHPOKFbimaHKSExIxH2ncZ1IVXU7s5xZR6k=
Subject key identifier: AB:E7:78:B7:0F:0F:D2:13:CC:39:9E:01:D1:6C:E2:B6:1C:C5:7C:94
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 09A5
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/q-d4tw8P0hPMOZ4B0WzithzFfJQ.roa
Signing time: Sun 07 Feb 2021 13:15:33 +0000
ROA not before: Sun 07 Feb 2021 13:15:33 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17809
IP address blocks: 203.217.96.0/19 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2469 (0x9a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 7 13:15:33 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=ABE778B70F0FD213CC399E01D16CE2B61CC57C94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:23:a0:e4:c0:80:d0:cd:ec:a9:3c:39:eb:cb:
e9:41:0e:dc:0f:0c:14:a7:81:75:1b:aa:fb:71:97:
6a:03:bd:2b:d7:53:d7:1f:fd:e8:42:b0:93:1e:7f:
b7:3c:ee:f5:d8:13:46:4a:d9:17:89:92:88:ba:3f:
81:f5:c7:1b:37:3f:43:07:d4:95:3a:49:70:64:0f:
77:09:3b:74:77:ef:29:1b:59:2c:d0:41:d9:8c:7c:
b8:1e:83:1b:f2:33:4e:5a:7e:70:4c:23:28:89:89:
25:53:e8:d5:44:6d:89:87:3f:92:04:3e:67:40:23:
21:e3:f3:48:9f:f2:9b:3a:74:3c:9e:bc:bc:cd:de:
49:a4:df:e5:c5:d7:65:cc:f3:bb:df:8b:af:4e:c0:
fd:0c:9b:50:f8:e9:21:64:68:e2:87:e8:a5:a8:75:
bc:5f:ce:99:f3:0f:84:72:65:fd:02:3d:a6:46:e5:
9a:75:02:73:96:53:f7:f0:06:aa:19:b1:ff:9c:1f:
8e:68:dd:6b:d7:4a:e5:42:fc:6b:3d:22:fd:fd:70:
01:03:46:2a:de:a3:d1:ba:ec:15:a1:c7:af:77:2b:
b3:75:04:a2:d7:35:5e:1d:f3:67:b8:92:5c:b3:16:
d4:8d:83:3e:aa:2a:62:1d:bb:c6:63:9f:9f:73:19:
7a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E7:78:B7:0F:0F:D2:13:CC:39:9E:01:D1:6C:E2:B6:1C:C5:7C:94
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/q-d4tw8P0hPMOZ4B0WzithzFfJQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.96.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:02:77:f0:41:b2:0d:3f:46:a6:5e:6f:60:81:cf:b8:26:dd:
87:c8:69:45:57:df:76:f5:fd:6d:30:18:51:23:49:0c:4d:a4:
b0:cc:11:fd:81:a2:0b:69:8c:5c:05:68:7e:17:81:a9:e0:b1:
6d:fa:5f:d5:4e:1e:4f:df:b3:bd:a8:ef:d0:d5:14:1c:07:54:
ce:1c:27:c9:2d:4f:8b:f4:95:de:ec:62:70:11:ee:04:bb:45:
1f:2a:25:ed:33:e6:e1:4f:de:f0:37:41:d9:95:19:7c:fa:13:
0b:0f:94:24:19:84:dd:a7:36:7d:ec:dd:cc:55:d9:4c:1f:18:
77:df:a0:28:b6:91:94:56:51:f5:7c:17:18:20:40:a3:e5:c0:
31:a2:3f:f6:1c:0f:5f:ee:8e:c6:37:25:6b:58:12:83:b5:a8:
6d:3b:af:1d:96:da:69:49:65:8f:aa:b9:e0:01:03:80:a8:d8:
d4:79:03:84:b3:99:da:57:4c:2f:ef:30:f0:f2:01:23:1a:79:
7f:54:cc:10:e2:37:b1:82:6b:ec:1e:fb:84:8f:0a:a9:ea:6e:
7c:99:83:44:87:7c:50:f7:dc:b4:76:be:12:19:b7:bd:1f:70:
c5:77:37:a1:9d:68:23:4a:86:18:9f:c2:e8:f1:4b:b1:aa:12:
83:59:4f:d8
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCaUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTAyMDcx
MzE1MzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFCRTc3OEI3MEYwRkQy
MTNDQzM5OUUwMUQxNkNFMkI2MUNDNTdDOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiI6DkwIDQzeypPDnry+lBDtwPDBSngXUbqvtxl2oDvSvXU9cf
/ehCsJMef7c87vXYE0ZK2ReJkoi6P4H1xxs3P0MH1JU6SXBkD3cJO3R37ykbWSzQ
QdmMfLgegxvyM05afnBMIyiJiSVT6NVEbYmHP5IEPmdAIyHj80if8ps6dDyevLzN
3kmk3+XF12XM87vfi69OwP0Mm1D46SFkaOKH6KWodbxfzpnzD4RyZf0CPaZG5Zp1
AnOWU/fwBqoZsf+cH45o3WvXSuVC/Gs9Iv39cAEDRireo9G67BWhx693K7N1BKLX
NV4d82e4klyzFtSNgz6qKmIdu8Zjn59zGXrvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUq+d4tw8P0hPMOZ4B0WzithzFfJQwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvcS1kNHR3OFAwaFBNT1o0QjBXeml0
aHpGZkpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcvZYDAN
BgkqhkiG9w0BAQsFAAOCAQEAqgJ38EGyDT9Gpl5vYIHPuCbdh8hpRVffdvX9bTAY
USNJDE2ksMwR/YGiC2mMXAVofheBqeCxbfpf1U4eT9+zvajv0NUUHAdUzhwnyS1P
i/SV3uxicBHuBLtFHyol7TPm4U/e8DdB2ZUZfPoTCw+UJBmE3ac2fezdzFXZTB8Y
d9+gKLaRlFZR9XwXGCBAo+XAMaI/9hwPX+6Oxjcla1gSg7WobTuvHZbaaUllj6q5
4AEDgKjY1HkDhLOZ2ldML+8w8PIBIxp5f1TMEOI3sYJr7B77hI8KqepufJmDRId8
UPfctHa+Ehm3vR9wxXc3oZ1oI0qGGJ/C6PFLsaoSg1lP2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org