Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ur3xKCAXHdF1m0Wp57VhHNkog-g.roa
File: ur3xKCAXHdF1m0Wp57VhHNkog-g.roa (raw, json)
Hash identifier: SCJ9v6jS+gh6JkFR+IqDuEjajLtuwRFcN7uDRAO3ZJM=
Subject key identifier: BA:BD:F1:28:20:17:1D:D1:75:9B:45:A9:E7:B5:61:1C:D9:28:83:E8
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0B14
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ur3xKCAXHdF1m0Wp57VhHNkog-g.roa
Signing time: Thu 16 Dec 2021 06:45:05 +0000
ROA not before: Thu 16 Dec 2021 06:45:05 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 203.217.96.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2836 (0xb14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:45:05 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=BABDF12820171DD1759B45A9E7B5611CD92883E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c9:a0:5b:59:29:10:9b:0c:21:d8:7a:ed:88:
46:c7:89:4a:70:1b:b2:4d:7a:e7:44:ac:ce:0a:bf:
3b:14:ec:51:ed:47:36:b6:b0:b6:e6:b7:62:67:79:
cf:ef:03:a4:22:93:d9:52:22:c6:3c:db:4d:3a:21:
11:4a:e2:1e:cf:64:90:4c:79:dd:e9:da:12:e3:7b:
9c:b1:72:c8:34:79:f1:61:ff:b3:8e:31:0a:18:dc:
18:f3:f7:28:35:2c:9e:44:7f:ca:df:60:c8:2e:53:
fd:eb:c5:df:ea:10:65:9e:ee:18:71:ca:25:78:5a:
57:04:23:dc:94:a2:75:21:e3:de:e5:e2:fe:32:01:
f0:15:cf:e4:15:54:f2:53:b9:0c:06:21:5e:50:9d:
93:4b:3e:27:e4:b1:b8:a0:ec:e3:e3:9e:a1:76:e1:
d1:51:62:72:68:91:fd:63:c0:43:10:61:4b:47:b5:
4c:83:0b:7a:ff:d8:56:4b:51:77:55:d1:b9:f7:ce:
b1:84:de:df:aa:3b:11:c5:f2:b2:2a:6a:21:5a:ec:
1c:14:b0:5e:59:22:9d:42:40:20:15:a5:7e:ae:ca:
9b:f9:ac:15:92:b4:e0:d3:08:bf:ee:bc:d2:de:18:
c4:79:40:4c:3b:9c:e5:22:15:b9:0d:6a:2f:96:e3:
c1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BD:F1:28:20:17:1D:D1:75:9B:45:A9:E7:B5:61:1C:D9:28:83:E8
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ur3xKCAXHdF1m0Wp57VhHNkog-g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.96.0/21
Signature Algorithm: sha256WithRSAEncryption
b3:8d:e7:9d:be:ea:08:d5:2f:f9:7f:37:dd:56:8e:0f:f3:1d:
7d:b9:5b:e9:db:de:fd:ef:86:e1:1d:19:d6:f4:a2:16:5d:54:
03:65:16:78:3f:22:99:09:04:39:b7:f0:2d:21:ce:24:72:5e:
5d:78:54:77:f9:46:fe:5c:be:81:ae:2b:6b:8e:17:a9:5c:c1:
07:1a:5d:1d:4b:f5:26:cc:5b:d4:4d:37:9f:0b:63:d3:77:a4:
9c:21:5d:3e:14:30:15:13:20:58:6a:2e:22:6b:98:4a:6b:8a:
c3:7c:a9:dc:f2:da:8e:b6:83:a3:95:8a:52:7a:da:e1:33:df:
4f:09:a5:5b:1e:eb:3d:22:58:ff:fb:d6:38:50:5d:ed:7e:98:
8e:99:de:80:4c:dd:47:d5:94:ed:4f:6e:83:8f:50:1d:7d:cd:
37:e9:68:36:46:e8:8f:f1:9f:02:5b:95:a6:32:df:c5:a4:06:
10:ce:73:a2:9d:db:49:e3:57:99:e1:0d:ca:5c:07:e6:9b:92:
21:c5:4d:10:79:3b:32:07:33:d1:c4:28:c1:d2:2e:51:03:93:
ef:47:13:76:04:18:f7:51:82:eb:70:e5:10:83:ff:84:e1:32:
7c:0d:b6:35:8f:b8:8f:46:a1:b4:5a:25:1a:49:b4:53:82:66:
62:c8:3e:ca
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjQ1MDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEJBQkRGMTI4MjAxNzFE
RDE3NTlCNDVBOUU3QjU2MTFDRDkyODgzRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMyaBbWSkQmwwh2HrtiEbHiUpwG7JNeudErM4KvzsU7FHtRza2
sLbmt2Jnec/vA6Qik9lSIsY82006IRFK4h7PZJBMed3p2hLje5yxcsg0efFh/7OO
MQoY3Bjz9yg1LJ5Ef8rfYMguU/3rxd/qEGWe7hhxyiV4WlcEI9yUonUh497l4v4y
AfAVz+QVVPJTuQwGIV5QnZNLPifksbig7OPjnqF24dFRYnJokf1jwEMQYUtHtUyD
C3r/2FZLUXdV0bn3zrGE3t+qOxHF8rIqaiFa7BwUsF5ZIp1CQCAVpX6uypv5rBWS
tODTCL/uvNLeGMR5QEw7nOUiFbkNai+W48GVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUur3xKCAXHdF1m0Wp57VhHNkog+gwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdXIzeEtDQVhIZEYxbTBXcDU3VmhI
TmtvZy1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8vZYDAN
BgkqhkiG9w0BAQsFAAOCAQEAs43nnb7qCNUv+X833VaOD/Mdfblb6dve/e+G4R0Z
1vSiFl1UA2UWeD8imQkEObfwLSHOJHJeXXhUd/lG/ly+ga4ra44XqVzBBxpdHUv1
Jsxb1E03nwtj03eknCFdPhQwFRMgWGouImuYSmuKw3yp3PLajraDo5WKUnra4TPf
TwmlWx7rPSJY//vWOFBd7X6YjpnegEzdR9WU7U9ug49QHX3NN+loNkboj/GfAluV
pjLfxaQGEM5zop3bSeNXmeENylwH5puSIcVNEHk7Mgcz0cQowdIuUQOT70cTdgQY
91GC63DlEIP/hOEyfA22NY+4j0ahtFolGkm0U4JmYsg+yg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:53 2023 by rpki-client on console-ams.rpki-client.org