Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/2ok8nBcYzVbqcuja_tAfNYrfZcI.roa
File: 2ok8nBcYzVbqcuja_tAfNYrfZcI.roa (raw, json)
Hash identifier: tkcybb+xX97WCGNSYGJCqrmHg0aOTsFO/CEQ8GqTyl8=
Subject key identifier: DA:89:3C:9C:17:18:CD:56:EA:72:E8:DA:FE:D0:1F:35:8A:DF:65:C2
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 078B
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/2ok8nBcYzVbqcuja_tAfNYrfZcI.roa
Signing time: Tue 29 Sep 2020 09:59:27 +0000
ROA not before: Tue 29 Sep 2020 09:59:27 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 27.147.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1931 (0x78b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 09:59:27 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=DA893C9C1718CD56EA72E8DAFED01F358ADF65C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:48:11:e1:8e:60:5b:88:d9:bd:65:da:67:f3:
16:01:e4:d0:f6:2a:e4:0f:62:0e:ea:b1:f5:ae:de:
14:b5:6e:2c:92:f9:21:97:a3:4b:f7:06:f8:a8:52:
85:fe:be:2f:31:43:44:05:79:f0:a1:f7:04:31:56:
87:cb:c5:68:37:cf:27:44:23:86:2b:d5:2b:99:16:
32:b3:ef:6f:42:31:79:da:57:05:7a:ad:c9:6c:94:
f7:a3:fe:e8:38:53:ba:58:b3:38:b5:81:c4:8d:a0:
50:31:dd:01:58:df:8f:d5:0a:d6:c8:a0:a2:c8:2e:
ae:14:11:15:21:7c:6b:b0:50:38:dd:00:04:be:8c:
12:dc:ea:50:4d:85:49:99:eb:42:40:1e:89:1d:87:
1f:da:5c:b2:70:b7:07:7c:3d:cf:1f:24:49:e2:c2:
76:e6:33:df:54:74:7e:de:1e:09:d7:58:3c:cf:35:
d1:03:10:24:54:fb:e1:24:af:cc:96:14:63:ab:11:
d5:37:9c:dd:a8:cd:1a:09:ec:9f:96:c9:2b:12:f7:
49:71:87:cf:18:d0:6f:47:38:a1:d9:0d:3d:ba:14:
9c:42:36:1e:e3:45:bf:b9:91:07:2e:eb:a3:d2:94:
5f:72:cc:43:9d:0c:07:54:7e:09:a6:4a:01:59:88:
82:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:89:3C:9C:17:18:CD:56:EA:72:E8:DA:FE:D0:1F:35:8A:DF:65:C2
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/2ok8nBcYzVbqcuja_tAfNYrfZcI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.62.0/24
Signature Algorithm: sha256WithRSAEncryption
94:3c:26:4c:c8:47:47:2e:a6:70:ed:5c:fd:32:30:a3:2a:e2:
6e:47:cd:6e:1f:29:df:57:da:84:e4:ed:a1:99:31:a2:aa:4d:
89:34:03:46:da:78:0e:ab:ef:7c:81:bf:65:fb:98:cc:e5:6f:
0d:a1:f2:c8:bd:62:66:4d:e6:da:ce:b4:1d:a8:f9:c4:a0:14:
61:a5:df:60:b3:11:0a:1b:1c:42:65:12:e5:b9:8f:c7:28:d9:
c6:a0:f5:c4:8d:e2:f7:9f:e2:35:0e:93:56:ad:66:50:2e:1b:
18:73:85:30:ad:6b:f0:c3:57:30:e7:eb:60:32:31:35:1d:ab:
a8:a1:65:bb:47:06:be:e7:a4:a4:53:f2:40:00:22:83:93:fd:
bd:62:fe:4b:71:2b:c6:42:33:27:bf:73:62:7f:6f:f9:51:e0:
b7:92:3a:c3:d3:91:1a:0d:47:93:e5:ff:d3:1a:55:20:c5:d7:
26:fd:11:ca:d0:a4:91:8c:21:65:6a:e1:6c:d7:64:d3:61:57:
9f:d7:65:90:63:88:84:17:ca:3f:25:79:71:39:79:8a:1f:b4:
3e:47:15:88:36:32:ea:fc:42:de:d5:db:66:59:42:1d:85:d8:
db:4e:5d:e4:a0:0c:c9:0c:79:bf:ca:e3:fb:62:00:aa:b1:e5:
cc:6e:a4:9a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMDA5Mjkw
OTU5MjdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERBODkzQzlDMTcxOENE
NTZFQTcyRThEQUZFRDAxRjM1OEFERjY1QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmSBHhjmBbiNm9Zdpn8xYB5ND2KuQPYg7qsfWu3hS1biyS+SGX
o0v3BvioUoX+vi8xQ0QFefCh9wQxVofLxWg3zydEI4Yr1SuZFjKz729CMXnaVwV6
rclslPej/ug4U7pYszi1gcSNoFAx3QFY34/VCtbIoKLILq4UERUhfGuwUDjdAAS+
jBLc6lBNhUmZ60JAHokdhx/aXLJwtwd8Pc8fJEniwnbmM99UdH7eHgnXWDzPNdED
ECRU++Ekr8yWFGOrEdU3nN2ozRoJ7J+WySsS90lxh88Y0G9HOKHZDT26FJxCNh7j
Rb+5kQcu66PSlF9yzEOdDAdUfgmmSgFZiIIlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2ok8nBcYzVbqcuja/tAfNYrfZcIwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8yb2s4bkJjWXpWYnFjdWphX3RB
Zk5ZcmZaY0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAG5M+
MA0GCSqGSIb3DQEBCwUAA4IBAQCUPCZMyEdHLqZw7Vz9MjCjKuJuR81uHynfV9qE
5O2hmTGiqk2JNANG2ngOq+98gb9l+5jM5W8NofLIvWJmTebazrQdqPnEoBRhpd9g
sxEKGxxCZRLluY/HKNnGoPXEjeL3n+I1DpNWrWZQLhsYc4UwrWvww1cw5+tgMjE1
HauooWW7Rwa+56SkU/JAACKDk/29Yv5LcSvGQjMnv3Nif2/5UeC3kjrD05EaDUeT
5f/TGlUgxdcm/RHK0KSRjCFlauFs12TTYVef12WQY4iEF8o/JXlxOXmKH7Q+RxWI
NjLq/ELe1dtmWUIdhdjbTl3koAzJDHm/yuP7YgCqseXMbqSa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org