Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/071ChIcf70JRE__aWouinuCEVvw.roa
File: 071ChIcf70JRE__aWouinuCEVvw.roa (raw, json)
Hash identifier: 0CLZ3jMUegORbkGk1kR/4G9lanPXSvtTIxqt+hhzs/Y=
Subject key identifier: D3:BD:42:84:87:1F:EF:42:51:13:FF:DA:5A:8B:A2:9E:E0:84:56:FC
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B5E
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/071ChIcf70JRE__aWouinuCEVvw.roa
Signing time: Thu 15 Dec 2022 02:57:03 +0000
ROA not before: Thu 15 Dec 2022 02:57:03 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 61.57.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2910 (0xb5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:57:03 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D3BD4284871FEF425113FFDA5A8BA29EE08456FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:17:fc:f0:bc:0e:d3:cb:7f:b8:e3:55:65:b8:
d3:91:a4:6a:d4:2e:a9:17:a2:d6:02:ff:2b:bb:eb:
36:cd:84:16:ff:7c:b2:26:54:5e:18:11:e7:78:31:
f7:a8:c7:6e:80:00:df:f1:26:7c:df:3a:f4:fa:5b:
5b:27:14:c6:5c:f2:84:21:51:d3:ce:ea:73:1f:46:
72:33:50:a1:3c:98:31:07:cf:39:47:49:a1:0f:96:
c7:1d:b3:cd:d9:2f:96:09:01:22:04:b4:77:ca:4a:
2e:28:be:33:0b:62:74:7b:19:fc:49:e3:5e:b0:98:
da:80:a0:72:c3:bd:94:d4:ef:0a:a3:d8:b5:bd:a3:
5c:aa:f4:c2:8a:36:14:b8:11:0f:aa:a0:58:9a:ce:
83:91:af:46:c5:21:b3:67:71:5d:83:99:a4:90:55:
c7:4e:79:f7:0f:91:8c:fc:80:c8:0f:75:0e:61:5e:
a9:21:22:9d:ca:0d:5e:22:bb:50:23:19:26:34:08:
8b:e7:04:c4:14:53:63:68:37:48:28:15:de:35:7a:
96:b9:13:97:81:93:18:c0:7e:e5:08:0c:54:81:df:
bd:38:6f:54:63:ab:b7:2d:da:db:3b:4e:4a:e5:a8:
04:74:1f:55:dc:af:ce:34:0d:76:22:5d:f9:22:42:
1d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:BD:42:84:87:1F:EF:42:51:13:FF:DA:5A:8B:A2:9E:E0:84:56:FC
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/071ChIcf70JRE__aWouinuCEVvw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.152.0/22
Signature Algorithm: sha256WithRSAEncryption
31:ea:64:d8:c8:16:e5:e7:98:94:63:13:eb:8b:52:6c:75:c8:
e4:89:42:4b:46:ca:72:35:7f:49:45:2d:c5:20:94:d6:7e:40:
bc:9e:8a:6a:02:bf:c3:2f:62:c7:81:97:ba:54:f5:d9:d0:42:
f7:23:5c:51:63:82:fa:1f:b1:80:ce:70:6d:32:45:e4:17:6f:
ce:45:21:50:39:d7:c1:a0:c3:f1:a7:09:19:df:f2:5d:b4:58:
fc:5f:e7:ea:c3:2f:e3:fc:45:f9:6d:9f:28:63:cd:af:88:ae:
86:d1:d0:4d:8f:6f:5d:b2:0f:48:a6:5a:eb:5e:b5:96:16:09:
8f:50:a5:65:38:ea:b6:65:7f:f3:99:94:06:a9:39:76:29:cf:
12:8b:8c:04:74:8b:aa:66:bb:0e:64:b9:b5:88:52:b1:8e:4d:
3c:40:e1:ac:ef:90:6c:cd:77:47:8c:29:87:ea:4d:21:48:5c:
a6:3c:d8:e6:bc:24:45:8e:6d:e6:73:63:d2:79:75:75:bd:51:
98:5b:20:89:d7:10:6d:d9:41:29:eb:38:f1:9d:9b:bd:3c:0a:
a3:54:2f:31:74:d3:a5:fb:30:d6:2b:75:0d:b9:b6:9e:e7:ab:
19:84:c9:b7:42:3d:f5:ac:2f:59:4b:7f:b0:20:57:fb:a6:21:
93:7e:dd:2b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC14wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU3MDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQzQkQ0Mjg0ODcxRkVG
NDI1MTEzRkZEQTVBOEJBMjlFRTA4NDU2RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8F/zwvA7Ty3+441VluNORpGrULqkXotYC/yu76zbNhBb/fLIm
VF4YEed4Mfeox26AAN/xJnzfOvT6W1snFMZc8oQhUdPO6nMfRnIzUKE8mDEHzzlH
SaEPlscds83ZL5YJASIEtHfKSi4ovjMLYnR7GfxJ416wmNqAoHLDvZTU7wqj2LW9
o1yq9MKKNhS4EQ+qoFiazoORr0bFIbNncV2DmaSQVcdOefcPkYz8gMgPdQ5hXqkh
Ip3KDV4iu1AjGSY0CIvnBMQUU2NoN0goFd41epa5E5eBkxjAfuUIDFSB3704b1Rj
q7ct2ts7TkrlqAR0H1Xcr840DXYiXfkiQh0hAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU071ChIcf70JRE//aWouinuCEVvwwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8wNzFDaEljZjcwSlJFX19hV291
aW51Q0VWdncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPTmY
MA0GCSqGSIb3DQEBCwUAA4IBAQAx6mTYyBbl55iUYxPri1JsdcjkiUJLRspyNX9J
RS3FIJTWfkC8nopqAr/DL2LHgZe6VPXZ0EL3I1xRY4L6H7GAznBtMkXkF2/ORSFQ
OdfBoMPxpwkZ3/JdtFj8X+fqwy/j/EX5bZ8oY82viK6G0dBNj29dsg9IplrrXrWW
FgmPUKVlOOq2ZX/zmZQGqTl2Kc8Si4wEdIuqZrsOZLm1iFKxjk08QOGs75BszXdH
jCmH6k0hSFymPNjmvCRFjm3mc2PSeXV1vVGYWyCJ1xBt2UEp6zjxnZu9PAqjVC8x
dNOl+zDWK3UNubae56sZhMm3Qj31rC9ZS3+wIFf7piGTft0r
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org