Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/tcxN4JJ9j3xNf7IvrPgzkvvvbC4.roa
File: tcxN4JJ9j3xNf7IvrPgzkvvvbC4.roa (raw, json)
Hash identifier: VxRHZfYb/Hs06wuQSHPbFosJ6rruJO1A6jC98B1S6s8=
Subject key identifier: B5:CC:4D:E0:92:7D:8F:7C:4D:7F:B2:2F:AC:F8:33:92:FB:EF:6C:2E
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D1B
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/tcxN4JJ9j3xNf7IvrPgzkvvvbC4.roa
Signing time: Wed 26 Apr 2023 10:31:32 +0000
ROA not before: Wed 26 Apr 2023 10:31:32 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.96.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3355 (0xd1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:32 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=B5CC4DE0927D8F7C4D7FB22FACF83392FBEF6C2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e3:33:1f:d0:48:e8:49:c6:3d:81:b3:47:db:
79:d3:77:bf:6f:12:27:0c:89:61:ad:69:82:e0:94:
77:2a:34:71:6a:d9:23:16:9e:4e:a7:93:39:e8:6e:
8d:4b:6e:17:4f:cc:95:32:0e:b0:87:6a:11:c3:5c:
69:b8:90:6e:33:80:9b:ee:91:2a:5f:5b:57:f4:c0:
0c:ee:73:58:fe:b5:c9:45:88:53:58:35:ac:eb:80:
b4:81:ff:2a:07:b8:a2:98:f3:53:7b:f0:49:df:84:
5b:3f:0a:8e:51:ee:ec:c3:ef:f1:e9:5b:c9:98:f7:
55:48:f9:90:32:a6:38:c2:da:37:80:ca:68:b3:6b:
82:0f:b0:fb:96:8e:27:5e:3a:4c:7f:91:dd:83:93:
d0:f7:a2:34:86:70:17:ac:db:16:b0:ea:9c:d9:1d:
9f:c2:61:25:40:18:0a:78:0d:fe:cc:74:ff:f5:1f:
1c:50:a2:7b:e5:70:0d:00:a2:fa:5d:e8:e7:3c:14:
15:b0:4d:c5:7c:47:dc:f7:a5:60:4d:72:fc:2a:d1:
6f:da:9e:b3:f6:3f:5e:d7:99:50:99:dc:c5:ad:7f:
91:9f:50:8e:b8:49:a3:68:12:1e:a4:cb:c1:85:7c:
98:14:a1:74:3b:7a:e6:ac:13:fd:3b:f1:22:97:38:
86:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CC:4D:E0:92:7D:8F:7C:4D:7F:B2:2F:AC:F8:33:92:FB:EF:6C:2E
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/tcxN4JJ9j3xNf7IvrPgzkvvvbC4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.96.0/21
Signature Algorithm: sha256WithRSAEncryption
97:df:1a:92:c3:de:7b:da:74:58:ba:52:de:71:93:8c:fc:6f:
1f:8e:eb:a4:b5:88:02:d5:bd:47:a7:b2:a8:4a:54:55:40:69:
50:e2:a7:5c:89:e5:38:d8:33:7e:b2:81:46:e5:d1:1a:a0:d4:
d9:2f:57:d3:99:76:14:72:e6:fc:7c:68:3b:67:d1:0a:c8:e0:
90:e1:aa:48:69:a9:90:17:fd:e4:34:4b:4a:d2:51:91:9e:5e:
c3:a4:9a:ec:c3:97:b7:3b:41:14:a3:35:be:d8:4c:b6:97:e7:
2f:91:5b:7f:2c:b9:91:20:da:00:bf:96:73:67:ac:92:09:36:
46:94:2e:fe:89:0a:7c:04:94:ae:76:7b:c6:eb:d0:5d:50:07:
9c:6f:77:e9:83:be:3b:8f:9f:28:4e:63:60:3b:71:88:5c:35:
16:fc:87:41:c0:b6:8a:f6:03:63:51:8e:43:60:1c:36:7d:19:
4e:5f:a6:95:0b:1a:d5:41:1f:9f:47:04:b0:f8:18:18:3b:66:
04:82:e1:62:c1:4c:4a:0f:4f:21:ec:f4:89:a4:e4:8e:cf:24:
b2:1f:61:82:2c:5b:29:c7:64:be:75:cb:61:59:73:8d:f5:0f:
6d:29:6b:85:dd:5e:ad:e3:ed:95:8c:05:2f:d5:d0:9f:8b:79:
87:5c:3b:27
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDRswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEI1Q0M0REUwOTI3RDhG
N0M0RDdGQjIyRkFDRjgzMzkyRkJFRjZDMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz4zMf0EjoScY9gbNH23nTd79vEicMiWGtaYLglHcqNHFq2SMW
nk6nkznobo1LbhdPzJUyDrCHahHDXGm4kG4zgJvukSpfW1f0wAzuc1j+tclFiFNY
NazrgLSB/yoHuKKY81N78EnfhFs/Co5R7uzD7/HpW8mY91VI+ZAypjjC2jeAymiz
a4IPsPuWjideOkx/kd2Dk9D3ojSGcBes2xaw6pzZHZ/CYSVAGAp4Df7MdP/1HxxQ
onvlcA0Aovpd6Oc8FBWwTcV8R9z3pWBNcvwq0W/anrP2P17XmVCZ3MWtf5GfUI64
SaNoEh6ky8GFfJgUoXQ7euasE/078SKXOIZ/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUtcxN4JJ9j3xNf7IvrPgzkvvvbC4wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdGN4TjRKSjlqM3hOZjdJdnJQZ3pr
dnZ2YkM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8vZYDAN
BgkqhkiG9w0BAQsFAAOCAQEAl98aksPee9p0WLpS3nGTjPxvH47rpLWIAtW9R6ey
qEpUVUBpUOKnXInlONgzfrKBRuXRGqDU2S9X05l2FHLm/HxoO2fRCsjgkOGqSGmp
kBf95DRLStJRkZ5ew6Sa7MOXtztBFKM1vthMtpfnL5Fbfyy5kSDaAL+Wc2eskgk2
RpQu/okKfASUrnZ7xuvQXVAHnG936YO+O4+fKE5jYDtxiFw1FvyHQcC2ivYDY1GO
Q2AcNn0ZTl+mlQsa1UEfn0cEsPgYGDtmBILhYsFMSg9PIez0iaTkjs8ksh9hgixb
KcdkvnXLYVlzjfUPbSlrhd1erePtlYwFL9XQn4t5h1w7Jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org