Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/udKXXAQe-9h3DcH5RdkoaELwnRw.roa
File: udKXXAQe-9h3DcH5RdkoaELwnRw.roa (raw, json)
Hash identifier: br6F9EptYZhg4C+AyzEP4fpA1WrWU/pixP5fEUuKKyE=
Subject key identifier: B9:D2:97:5C:04:1E:FB:D8:77:0D:C1:F9:45:D9:28:68:42:F0:9D:1C
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CC3
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/udKXXAQe-9h3DcH5RdkoaELwnRw.roa
Signing time: Wed 26 Apr 2023 06:25:23 +0000
ROA not before: Wed 26 Apr 2023 06:25:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3267 (0xcc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 06:25:23 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=B9D2975C041EFBD8770DC1F945D9286842F09D1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bb:42:65:1c:11:6c:2b:b4:d9:8a:3f:47:6a:
f2:49:ec:b2:14:42:76:00:67:2e:2f:df:de:19:8e:
99:66:f3:95:e8:f8:ab:8a:8d:ed:94:c1:64:a5:00:
b1:ae:64:b5:ab:5b:8a:a0:2b:90:65:eb:9f:aa:34:
03:23:f7:a2:5e:d7:e5:91:26:c5:3e:88:3a:ff:d1:
63:81:6b:ba:aa:ef:76:ce:2a:e1:50:08:69:ee:8f:
b0:2e:b1:30:b2:9a:55:ff:d1:72:87:88:47:61:1e:
be:50:25:37:c1:7c:99:24:08:53:41:80:bc:55:0d:
0c:23:e4:5b:21:92:fa:b1:7c:62:54:8d:d3:b2:30:
74:8e:6c:49:54:88:bf:8a:2b:ae:9a:59:4b:bf:3e:
4d:a0:65:e8:4b:db:4e:f0:bd:e9:1e:7d:71:b3:38:
80:9e:d7:ee:e0:66:9a:72:5f:e6:f8:c9:80:c5:62:
9c:d1:52:4b:21:77:5c:89:c6:38:9b:54:ef:32:c4:
2a:44:61:b5:06:ff:f8:9d:ab:8f:b7:3f:11:20:29:
56:67:72:59:cf:5b:4a:f0:01:84:2e:ad:23:9a:d4:
53:f4:d0:03:2a:da:ea:e1:76:12:35:d3:1e:37:1f:
ce:78:d6:96:51:a2:01:31:58:86:26:e1:91:5d:d9:
d5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D2:97:5C:04:1E:FB:D8:77:0D:C1:F9:45:D9:28:68:42:F0:9D:1C
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/udKXXAQe-9h3DcH5RdkoaELwnRw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.96.0/20
Signature Algorithm: sha256WithRSAEncryption
af:94:ea:76:7b:eb:da:d4:ad:41:8a:64:1c:7d:00:24:d9:75:
98:be:8b:30:c9:c0:8e:63:51:4a:f2:d1:43:da:47:65:8b:2f:
72:ce:bc:62:59:c1:8b:1f:84:5a:fd:84:55:37:5b:25:4f:5f:
be:e6:57:de:0b:45:d4:cd:76:c6:27:a1:ae:bc:21:91:51:6c:
65:61:1c:c7:36:f3:69:5a:13:46:89:af:2f:68:ee:26:98:08:
cc:29:1a:9f:bb:f4:4d:f9:12:b5:f6:23:15:fa:f3:e5:d5:7a:
45:96:9c:ff:41:4a:ba:e7:3d:4b:8d:a1:1c:7c:31:bd:7d:ec:
4c:41:b3:85:17:00:cf:7b:83:d0:7c:45:63:04:30:30:65:a0:
d5:6e:8c:53:82:95:8e:c1:54:6e:f9:32:2a:0c:93:8a:e8:7a:
91:f3:e5:41:7a:06:13:c3:6f:6a:86:96:1c:01:9f:09:80:a0:
84:d4:e1:c0:47:89:95:15:99:8c:c5:b5:86:e8:d1:fc:5b:c8:
61:94:ab:c9:52:91:16:d0:60:cc:97:a1:38:b7:4e:69:02:bb:
bc:9a:e7:d7:a0:27:78:ee:43:a2:e5:40:30:a7:9c:ea:a1:eb:
d1:d2:56:e4:ec:59:5c:55:92:53:59:74:1a:40:0c:db:77:29:
69:e3:9a:d5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjI1MjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEI5RDI5NzVDMDQxRUZC
RDg3NzBEQzFGOTQ1RDkyODY4NDJGMDlEMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIu0JlHBFsK7TZij9HavJJ7LIUQnYAZy4v394Zjplm85Xo+KuK
je2UwWSlALGuZLWrW4qgK5Bl65+qNAMj96Je1+WRJsU+iDr/0WOBa7qq73bOKuFQ
CGnuj7AusTCymlX/0XKHiEdhHr5QJTfBfJkkCFNBgLxVDQwj5FshkvqxfGJUjdOy
MHSObElUiL+KK66aWUu/Pk2gZehL207wvekefXGzOICe1+7gZppyX+b4yYDFYpzR
Ukshd1yJxjibVO8yxCpEYbUG//idq4+3PxEgKVZnclnPW0rwAYQurSOa1FP00AMq
2urhdhI10x43H8541pZRogExWIYm4ZFd2dW5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUudKXXAQe+9h3DcH5RdkoaELwnRwwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdWRLWFhBUWUtOWgzRGNINVJka29h
RUx3blJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMvZYDAN
BgkqhkiG9w0BAQsFAAOCAQEAr5Tqdnvr2tStQYpkHH0AJNl1mL6LMMnAjmNRSvLR
Q9pHZYsvcs68YlnBix+EWv2EVTdbJU9fvuZX3gtF1M12xiehrrwhkVFsZWEcxzbz
aVoTRomvL2juJpgIzCkan7v0TfkStfYjFfrz5dV6RZac/0FKuuc9S42hHHwxvX3s
TEGzhRcAz3uD0HxFYwQwMGWg1W6MU4KVjsFUbvkyKgyTiuh6kfPlQXoGE8NvaoaW
HAGfCYCghNThwEeJlRWZjMW1hujR/FvIYZSryVKRFtBgzJehOLdOaQK7vJrn16An
eO5DouVAMKec6qHr0dJW5OxZXFWSU1l0GkAM23cpaeOa1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org