Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/23eeHK3dkfoJ0cAvmUhUEp5WffE.roa
File: 23eeHK3dkfoJ0cAvmUhUEp5WffE.roa (raw, json)
Hash identifier: XC5iAZDaOQWjhbnva6eRcHuz+31dZK3thSBwVQ0lRvc=
Subject key identifier: DB:77:9E:1C:AD:DD:91:FA:09:D1:C0:2F:99:48:54:12:9E:56:7D:F1
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B63
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/23eeHK3dkfoJ0cAvmUhUEp5WffE.roa
Signing time: Thu 15 Dec 2022 03:49:36 +0000
ROA not before: Thu 15 Dec 2022 03:49:36 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2915 (0xb63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 03:49:36 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DB779E1CADDD91FA09D1C02F994854129E567DF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f8:d3:a8:7f:88:38:c8:65:18:0b:a2:10:80:
3d:99:79:04:4f:63:53:14:8f:fa:06:c4:1e:3a:13:
c7:4b:e6:98:54:c6:58:2a:d7:01:e1:54:27:7e:cf:
02:7c:5b:3a:0b:71:a3:ab:5c:03:93:3f:ab:37:31:
1e:0f:a2:f9:03:43:89:a6:7f:c8:f1:70:bd:69:48:
46:d9:4b:fc:e0:8f:ad:54:d7:f1:d6:96:ea:27:b3:
48:0b:e0:75:4a:ae:75:c3:bc:52:f3:5a:06:f9:dd:
f3:03:52:91:ba:36:34:84:13:52:fd:d3:04:ba:71:
e9:5c:82:03:aa:5e:ae:f3:1e:db:20:7c:e7:25:01:
98:d8:a3:52:99:e4:f2:15:f4:d5:17:61:c2:bf:e0:
e3:65:8e:5e:3a:aa:c6:a7:fa:0c:57:34:6b:5d:ca:
0c:fd:34:97:a2:ad:20:10:16:0f:91:a1:6e:ec:92:
39:c3:0c:d2:50:69:3a:b0:11:e6:de:a4:af:f3:28:
d2:31:3a:96:1d:87:76:d9:9f:8c:99:c0:b2:33:0c:
2e:27:27:f1:7f:6d:9d:5e:f9:15:20:44:68:ba:e9:
a1:80:9f:2a:0c:63:7f:e8:9c:1b:d7:c0:a2:6d:d3:
9a:e0:23:8b:5d:02:11:85:f0:8a:17:78:64:a4:39:
38:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:77:9E:1C:AD:DD:91:FA:09:D1:C0:2F:99:48:54:12:9E:56:7D:F1
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/23eeHK3dkfoJ0cAvmUhUEp5WffE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.56.0/21
Signature Algorithm: sha256WithRSAEncryption
49:bb:37:42:8a:6f:19:29:58:8d:89:d5:97:6a:28:ee:e2:94:
c6:9b:16:6f:2a:7f:9c:4e:ca:a1:75:4d:a6:dc:84:da:ac:6b:
ad:41:a9:b8:f3:5e:e4:0a:0d:cf:ee:70:b2:6b:2d:12:e3:0f:
95:9f:38:c3:85:b4:c7:0d:1f:27:7c:f5:fd:05:79:fc:de:0d:
df:1a:fd:45:55:14:6b:4a:c9:cc:9d:00:ba:79:4e:6e:e5:eb:
ac:97:0b:b4:dc:95:35:50:83:10:a8:d5:40:07:26:d1:a2:24:
50:a5:ca:d1:41:34:9e:88:ec:3d:6c:a9:38:d1:37:b6:de:c6:
83:ac:8c:a5:96:de:24:f4:c8:2e:2c:88:f0:40:25:ff:0b:46:
ff:75:7f:2b:7b:39:69:a0:87:b2:28:70:17:88:2c:e2:bb:53:
bf:e8:fd:7e:a7:2f:5c:19:3c:f7:b6:89:0e:5f:2e:7b:0b:69:
84:fd:07:85:aa:d7:41:b0:f4:e0:1e:65:6c:13:0d:c6:d0:62:
2b:28:b5:d5:17:1a:95:ee:0a:59:21:0b:d2:62:3e:5a:f7:d2:
b1:b7:ad:3c:7a:8c:59:b5:89:d6:13:6d:0b:ba:61:af:f6:98:
af:2c:67:8d:07:69:78:2d:e4:f8:c4:b7:24:cd:29:32:e1:9e:
8e:16:8c:21
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MzQ5MzZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERCNzc5RTFDQURERDkx
RkEwOUQxQzAyRjk5NDg1NDEyOUU1NjdERjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA+NOof4g4yGUYC6IQgD2ZeQRPY1MUj/oGxB46E8dL5phUxlgq
1wHhVCd+zwJ8WzoLcaOrXAOTP6s3MR4PovkDQ4mmf8jxcL1pSEbZS/zgj61U1/HW
luons0gL4HVKrnXDvFLzWgb53fMDUpG6NjSEE1L90wS6celcggOqXq7zHtsgfOcl
AZjYo1KZ5PIV9NUXYcK/4ONljl46qsan+gxXNGtdygz9NJeirSAQFg+RoW7skjnD
DNJQaTqwEebepK/zKNIxOpYdh3bZn4yZwLIzDC4nJ/F/bZ1e+RUgRGi66aGAnyoM
Y3/onBvXwKJt05rgI4tdAhGF8IoXeGSkOTibAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU23eeHK3dkfoJ0cAvmUhUEp5WffEwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8yM2VlSEszZGtmb0owY0F2bVVo
VUVwNVdmZkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5M4
MA0GCSqGSIb3DQEBCwUAA4IBAQBJuzdCim8ZKViNidWXaiju4pTGmxZvKn+cTsqh
dU2m3ITarGutQam4817kCg3P7nCyay0S4w+VnzjDhbTHDR8nfPX9BXn83g3fGv1F
VRRrSsnMnQC6eU5u5euslwu03JU1UIMQqNVABybRoiRQpcrRQTSeiOw9bKk40Te2
3saDrIyllt4k9MguLIjwQCX/C0b/dX8rezlpoIeyKHAXiCziu1O/6P1+py9cGTz3
tokOXy57C2mE/QeFqtdBsPTgHmVsEw3G0GIrKLXVFxqV7gpZIQvSYj5a99Kxt608
eoxZtYnWE20LumGv9pivLGeNB2l4LeT4xLckzSky4Z6OFowh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org