Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/t1vH4pqzM-YslhJappA1HHwaAUI.roa
File: t1vH4pqzM-YslhJappA1HHwaAUI.roa (raw, json)
Hash identifier: XNJfszh7/9bUkBEAQ7VuHZcPS62gG2vOAREBFe1qZPI=
Subject key identifier: B7:5B:C7:E2:9A:B3:33:E6:2C:96:12:5A:A6:90:35:1C:7C:1A:01:42
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D3F
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/t1vH4pqzM-YslhJappA1HHwaAUI.roa
Signing time: Wed 26 Apr 2023 10:31:43 +0000
ROA not before: Wed 26 Apr 2023 10:31:43 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 210.209.128.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3391 (0xd3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:43 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=B75BC7E29AB333E62C96125AA690351C7C1A0142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:38:11:97:29:dc:82:66:63:be:74:89:02:6e:
62:24:10:17:9a:09:c1:54:60:de:56:62:73:be:e3:
d5:14:56:1d:18:72:9f:c6:b8:a7:27:87:58:a7:27:
23:0f:f0:61:f6:eb:7a:da:06:e7:76:db:d5:f4:5a:
d5:0a:ef:c0:90:2e:1f:62:eb:87:e2:36:c3:e3:3e:
e0:1b:60:c6:b0:26:6a:bf:47:ff:9e:b8:57:82:31:
09:9e:df:d7:b6:c4:37:ec:e4:cf:8a:bc:f9:eb:4e:
06:40:7a:d2:d8:91:3d:6a:2a:85:7e:6f:21:88:0b:
f4:45:f0:f7:b1:ae:2e:28:ba:19:7a:3b:e1:f2:7c:
ce:b6:30:e5:84:6a:db:af:9a:11:71:f1:98:96:79:
68:67:7b:31:11:fd:72:9b:f1:93:2d:f7:82:bc:8a:
2c:dc:b7:b5:55:df:15:d4:26:f1:db:4d:bf:91:82:
34:82:15:89:25:22:ce:73:fc:0f:29:d1:a7:5a:fa:
79:ef:60:e5:52:09:ae:d6:0b:0e:aa:47:99:02:d3:
c3:5a:5f:43:ba:bf:98:72:18:12:59:9d:dc:42:5e:
20:c5:0c:64:05:ba:d8:06:1d:96:d0:a6:0f:ac:47:
df:e7:38:50:0f:87:6a:83:19:d4:fe:bc:0a:fb:d8:
17:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:5B:C7:E2:9A:B3:33:E6:2C:96:12:5A:A6:90:35:1C:7C:1A:01:42
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/t1vH4pqzM-YslhJappA1HHwaAUI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.209.128.0/18
Signature Algorithm: sha256WithRSAEncryption
5b:43:8d:7a:d9:c3:99:b0:5b:68:8e:4d:6e:e7:69:b4:3d:ab:
44:78:1f:df:bb:a6:31:d5:81:74:08:ea:b7:21:2e:2b:d9:84:
b6:7e:e4:52:a5:46:48:6e:8f:46:4f:c8:71:e6:83:ae:50:1b:
87:5c:b3:5a:93:11:d5:aa:00:92:2a:1d:00:0e:c2:56:ce:0f:
02:2b:f2:50:03:7b:3d:e9:37:95:a1:2a:67:c3:e4:01:68:72:
51:e1:b9:28:d0:07:98:9d:eb:bf:c4:dc:e0:3a:9d:ee:55:f2:
a7:de:74:80:3e:1a:8e:17:05:83:50:46:1a:57:bc:c3:a5:a4:
ac:05:12:91:cd:78:2a:4d:e9:62:db:52:62:1f:66:e5:aa:30:
27:af:d5:ab:a9:7d:4f:0e:cd:b6:93:5a:df:b6:31:75:8b:70:
00:39:24:bc:b1:95:74:2c:1c:c2:c5:1c:e9:48:36:ac:92:5e:
98:19:95:08:21:69:13:ab:ab:6f:6e:16:74:35:bc:a2:bf:53:
8d:b8:c9:f3:3a:a0:5f:86:08:a0:20:fe:1a:15:c8:6a:cc:be:
5e:c3:8f:0e:1b:14:b9:79:09:73:48:eb:84:83:bd:0e:19:e1:
fa:8c:f5:9b:5a:c7:7d:7c:db:7b:79:08:3e:c9:5b:93:cd:6f:
07:24:25:ea
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDT8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxNDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEI3NUJDN0UyOUFCMzMz
RTYyQzk2MTI1QUE2OTAzNTFDN0MxQTAxNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfOBGXKdyCZmO+dIkCbmIkEBeaCcFUYN5WYnO+49UUVh0Ycp/G
uKcnh1inJyMP8GH263raBud229X0WtUK78CQLh9i64fiNsPjPuAbYMawJmq/R/+e
uFeCMQme39e2xDfs5M+KvPnrTgZAetLYkT1qKoV+byGIC/RF8Pexri4ouhl6O+Hy
fM62MOWEatuvmhFx8ZiWeWhnezER/XKb8ZMt94K8iizct7VV3xXUJvHbTb+RgjSC
FYklIs5z/A8p0ada+nnvYOVSCa7WCw6qR5kC08NaX0O6v5hyGBJZndxCXiDFDGQF
utgGHZbQpg+sR9/nOFAPh2qDGdT+vAr72BdLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUt1vH4pqzM+YslhJappA1HHwaAUIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdDF2SDRwcXpNLVlzbGhKYXBwQTFI
SHdhQVVJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLRgDAN
BgkqhkiG9w0BAQsFAAOCAQEAW0ONetnDmbBbaI5NbudptD2rRHgf37umMdWBdAjq
tyEuK9mEtn7kUqVGSG6PRk/IceaDrlAbh1yzWpMR1aoAkiodAA7CVs4PAivyUAN7
Pek3laEqZ8PkAWhyUeG5KNAHmJ3rv8Tc4Dqd7lXyp950gD4ajhcFg1BGGle8w6Wk
rAUSkc14Kk3pYttSYh9m5aowJ6/Vq6l9Tw7NtpNa37YxdYtwADkkvLGVdCwcwsUc
6Ug2rJJemBmVCCFpE6urb24WdDW8or9TjbjJ8zqgX4YIoCD+GhXIasy+XsOPDhsU
uXkJc0jrhIO9Dhnh+oz1m1rHfXzbe3kIPslbk81vByQl6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org