Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/wtr49y0v5xiLRfcOcbaZmqvZ9fI.roa
File: wtr49y0v5xiLRfcOcbaZmqvZ9fI.roa (raw, json)
Hash identifier: eDPv8NlSLuG74R/DZds36z0qLMwh4c52+zRH6DRd6js=
Subject key identifier: C2:DA:F8:F7:2D:2F:E7:18:8B:45:F7:0E:71:B6:99:9A:AB:D9:F5:F2
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D3B
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/wtr49y0v5xiLRfcOcbaZmqvZ9fI.roa
Signing time: Wed 26 Apr 2023 10:31:41 +0000
ROA not before: Wed 26 Apr 2023 10:31:41 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3387 (0xd3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:41 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=C2DAF8F72D2FE7188B45F70E71B6999AABD9F5F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3c:b0:22:56:af:22:0b:5c:52:5d:a5:c2:9b:
c9:57:7c:f8:89:44:52:30:af:3c:6d:11:d7:75:77:
47:bb:58:16:ed:f8:6d:9b:a9:d7:e4:b3:e5:2c:47:
d4:6e:4d:13:3f:d6:f0:9e:37:fb:4d:0d:dc:f0:84:
0f:f9:77:fc:0c:0d:e8:a5:00:2f:4f:ff:bb:75:e8:
bf:b0:0e:9c:85:9c:cc:67:8c:0a:82:92:51:cd:43:
36:92:86:cb:76:79:9b:24:50:39:de:c1:c6:91:d8:
26:24:6d:3c:55:ea:8b:22:5f:af:93:62:d7:bc:98:
42:1a:80:1a:f7:0e:1d:b0:e5:86:02:b9:07:5d:79:
50:16:53:41:2d:fe:a2:3d:09:0f:0d:52:c8:1d:f3:
0c:1c:3e:c3:44:b2:fd:f3:a8:10:92:c6:fc:c1:00:
3f:1b:c8:fe:9a:83:a9:e0:73:23:da:6b:2c:88:e2:
ba:af:fc:d7:ac:9b:ea:60:41:1a:f1:10:bb:d4:3d:
57:d9:a6:09:7b:b0:5d:37:0e:59:2e:75:13:78:c2:
6c:c9:a0:49:4e:9e:b4:11:04:98:a3:0b:30:6a:69:
64:d9:fa:5b:58:77:86:be:e0:8d:9e:45:e8:3a:58:
b4:bb:e3:90:52:3c:68:8e:65:e6:3d:8a:23:19:0e:
f8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DA:F8:F7:2D:2F:E7:18:8B:45:F7:0E:71:B6:99:9A:AB:D9:F5:F2
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/wtr49y0v5xiLRfcOcbaZmqvZ9fI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.88.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:20:1d:6d:b9:e8:3f:18:7f:2c:5c:59:f9:e2:cf:ee:ea:17:
d5:0f:f7:56:22:24:20:75:22:1f:95:1a:55:58:72:ad:fa:46:
fb:57:88:71:2a:38:a8:01:54:6f:cb:a4:90:ca:8c:5a:34:e3:
eb:68:db:b1:ee:4c:d8:98:70:e5:74:a1:ae:db:da:87:2e:f6:
ea:02:9d:0a:e6:26:77:d8:e1:bf:5e:29:db:9d:22:5a:3c:40:
c8:5a:4c:da:ba:64:b0:1b:d5:fa:86:ef:18:47:ce:6f:3a:db:
a2:34:56:6d:ad:8c:b5:60:4b:d3:0e:b2:ea:37:64:86:9f:9e:
84:5e:4c:3e:ff:63:58:d5:09:df:fb:db:64:48:9a:7c:46:d9:
f3:4e:17:3b:67:aa:04:6a:c3:30:f1:67:cc:c4:bd:56:cb:8f:
cd:50:7e:89:c6:32:de:f2:c1:28:20:3a:51:e3:62:09:d0:7b:
e7:80:30:e2:4f:8f:88:8c:68:5b:70:d2:41:63:04:7d:12:e6:
ce:c3:ca:36:22:eb:46:0f:d0:14:d2:11:6f:52:23:d7:fc:9b:
b3:7f:e6:0a:b6:6a:8d:3f:05:89:59:75:50:4a:81:d7:0b:11:
84:31:d9:18:18:6a:8a:1c:e6:0e:18:c9:78:69:0c:5a:e5:c9:
eb:0e:99:4a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDTswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxNDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEMyREFGOEY3MkQyRkU3
MTg4QjQ1RjcwRTcxQjY5OTlBQUJEOUY1RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQPLAiVq8iC1xSXaXCm8lXfPiJRFIwrzxtEdd1d0e7WBbt+G2b
qdfks+UsR9RuTRM/1vCeN/tNDdzwhA/5d/wMDeilAC9P/7t16L+wDpyFnMxnjAqC
klHNQzaShst2eZskUDnewcaR2CYkbTxV6osiX6+TYte8mEIagBr3Dh2w5YYCuQdd
eVAWU0Et/qI9CQ8NUsgd8wwcPsNEsv3zqBCSxvzBAD8byP6ag6ngcyPaayyI4rqv
/Nesm+pgQRrxELvUPVfZpgl7sF03DlkudRN4wmzJoElOnrQRBJijCzBqaWTZ+ltY
d4a+4I2eReg6WLS745BSPGiOZeY9iiMZDvi3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUwtr49y0v5xiLRfcOcbaZmqvZ9fIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvd3RyNDl5MHY1eGlMUmZjT2NiYVpt
cXZaOWZJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+WDAN
BgkqhkiG9w0BAQsFAAOCAQEAnCAdbbnoPxh/LFxZ+eLP7uoX1Q/3ViIkIHUiH5Ua
VVhyrfpG+1eIcSo4qAFUb8ukkMqMWjTj62jbse5M2Jhw5XShrtvahy726gKdCuYm
d9jhv14p250iWjxAyFpM2rpksBvV+obvGEfObzrbojRWba2MtWBL0w6y6jdkhp+e
hF5MPv9jWNUJ3/vbZEiafEbZ804XO2eqBGrDMPFnzMS9VsuPzVB+icYy3vLBKCA6
UeNiCdB754Aw4k+PiIxoW3DSQWMEfRLmzsPKNiLrRg/QFNIRb1Ij1/ybs3/mCrZq
jT8FiVl1UEqB1wsRhDHZGBhqihzmDhjJeGkMWuXJ6w6ZSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org