Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/3Q5hUjPsz7TalGgU1tgx7o6pO_I.roa
File: 3Q5hUjPsz7TalGgU1tgx7o6pO_I.roa (raw, json)
Hash identifier: ktmUCQf+6ZCT9lOBK1FOQP+7kTAFKAAkRQjUN86l4LE=
Subject key identifier: DD:0E:61:52:33:EC:CF:B4:DA:94:68:14:D6:D8:31:EE:8E:A9:3B:F2
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B2E
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/3Q5hUjPsz7TalGgU1tgx7o6pO_I.roa
Signing time: Thu 15 Dec 2022 02:12:34 +0000
ROA not before: Thu 15 Dec 2022 02:12:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 123.50.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2862 (0xb2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:12:34 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DD0E615233ECCFB4DA946814D6D831EE8EA93BF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d4:56:bb:16:da:d0:60:db:1c:9a:25:a7:46:
03:5e:8c:7c:cf:24:10:6b:ac:33:46:7c:bf:81:65:
80:74:0b:1c:46:22:8e:5d:3f:27:fe:34:cc:4f:e1:
1f:e2:f4:5d:54:66:87:d6:5a:7c:5f:f9:69:d3:da:
27:77:db:fe:d8:5b:e2:1a:52:6b:d2:fe:8d:84:53:
fd:f1:4a:33:c4:03:d2:5c:01:51:a2:2f:7e:40:48:
73:c7:23:93:99:b1:7f:0e:c8:a4:de:d0:8b:33:ab:
89:dd:45:66:be:75:69:0b:18:cd:f4:6d:1e:c0:d6:
d2:62:e6:de:6a:c6:6f:6e:44:96:1b:c1:7b:94:90:
51:05:80:1e:39:2b:23:95:80:48:fe:f4:7e:3d:b0:
7c:62:cf:08:2f:24:d1:d6:0d:00:72:ff:c4:c7:06:
ec:da:60:18:5b:5c:02:87:db:b9:1e:0d:21:4e:1e:
8f:ae:e5:40:35:e4:25:89:48:0e:13:53:8a:07:bb:
07:80:1b:ac:9f:88:bc:19:cd:cd:01:62:bb:3e:8f:
00:be:a6:61:ec:b4:1e:70:ce:73:2e:7a:05:3e:37:
92:fd:f8:ce:70:31:1f:26:00:fe:c4:a7:2c:f2:ec:
52:b4:a1:cb:a6:65:6c:66:79:af:76:23:5a:20:6c:
2c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0E:61:52:33:EC:CF:B4:DA:94:68:14:D6:D8:31:EE:8E:A9:3B:F2
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/3Q5hUjPsz7TalGgU1tgx7o6pO_I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.50.56.0/21
Signature Algorithm: sha256WithRSAEncryption
60:ce:e4:fc:9c:a1:96:f0:2b:8d:7e:7c:aa:59:7b:d8:8a:64:
70:9b:44:28:8c:67:e3:a2:4a:06:fc:da:fe:e6:4a:87:04:b0:
70:92:f4:60:8b:38:33:fd:d2:bc:c2:4f:cb:2f:d1:ba:b5:11:
19:2e:8e:0d:01:a9:06:ab:5a:69:cc:35:66:b2:f1:ab:d8:b4:
83:e2:78:59:0d:24:e5:9a:9e:c6:61:3b:13:71:4a:96:eb:3a:
b7:f4:11:9b:29:95:a2:f2:0c:4f:24:57:83:7b:17:43:70:9a:
0c:aa:3d:ba:5a:9e:cb:88:fa:69:55:42:18:42:10:c0:89:b7:
29:67:e8:91:aa:72:91:77:70:c5:82:21:eb:c4:85:18:b6:08:
6e:3b:0d:c0:db:0b:42:31:6d:42:30:1e:d2:b0:b3:1b:52:c5:
93:ea:60:91:97:e9:84:b7:ac:74:d7:f8:0e:f8:6a:32:b4:5a:
a8:54:09:c7:75:f0:86:dc:7a:fc:88:79:9c:18:b0:3d:33:cf:
22:b1:05:f8:54:f8:cf:32:18:38:c1:02:f8:fa:f9:20:39:e3:
a0:62:db:67:9a:4c:45:94:6c:23:89:90:a6:50:4b:44:bf:f6:
6a:c3:f9:a8:fc:07:9c:10:2a:d0:37:4a:b0:f1:b4:0f:ff:2e:
04:90:ec:49
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCy4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjEyMzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEREMEU2MTUyMzNFQ0NG
QjREQTk0NjgxNEQ2RDgzMUVFOEVBOTNCRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC51Fa7FtrQYNscmiWnRgNejHzPJBBrrDNGfL+BZYB0CxxGIo5d
Pyf+NMxP4R/i9F1UZofWWnxf+WnT2id32/7YW+IaUmvS/o2EU/3xSjPEA9JcAVGi
L35ASHPHI5OZsX8OyKTe0Iszq4ndRWa+dWkLGM30bR7A1tJi5t5qxm9uRJYbwXuU
kFEFgB45KyOVgEj+9H49sHxizwgvJNHWDQBy/8THBuzaYBhbXAKH27keDSFOHo+u
5UA15CWJSA4TU4oHuweAG6yfiLwZzc0BYrs+jwC+pmHstB5wznMuegU+N5L9+M5w
MR8mAP7Epyzy7FK0ocumZWxmea92I1ogbCz9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3Q5hUjPsz7TalGgU1tgx7o6pO/IwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8zUTVoVWpQc3o3VGFsR2dVMXRn
eDdvNnBPX0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDezI4
MA0GCSqGSIb3DQEBCwUAA4IBAQBgzuT8nKGW8CuNfnyqWXvYimRwm0QojGfjokoG
/Nr+5kqHBLBwkvRgizgz/dK8wk/LL9G6tREZLo4NAakGq1ppzDVmsvGr2LSD4nhZ
DSTlmp7GYTsTcUqW6zq39BGbKZWi8gxPJFeDexdDcJoMqj26Wp7LiPppVUIYQhDA
ibcpZ+iRqnKRd3DFgiHrxIUYtghuOw3A2wtCMW1CMB7SsLMbUsWT6mCRl+mEt6x0
1/gO+GoytFqoVAnHdfCG3Hr8iHmcGLA9M88isQX4VPjPMhg4wQL4+vkgOeOgYttn
mkxFlGwjiZCmUEtEv/Zqw/mo/AecECrQN0qw8bQP/y4EkOxJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org