Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/vswP2FoHPp7ZtnycDgE7Zw2QeU8.roa
File: vswP2FoHPp7ZtnycDgE7Zw2QeU8.roa (raw, json)
Hash identifier: mGOaA/rxr2Bb3BDV5MZjiqRj5MFtyfjCXftHHtTMSmY=
Subject key identifier: BE:CC:0F:D8:5A:07:3E:9E:D9:B6:7C:9C:0E:01:3B:67:0D:90:79:4F
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/vswP2FoHPp7ZtnycDgE7Zw2QeU8.roa
Signing time: Thu 15 Sep 2022 02:37:29 +0000
ROA not before: Thu 15 Sep 2022 02:37:29 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.222.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 15 02:37:29 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=BECC0FD85A073E9ED9B67C9C0E013B670D90794F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5b:cb:68:e6:cb:b1:41:6f:78:ee:76:30:48:
d0:90:87:1f:ca:66:a8:20:3e:9f:13:ac:c9:da:ef:
a0:b0:2c:12:cd:12:27:2a:b3:29:2b:56:e4:e6:0c:
4e:cf:df:75:08:db:84:63:75:9b:c0:37:8d:06:d9:
3a:04:66:c5:a2:00:46:8b:a9:71:d0:84:ba:7b:4a:
fb:d5:3a:a7:f2:17:ec:2a:5b:d1:e7:2f:6c:34:02:
2a:82:df:1a:d7:07:d8:25:53:87:9a:35:e5:ef:85:
05:51:0f:50:fd:ae:4f:45:22:be:d3:84:db:39:f2:
83:72:f1:55:e3:5c:0d:8d:3b:dc:34:73:93:2f:27:
9d:ed:b5:1b:e6:16:c5:69:14:52:db:5e:0e:74:79:
cd:e7:46:da:27:ae:90:60:c7:40:73:ec:05:2c:98:
d1:d0:06:31:5a:7d:e7:83:26:0b:2d:24:ea:e6:fa:
fb:ed:82:09:e2:81:8c:ff:25:25:f3:a8:74:5a:7b:
ba:9c:61:75:73:30:6e:c8:22:8e:51:47:fe:28:35:
bd:e7:8b:78:3f:1d:8f:2c:78:02:eb:cc:36:69:7d:
44:74:e2:0e:7b:30:58:50:b0:ed:d1:96:80:c4:76:
bb:82:10:82:7f:9c:b0:20:4c:f8:85:9d:9e:14:86:
00:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:CC:0F:D8:5A:07:3E:9E:D9:B6:7C:9C:0E:01:3B:67:0D:90:79:4F
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/vswP2FoHPp7ZtnycDgE7Zw2QeU8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.8.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:55:ec:3f:d0:87:d1:78:30:50:73:08:b9:6d:2d:dd:ae:75:
8f:f8:f1:28:b0:a0:c8:b4:bc:d3:99:05:47:dd:1a:2d:a6:f4:
47:8f:da:ce:16:c4:66:fa:e1:2f:44:f2:e1:ff:15:25:3f:41:
62:8c:3d:9e:43:e8:a9:e3:bd:e0:e0:01:57:32:94:76:69:8b:
78:9b:94:16:5d:8a:d6:77:b2:e5:34:81:d9:99:23:ea:6d:cc:
02:7c:ea:5d:cd:1c:25:80:60:a5:e6:85:14:0c:e9:54:77:1a:
bd:ba:b9:72:d1:b9:49:59:e9:0b:b5:17:ff:8b:63:d2:5a:10:
3b:d3:d0:23:96:a4:df:53:6d:da:d9:54:8f:d5:37:a9:de:e1:
e5:b7:35:2f:24:0e:f4:25:84:0e:b9:9f:4c:04:b5:c9:7a:5e:
2a:6a:03:93:99:b1:20:3b:71:85:e8:f8:6e:de:ef:df:ac:1f:
90:05:d6:ee:15:4a:27:d9:45:91:47:77:e7:7b:eb:0f:2f:b0:
2e:f4:2e:a9:3d:9a:75:d0:ba:41:f1:4f:86:30:b6:45:85:24:
f7:af:1a:e0:10:5c:bf:b7:00:64:d8:fc:3b:d0:60:ed:44:86:
ab:c5:65:1f:39:7c:3c:d1:24:ac:4d:50:68:fe:8f:8d:34:d6:
19:2d:5d:73
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJFQ0MwRkQ4NUEwNzNF
OUVEOUI2N0M5QzBFMDEzQjY3MEQ5MDc5NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/W8to5suxQW947nYwSNCQhx/KZqggPp8TrMna76CwLBLNEicq
sykrVuTmDE7P33UI24RjdZvAN40G2ToEZsWiAEaLqXHQhLp7SvvVOqfyF+wqW9Hn
L2w0AiqC3xrXB9glU4eaNeXvhQVRD1D9rk9FIr7ThNs58oNy8VXjXA2NO9w0c5Mv
J53ttRvmFsVpFFLbXg50ec3nRtonrpBgx0Bz7AUsmNHQBjFafeeDJgstJOrm+vvt
ggnigYz/JSXzqHRae7qcYXVzMG7IIo5RR/4oNb3ni3g/HY8seALrzDZpfUR04g57
MFhQsO3RloDEdruCEIJ/nLAgTPiFnZ4UhgAxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUvswP2FoHPp7ZtnycDgE7Zw2QeU8wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdnN3UDJGb0hQcDdadG55Y0RnRTda
dzJRZVU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veCDAN
BgkqhkiG9w0BAQsFAAOCAQEArlXsP9CH0XgwUHMIuW0t3a51j/jxKLCgyLS805kF
R90aLab0R4/azhbEZvrhL0Ty4f8VJT9BYow9nkPoqeO94OABVzKUdmmLeJuUFl2K
1ney5TSB2Zkj6m3MAnzqXc0cJYBgpeaFFAzpVHcavbq5ctG5SVnpC7UX/4tj0loQ
O9PQI5ak31Nt2tlUj9U3qd7h5bc1LyQO9CWEDrmfTAS1yXpeKmoDk5mxIDtxhej4
bt7v36wfkAXW7hVKJ9lFkUd353vrDy+wLvQuqT2addC6QfFPhjC2RYUk968a4BBc
v7cAZNj8O9Bg7USGq8VlHzl8PNEkrE1QaP6PjTTWGS1dcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org