Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/uN2Msz9-Z1OxLAR8u8XbU8KB57k.roa
File: uN2Msz9-Z1OxLAR8u8XbU8KB57k.roa (raw, json)
Hash identifier: 0LacBOQTOvO2yXGYQXQkHzhTRNJDwm0Isln2/is160Y=
Subject key identifier: B8:DD:8C:B3:3F:7E:67:53:B1:2C:04:7C:BB:C5:DB:53:C2:81:E7:B9
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/uN2Msz9-Z1OxLAR8u8XbU8KB57k.roa
Signing time: Thu 15 Sep 2022 02:37:27 +0000
ROA not before: Thu 15 Sep 2022 02:37:27 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 210.209.128.0/17 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:27 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=B8DD8CB33F7E6753B12C047CBBC5DB53C281E7B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4f:9b:7c:71:34:32:3e:45:dc:62:95:2c:08:
16:c8:3a:8e:91:67:3e:db:9a:61:48:4b:3e:42:73:
d3:ed:b4:5e:e1:54:a4:cb:94:6b:03:c3:2b:72:ef:
36:66:1c:60:bf:06:c5:21:f6:51:6b:7a:76:67:e4:
29:9f:ee:5d:c2:2b:eb:98:28:dc:2c:06:22:1f:1f:
ab:4e:6d:f6:81:fd:c7:bc:df:07:e2:02:77:d0:b5:
dc:bf:0c:76:c7:bf:8c:95:e3:da:3a:71:d1:1e:d7:
13:d6:04:20:36:b1:cc:50:aa:79:41:f9:52:b4:fd:
17:aa:9b:85:14:94:0c:ee:0b:bb:fb:9f:d7:6c:37:
37:5c:11:d1:8c:22:eb:f8:cf:25:16:f8:5a:5d:f5:
ad:29:47:23:c0:06:71:d0:30:f5:2b:f9:4a:f2:0f:
aa:74:4d:79:b7:8a:e0:d8:de:40:46:9e:c9:bb:01:
00:0a:39:af:1b:e4:cc:aa:dd:34:a7:3f:d8:18:43:
18:d1:dd:bb:90:25:3b:52:94:3b:23:0b:e3:ee:58:
67:65:64:a4:b1:5a:15:d5:3f:d7:d7:c3:7d:8c:5c:
b5:90:d6:2a:48:ba:ef:f5:2c:50:18:70:1c:11:59:
2b:1a:ef:66:3f:06:82:df:dd:65:af:e7:af:cd:19:
90:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DD:8C:B3:3F:7E:67:53:B1:2C:04:7C:BB:C5:DB:53:C2:81:E7:B9
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/uN2Msz9-Z1OxLAR8u8XbU8KB57k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.209.128.0/17
Signature Algorithm: sha256WithRSAEncryption
02:20:11:f4:08:55:88:87:8f:3b:8c:01:67:0a:f6:da:b9:f2:
b8:54:d4:6e:36:42:ad:87:08:db:96:53:45:ec:65:25:7e:39:
8f:82:ff:87:d9:96:ec:b4:b6:5a:a1:95:5e:42:3d:12:c8:57:
51:e7:be:9f:99:dc:4c:7c:16:ab:f9:1b:c7:60:7a:f3:4b:69:
8f:3c:c9:23:4b:ad:cd:90:6c:43:12:1c:a5:97:4f:08:5f:73:
4b:54:da:2a:9a:e0:82:e1:21:16:a0:99:5e:a0:3c:61:bd:d9:
68:47:37:f6:a6:b2:26:91:8d:0b:12:db:3a:79:b9:c9:02:b1:
04:af:62:34:db:9d:1e:d1:e1:89:1c:78:80:48:bb:05:d7:a6:
e2:30:93:aa:b4:ca:3c:d5:5a:7c:e0:6a:d7:d3:99:2d:b1:e2:
35:04:73:ca:2b:20:91:aa:40:ef:52:39:b5:32:88:c5:9b:9d:
f9:1e:3d:66:3b:5a:ff:f9:2f:3b:f8:62:36:09:6d:a3:00:6a:
ea:fe:3a:d9:7a:9b:1f:2b:74:00:3f:e2:fb:ab:52:08:b5:05:
76:c6:0c:55:7c:a4:71:97:f1:dc:60:0d:ec:5d:10:f1:68:81:
2b:d6:3d:fe:b8:32:d8:12:3c:3f:9a:a5:61:9a:26:68:88:59:
7c:d5:8d:d5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEI4REQ4Q0IzM0Y3RTY3
NTNCMTJDMDQ3Q0JCQzVEQjUzQzI4MUU3QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNT5t8cTQyPkXcYpUsCBbIOo6RZz7bmmFISz5Cc9PttF7hVKTL
lGsDwyty7zZmHGC/BsUh9lFrenZn5Cmf7l3CK+uYKNwsBiIfH6tObfaB/ce83wfi
AnfQtdy/DHbHv4yV49o6cdEe1xPWBCA2scxQqnlB+VK0/Reqm4UUlAzuC7v7n9ds
NzdcEdGMIuv4zyUW+Fpd9a0pRyPABnHQMPUr+UryD6p0TXm3iuDY3kBGnsm7AQAK
Oa8b5Myq3TSnP9gYQxjR3buQJTtSlDsjC+PuWGdlZKSxWhXVP9fXw32MXLWQ1ipI
uu/1LFAYcBwRWSsa72Y/BoLf3WWv56/NGZAXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUuN2Msz9+Z1OxLAR8u8XbU8KB57kwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdU4yTXN6OS1aMU94TEFSOHU4WGJV
OEtCNTdrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LRgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAiAR9AhViIePO4wBZwr22rnyuFTUbjZCrYcI25ZT
RexlJX45j4L/h9mW7LS2WqGVXkI9EshXUee+n5ncTHwWq/kbx2B680tpjzzJI0ut
zZBsQxIcpZdPCF9zS1TaKprgguEhFqCZXqA8Yb3ZaEc39qayJpGNCxLbOnm5yQKx
BK9iNNudHtHhiRx4gEi7Bdem4jCTqrTKPNVafOBq19OZLbHiNQRzyisgkapA71I5
tTKIxZud+R49Zjta//kvO/hiNgltowBq6v462XqbHyt0AD/i+6tSCLUFdsYMVXyk
cZfx3GAN7F0Q8WiBK9Y9/rgy2BI8P5qlYZomaIhZfNWN1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org