Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/0yF8ryW3pR4LwghNNsdKePxUlPM.roa
File: 0yF8ryW3pR4LwghNNsdKePxUlPM.roa (raw, json)
Hash identifier: qIAERGrdd44PSaMVjPwnKo+QEYpPjV2usLoUrv43iow=
Subject key identifier: D3:21:7C:AF:25:B7:A5:1E:0B:C2:08:4D:36:C7:4A:78:FC:54:94:F3
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B55
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/0yF8ryW3pR4LwghNNsdKePxUlPM.roa
Signing time: Thu 15 Dec 2022 02:57:00 +0000
ROA not before: Thu 15 Dec 2022 02:57:00 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2901 (0xb55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:57:00 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D3217CAF25B7A51E0BC2084D36C74A78FC5494F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8f:31:3b:d2:f0:81:b3:fd:ab:ef:d5:1f:6e:
04:4b:43:56:5b:c5:d5:ea:0c:26:20:55:f5:b7:63:
02:f9:16:e3:bc:84:c6:a5:5c:a8:6b:42:5b:01:8b:
ac:5d:d5:36:83:0a:72:10:41:b2:9d:ef:fb:47:d0:
ea:ed:d8:29:15:93:79:72:4c:02:fe:52:1f:9a:d3:
96:a2:80:58:02:00:1b:ab:39:09:b4:dc:45:24:ea:
83:2a:0a:ab:e8:a4:12:dc:eb:08:3b:30:ec:5b:3c:
32:b8:7e:28:85:2a:55:4d:18:05:a7:b9:25:0a:0a:
9d:1b:1c:10:e8:f0:fe:80:f8:8b:f0:cc:ec:5b:44:
93:4d:72:be:55:af:75:b1:d3:92:14:7d:79:3d:3b:
38:f8:48:ad:6a:50:e4:07:48:4b:18:84:79:ed:71:
77:12:ae:80:4a:04:ed:ee:34:67:55:ea:96:fa:e8:
f0:71:04:84:82:a3:23:bb:81:6e:9e:05:09:d9:86:
e5:f3:c5:7c:0d:f8:47:69:b3:0f:a9:12:80:94:8b:
96:d5:9e:60:f6:b6:b6:3a:b0:65:b5:44:5b:af:05:
61:9e:1c:cb:9a:04:c2:88:58:ad:05:30:30:8a:ca:
76:44:b3:51:35:8d:01:98:6c:8a:a6:a7:f3:b5:c8:
b6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:21:7C:AF:25:B7:A5:1E:0B:C2:08:4D:36:C7:4A:78:FC:54:94:F3
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/0yF8ryW3pR4LwghNNsdKePxUlPM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.56.0/21
Signature Algorithm: sha256WithRSAEncryption
40:b9:91:e1:be:46:b4:9f:f6:0b:fb:0f:e0:11:c0:aa:11:25:
54:74:09:fd:fb:9a:66:7d:f4:d6:81:5d:15:ce:8b:37:33:19:
c0:91:c6:48:8f:01:2a:e7:3f:22:1a:cf:aa:bd:57:6e:5b:27:
bb:b2:5c:c6:58:27:ad:80:9a:ac:e8:80:62:c9:7e:08:b8:e0:
c8:60:93:c3:e4:68:ac:db:99:a8:9c:a1:69:8f:bb:bc:34:75:
28:7d:e1:c7:2a:69:d5:62:64:7f:77:a3:cc:d9:0b:5c:43:92:
d3:1c:42:13:a3:ec:d7:00:67:c2:87:b7:94:48:03:37:77:06:
e3:36:b9:f5:3c:b1:29:fa:5f:cb:f1:b9:d7:8f:bd:f9:b0:a2:
08:a0:45:65:08:7f:c7:0f:b0:a0:ea:51:c4:92:0b:23:40:f2:
e0:f7:1e:4f:cf:7c:99:31:f9:0f:09:e2:0b:d6:23:c4:09:c6:
63:e5:d5:23:14:c1:8d:8c:da:a3:b6:39:6a:1c:37:90:a8:ed:
b7:79:92:27:55:eb:ce:0a:4a:70:bf:27:f2:38:63:e2:58:1a:
e8:4e:79:f4:3e:bc:c9:8e:93:48:22:d1:e1:02:71:4b:82:07:
23:02:06:56:b0:9a:e3:02:fb:f0:eb:38:c1:53:46:23:bf:17:
a3:6b:c7:10
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU3MDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQzMjE3Q0FGMjVCN0E1
MUUwQkMyMDg0RDM2Qzc0QTc4RkM1NDk0RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWjzE70vCBs/2r79UfbgRLQ1ZbxdXqDCYgVfW3YwL5FuO8hMal
XKhrQlsBi6xd1TaDCnIQQbKd7/tH0Ort2CkVk3lyTAL+Uh+a05aigFgCABurOQm0
3EUk6oMqCqvopBLc6wg7MOxbPDK4fiiFKlVNGAWnuSUKCp0bHBDo8P6A+IvwzOxb
RJNNcr5Vr3Wx05IUfXk9Ozj4SK1qUOQHSEsYhHntcXcSroBKBO3uNGdV6pb66PBx
BISCoyO7gW6eBQnZhuXzxXwN+Edpsw+pEoCUi5bVnmD2trY6sGW1RFuvBWGeHMua
BMKIWK0FMDCKynZEs1E1jQGYbIqmp/O1yLbHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU0yF8ryW3pR4LwghNNsdKePxUlPMwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8weUY4cnlXM3BSNEx3Z2hOTnNk
S2VQeFVsUE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5M4
MA0GCSqGSIb3DQEBCwUAA4IBAQBAuZHhvka0n/YL+w/gEcCqESVUdAn9+5pmffTW
gV0Vzos3MxnAkcZIjwEq5z8iGs+qvVduWye7slzGWCetgJqs6IBiyX4IuODIYJPD
5Gis25monKFpj7u8NHUofeHHKmnVYmR/d6PM2QtcQ5LTHEITo+zXAGfCh7eUSAM3
dwbjNrn1PLEp+l/L8bnXj735sKIIoEVlCH/HD7Cg6lHEkgsjQPLg9x5Pz3yZMfkP
CeIL1iPECcZj5dUjFMGNjNqjtjlqHDeQqO23eZInVevOCkpwvyfyOGPiWBroTnn0
PrzJjpNIItHhAnFLggcjAgZWsJrjAvvw6zjBU0Yjvxeja8cQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org