Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/t5XFOzaSVvqCMJC38w6c2gaaRi0.roa
File: t5XFOzaSVvqCMJC38w6c2gaaRi0.roa (raw, json)
Hash identifier: YLqFki28ogiP5ZRbEHwG5DnUTBOTlSej32psG08CwQc=
Subject key identifier: B7:95:C5:3B:36:92:56:FA:82:30:90:B7:F3:0E:9C:DA:06:9A:46:2D
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CFE
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/t5XFOzaSVvqCMJC38w6c2gaaRi0.roa
Signing time: Wed 26 Apr 2023 10:31:25 +0000
ROA not before: Wed 26 Apr 2023 10:31:25 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3326 (0xcfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:25 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=B795C53B369256FA823090B7F30E9CDA069A462D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:07:7c:4e:ac:e5:8d:1e:bc:32:3d:45:e5:
25:d0:d1:6f:18:39:64:d9:aa:b9:08:64:48:69:dc:
f9:00:4a:3f:7a:3a:a5:dd:45:74:b1:24:99:2b:33:
26:d8:a6:a5:ba:30:51:32:54:7f:09:2d:5a:82:c3:
74:56:f4:6d:01:dc:07:db:ac:fa:6d:ad:37:09:b1:
69:6d:bd:81:c4:38:17:fa:d3:f7:29:82:5b:c6:89:
8e:1b:df:b3:0d:ca:10:92:3d:9b:e4:17:92:54:23:
c3:cc:bc:25:2a:fa:1f:3d:d2:52:84:a8:25:45:2b:
9e:e4:ee:e8:c9:f0:e3:b0:be:46:54:36:e1:e0:35:
a2:d5:c3:74:4d:30:7b:14:18:40:fb:7f:c5:ea:25:
9f:3f:0f:57:b5:05:30:f5:05:ac:c7:50:75:59:c5:
ea:73:3d:e0:d5:b1:ed:e7:ed:a3:91:ce:3e:a4:19:
9f:07:30:f8:58:85:e4:06:4d:b3:32:f6:28:ca:5a:
d0:1c:2b:60:c5:54:8b:73:97:5f:b7:10:16:4b:67:
0e:fa:b2:45:fe:f8:06:f1:fd:bf:84:47:75:c0:9a:
5b:1d:d7:94:c7:ab:5c:e0:36:1c:08:84:49:69:81:
14:9a:53:0b:8d:73:fb:ab:6b:16:b3:e2:2b:2e:02:
5d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:95:C5:3B:36:92:56:FA:82:30:90:B7:F3:0E:9C:DA:06:9A:46:2D
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/t5XFOzaSVvqCMJC38w6c2gaaRi0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.96.0/20
Signature Algorithm: sha256WithRSAEncryption
90:20:24:d8:c3:86:c6:90:35:fc:4d:02:88:94:3c:e2:49:b2:
4f:32:33:1a:45:78:51:45:97:eb:93:81:a1:3a:57:a8:01:3b:
89:a5:77:67:77:b4:61:72:f9:d8:7a:45:58:90:ea:a1:29:8f:
33:e0:51:86:dd:cc:91:49:28:22:30:0f:c2:90:5e:e3:b6:b9:
86:f4:51:be:96:a7:f5:2a:12:41:d8:f8:47:90:3f:b4:51:d6:
d2:ba:fa:ce:df:4f:93:c2:23:05:6e:b5:b6:3f:76:1b:e7:8a:
02:ed:95:1e:8b:f2:3d:91:d0:ce:2c:0d:ef:a7:d2:46:01:7d:
a2:07:1f:23:2e:5e:e5:21:93:6b:f7:19:4d:15:ee:b5:48:a6:
32:eb:d8:08:fa:48:7e:63:e3:f2:f2:30:d3:a7:d3:f0:cd:be:
63:7b:9d:8b:5e:42:16:ca:ec:22:ee:da:b2:bc:84:90:b8:be:
8f:4e:54:fc:b0:58:69:57:9e:54:0f:fa:59:20:82:c1:b9:77:
2a:cc:50:25:76:e2:c3:f0:24:e5:cd:37:16:82:79:93:2d:bf:
7d:38:82:e4:b7:8b:4c:f2:a7:e4:b2:d0:52:ed:41:9d:72:b2:
f5:d6:ff:8f:d3:59:79:75:2c:89:d2:ab:eb:3d:fe:9f:2e:f6:
eb:24:6a:64
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEI3OTVDNTNCMzY5MjU2
RkE4MjMwOTBCN0YzMEU5Q0RBMDY5QTQ2MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAVQd8TqzljR68Mj1F5SXQ0W8YOWTZqrkIZEhp3PkASj96OqXd
RXSxJJkrMybYpqW6MFEyVH8JLVqCw3RW9G0B3AfbrPptrTcJsWltvYHEOBf60/cp
glvGiY4b37MNyhCSPZvkF5JUI8PMvCUq+h890lKEqCVFK57k7ujJ8OOwvkZUNuHg
NaLVw3RNMHsUGED7f8XqJZ8/D1e1BTD1BazHUHVZxepzPeDVse3n7aORzj6kGZ8H
MPhYheQGTbMy9ijKWtAcK2DFVItzl1+3EBZLZw76skX++Abx/b+ER3XAmlsd15TH
q1zgNhwIhElpgRSaUwuNc/uraxaz4isuAl1xAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUt5XFOzaSVvqCMJC38w6c2gaaRi0wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdDVYRk96YVNWdnFDTUpDMzh3NmMy
Z2FhUmkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMvZYDAN
BgkqhkiG9w0BAQsFAAOCAQEAkCAk2MOGxpA1/E0CiJQ84kmyTzIzGkV4UUWX65OB
oTpXqAE7iaV3Z3e0YXL52HpFWJDqoSmPM+BRht3MkUkoIjAPwpBe47a5hvRRvpan
9SoSQdj4R5A/tFHW0rr6zt9Pk8IjBW61tj92G+eKAu2VHovyPZHQziwN76fSRgF9
ogcfIy5e5SGTa/cZTRXutUimMuvYCPpIfmPj8vIw06fT8M2+Y3udi15CFsrsIu7a
sryEkLi+j05U/LBYaVeeVA/6WSCCwbl3KsxQJXbiw/Ak5c03FoJ5ky2/fTiC5LeL
TPKn5LLQUu1BnXKy9db/j9NZeXUsidKr6z3+ny726yRqZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org