Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/xdp4hW7sU9_ur1IoD1DUZWWa_bM.roa
File: xdp4hW7sU9_ur1IoD1DUZWWa_bM.roa (raw, json)
Hash identifier: bGXpiTHrQkJc7/DGEQOe6YytfCzLkM/MgOVPJ+LRROA=
Subject key identifier: C5:DA:78:85:6E:EC:53:DF:EE:AF:52:28:0F:50:D4:65:65:9A:FD:B3
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0B18
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/xdp4hW7sU9_ur1IoD1DUZWWa_bM.roa
Signing time: Thu 16 Dec 2021 06:45:39 +0000
ROA not before: Thu 16 Dec 2021 06:45:39 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 17809
IP address blocks: 203.217.104.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2840 (0xb18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Dec 16 06:45:39 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=C5DA78856EEC53DFEEAF52280F50D465659AFDB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1c:cc:66:23:f8:d3:a2:0d:f4:62:19:41:42:
c2:ab:fe:6e:c9:df:fa:b9:4f:26:5a:94:58:f1:06:
ea:75:89:7d:97:b4:bf:5f:92:51:29:22:71:4c:0c:
81:30:9d:62:ad:eb:ca:d2:bf:d2:c8:21:0b:c3:59:
34:9b:bc:dd:f5:eb:3b:6f:51:29:eb:30:0b:64:32:
5d:89:b5:52:6a:f3:39:9b:d7:2c:ed:a8:3b:e7:7e:
93:f5:e7:e0:27:0d:7a:7d:b0:51:d0:01:61:90:80:
b9:a6:4f:59:7f:4d:5c:12:5e:62:a1:95:51:90:f3:
7e:83:2c:5f:59:63:8b:05:89:8a:67:e8:69:6d:d1:
52:46:09:5f:91:85:be:29:36:72:d8:eb:7a:b7:9b:
8d:ba:29:18:aa:3c:dc:24:18:55:ad:89:3a:b4:31:
2e:e6:05:41:05:c3:0b:47:53:6c:fc:d8:3f:4d:64:
4e:e3:f8:e0:2b:e0:51:4b:ce:e7:e8:f8:e6:db:59:
21:15:b6:d3:44:78:54:4a:bb:00:76:15:93:29:6e:
7e:ef:e8:7e:77:c5:17:aa:ec:1c:e5:38:9c:1b:e7:
f7:02:48:44:7c:e0:f7:97:e7:74:22:09:59:60:cb:
13:70:7a:bb:a2:3b:5a:92:ee:b3:98:1e:fe:45:6f:
48:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DA:78:85:6E:EC:53:DF:EE:AF:52:28:0F:50:D4:65:65:9A:FD:B3
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/xdp4hW7sU9_ur1IoD1DUZWWa_bM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.104.0/21
Signature Algorithm: sha256WithRSAEncryption
70:58:02:d6:37:f1:5e:a3:16:e9:b4:c9:0c:ae:43:b5:5c:60:
7f:cb:ec:f4:ba:d8:96:e3:b0:8b:ea:b2:cf:99:df:37:03:35:
a3:0d:00:8c:a2:aa:80:09:54:87:e0:6c:e5:07:a7:57:f7:18:
89:b4:44:e8:71:dd:2e:e8:9d:f9:9d:94:65:36:87:cd:19:b8:
5c:fc:04:90:c1:a0:aa:0d:40:c8:44:5a:3b:8a:bb:02:7d:df:
63:50:df:0f:7c:e1:a1:40:87:63:76:a6:5c:1b:32:14:86:0a:
02:e4:fc:9e:43:c2:db:57:33:dc:3a:61:07:d6:ee:5e:64:1c:
1d:b2:52:9c:ff:6d:08:59:83:f9:67:1c:b6:7f:2a:21:12:a7:
bf:7f:c5:54:6c:e3:de:01:58:37:d7:6b:fa:5b:d3:ff:32:f6:
52:65:e2:3f:2b:2f:3f:f3:8d:f1:b2:23:2d:e5:24:8d:da:1d:
94:10:2c:69:78:b8:5d:96:96:7c:02:ef:43:ee:3e:09:2f:52:
83:f7:e9:2d:b2:5f:70:2c:4f:27:78:5d:09:0f:ff:2c:b5:ed:
61:4c:a5:21:fc:57:b7:fb:d9:be:0a:87:ea:69:64:8d:ea:c9:
b0:b3:e8:55:d0:76:6b:76:97:7b:8e:5d:21:9f:be:dd:fe:c0:
52:1a:df:4a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjQ1MzlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEM1REE3ODg1NkVFQzUz
REZFRUFGNTIyODBGNTBENDY1NjU5QUZEQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLHMxmI/jTog30YhlBQsKr/m7J3/q5TyZalFjxBup1iX2XtL9f
klEpInFMDIEwnWKt68rSv9LIIQvDWTSbvN316ztvUSnrMAtkMl2JtVJq8zmb1yzt
qDvnfpP15+AnDXp9sFHQAWGQgLmmT1l/TVwSXmKhlVGQ836DLF9ZY4sFiYpn6Glt
0VJGCV+Rhb4pNnLY63q3m426KRiqPNwkGFWtiTq0MS7mBUEFwwtHU2z82D9NZE7j
+OAr4FFLzufo+ObbWSEVttNEeFRKuwB2FZMpbn7v6H53xReq7BzlOJwb5/cCSER8
4PeX53QiCVlgyxNweruiO1qS7rOYHv5Fb0idAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxdp4hW7sU9/ur1IoD1DUZWWa/bMwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgveGRwNGhXN3NVOV91cjFJb0QxRFVa
V1dhX2JNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8vZaDAN
BgkqhkiG9w0BAQsFAAOCAQEAcFgC1jfxXqMW6bTJDK5DtVxgf8vs9LrYluOwi+qy
z5nfNwM1ow0AjKKqgAlUh+Bs5QenV/cYibRE6HHdLuid+Z2UZTaHzRm4XPwEkMGg
qg1AyERaO4q7An3fY1DfD3zhoUCHY3amXBsyFIYKAuT8nkPC21cz3DphB9buXmQc
HbJSnP9tCFmD+Wcctn8qIRKnv3/FVGzj3gFYN9dr+lvT/zL2UmXiPysvP/ON8bIj
LeUkjdodlBAsaXi4XZaWfALvQ+4+CS9Sg/fpLbJfcCxPJ3hdCQ//LLXtYUylIfxX
t/vZvgqH6mlkjerJsLPoVdB2a3aXe45dIZ++3f7AUhrfSg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:53 2023 by rpki-client on console-ams.rpki-client.org