Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/2buASBE3oa7njNnlKPf4IHXI2-g.roa
File: 2buASBE3oa7njNnlKPf4IHXI2-g.roa (raw, json)
Hash identifier: 3eDYT0lJ6KhBxccoSaMUmJlnb648C4Bj+vJNOZ9ULgs=
Subject key identifier: D9:BB:80:48:11:37:A1:AE:E7:8C:D9:E5:28:F7:F8:20:75:C8:DB:E8
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 091F
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/2buASBE3oa7njNnlKPf4IHXI2-g.roa
Signing time: Sun 07 Feb 2021 12:45:27 +0000
ROA not before: Sun 07 Feb 2021 12:45:27 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 124.155.160.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2335 (0x91f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 7 12:45:27 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D9BB80481137A1AEE78CD9E528F7F82075C8DBE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:bf:eb:48:dd:87:4c:56:cd:ac:20:12:dc:51:
ad:99:de:30:d5:61:06:cd:d7:d3:e9:7c:25:40:23:
7b:1a:67:45:e7:1d:a7:4d:e0:d3:dc:cd:90:94:8f:
41:5f:a4:e0:ba:a7:1d:de:84:06:f3:f1:46:09:60:
03:30:3c:07:3a:8a:85:fb:cb:c7:05:9e:2d:1f:ce:
b1:d9:ca:53:73:cb:aa:00:c9:57:e9:19:77:3b:7b:
74:92:f5:aa:94:04:20:04:40:a4:36:b5:0d:2a:7a:
d3:4a:77:a4:49:1c:21:ad:47:c3:51:ef:d4:15:de:
81:51:72:0b:54:17:48:20:5d:09:37:4b:2d:3b:e3:
a2:a6:86:da:b0:8f:4d:48:08:e8:e1:c1:40:be:19:
54:0e:12:af:b9:77:89:d1:07:93:88:a6:3f:45:b6:
2b:ae:40:01:da:22:d7:7e:d7:2c:86:23:c8:d2:dc:
53:29:43:b7:96:34:f9:d6:35:5f:2e:23:33:e1:bf:
0a:3c:c0:79:49:00:f9:98:43:8b:d7:d9:a2:e5:b4:
f7:78:cc:c8:d2:cb:f7:0f:65:6a:62:31:35:17:41:
ed:32:c3:36:99:f6:8c:e2:ed:9f:aa:ff:6d:52:5a:
9f:c2:6f:58:f4:74:c7:22:c9:cd:5f:4e:63:ca:27:
55:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BB:80:48:11:37:A1:AE:E7:8C:D9:E5:28:F7:F8:20:75:C8:DB:E8
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/2buASBE3oa7njNnlKPf4IHXI2-g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.160.0/21
Signature Algorithm: sha256WithRSAEncryption
72:da:14:e1:4f:65:f0:7a:93:e3:db:c7:05:4e:2c:21:7a:da:
8f:97:b0:7f:9f:54:e2:b6:66:ff:b7:4e:1c:d7:23:e1:dc:57:
59:c2:61:98:61:92:57:0b:13:88:58:2b:05:48:d9:43:af:de:
d4:40:4c:05:56:16:c2:8e:e2:65:a8:49:51:45:86:ff:5e:ab:
f1:85:17:21:8b:28:e4:bc:3f:cf:f3:ce:59:a8:6b:48:40:6d:
72:d2:4a:f5:b5:48:37:58:55:d7:20:b2:06:0c:02:5e:64:90:
b9:31:c9:c6:f8:60:e5:23:99:80:64:a0:c2:a8:cb:dd:86:5f:
93:89:7f:ca:e2:72:8a:f3:3b:e4:73:c1:33:b0:18:94:10:cf:
d4:a0:de:25:93:c4:36:0d:c8:78:92:cd:d4:55:b4:c0:8e:67:
ae:28:ed:96:03:c0:c1:5e:60:b9:02:52:ca:ce:2c:f6:ae:32:
d2:23:67:b2:f7:c9:37:82:32:1b:64:b2:15:90:07:0b:6e:0a:
40:a6:72:0a:45:13:09:d9:8a:08:ac:0e:4d:44:8e:30:08:f8:
3f:0a:f0:78:4e:91:d6:41:9f:1b:0a:f0:52:ec:39:4a:93:2f:
26:7f:06:cf:c8:72:e3:6d:c0:15:89:dd:9c:75:6a:dd:87:e4:
fe:58:73:bc
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ1MjdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ5QkI4MDQ4MTEzN0Ex
QUVFNzhDRDlFNTI4RjdGODIwNzVDOERCRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD6v+tI3YdMVs2sIBLcUa2Z3jDVYQbN19PpfCVAI3saZ0XnHadN
4NPczZCUj0FfpOC6px3ehAbz8UYJYAMwPAc6ioX7y8cFni0fzrHZylNzy6oAyVfp
GXc7e3SS9aqUBCAEQKQ2tQ0qetNKd6RJHCGtR8NR79QV3oFRcgtUF0ggXQk3Sy07
46Kmhtqwj01ICOjhwUC+GVQOEq+5d4nRB5OIpj9FtiuuQAHaItd+1yyGI8jS3FMp
Q7eWNPnWNV8uIzPhvwo8wHlJAPmYQ4vX2aLltPd4zMjSy/cPZWpiMTUXQe0ywzaZ
9ozi7Z+q/21SWp/Cb1j0dMciyc1fTmPKJ1XNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2buASBE3oa7njNnlKPf4IHXI2+gwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8yYnVBU0JFM29hN25qTm5sS1Bm
NElIWEkyLWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJug
MA0GCSqGSIb3DQEBCwUAA4IBAQBy2hThT2XwepPj28cFTiwhetqPl7B/n1Titmb/
t04c1yPh3FdZwmGYYZJXCxOIWCsFSNlDr97UQEwFVhbCjuJlqElRRYb/XqvxhRch
iyjkvD/P885ZqGtIQG1y0kr1tUg3WFXXILIGDAJeZJC5McnG+GDlI5mAZKDCqMvd
hl+TiX/K4nKK8zvkc8EzsBiUEM/UoN4lk8Q2Dch4ks3UVbTAjmeuKO2WA8DBXmC5
AlLKziz2rjLSI2ey98k3gjIbZLIVkAcLbgpApnIKRRMJ2YoIrA5NRI4wCPg/CvB4
TpHWQZ8bCvBS7DlKky8mfwbPyHLjbcAVid2cdWrdh+T+WHO8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:57 2023 by rpki-client on console-fra.rpki-client.org