Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/3ZRFfsw6NcCssRt0qjCnGqdEHPA.roa
File: 3ZRFfsw6NcCssRt0qjCnGqdEHPA.roa (raw, json)
Hash identifier: Rg0Md7eFcxew0D/oZ9YtWvlMNEGMTaI7iHZBjIWb+MI=
Subject key identifier: DD:94:45:7E:CC:3A:35:C0:AC:B1:1B:74:AA:30:A7:1A:A7:44:1C:F0
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B4E
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/3ZRFfsw6NcCssRt0qjCnGqdEHPA.roa
Signing time: Thu 15 Dec 2022 02:56:57 +0000
ROA not before: Thu 15 Dec 2022 02:56:57 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 123.50.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2894 (0xb4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:56:57 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DD94457ECC3A35C0ACB11B74AA30A71AA7441CF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:22:7d:b1:fc:c7:61:c1:62:aa:1c:63:7d:3c:
13:b2:a4:9f:bb:5e:56:49:d4:4c:3a:24:ed:b0:00:
2a:2f:96:c7:d2:d4:62:7f:45:74:8c:52:ef:05:65:
be:bb:d7:25:12:eb:b5:ac:65:54:47:f5:8a:4b:6e:
33:38:fe:32:df:6b:16:29:99:c2:fb:4f:79:76:86:
91:c9:50:0e:ea:62:1d:27:6a:00:98:97:4d:1e:3d:
3a:21:69:74:2a:79:19:69:40:b6:76:e3:3c:65:9b:
7e:89:b3:de:de:91:ad:8c:2e:5a:32:e1:7d:60:37:
2b:82:82:74:2f:8c:36:a6:a5:63:53:fe:c5:22:62:
42:12:99:50:71:d2:54:46:93:7c:55:f3:50:37:44:
b7:6b:67:3c:fa:c3:52:19:48:f6:df:75:56:c4:c8:
ea:75:85:4a:6d:8b:7b:b8:28:1a:00:77:8a:41:6d:
47:9e:71:32:9a:cd:cf:2c:f5:33:b5:72:14:15:af:
f3:53:98:4e:d5:bc:8c:40:b8:97:a4:07:e2:97:f6:
15:79:66:98:42:da:16:9a:4f:d3:84:d5:be:12:6d:
d6:6f:78:37:82:4f:e5:60:76:cf:cc:7a:d1:41:ac:
55:13:c4:5e:33:b9:56:8d:58:58:47:b3:28:62:48:
b3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:94:45:7E:CC:3A:35:C0:AC:B1:1B:74:AA:30:A7:1A:A7:44:1C:F0
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/3ZRFfsw6NcCssRt0qjCnGqdEHPA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.50.48.0/21
Signature Algorithm: sha256WithRSAEncryption
20:54:4c:60:67:fa:3c:62:5b:37:f1:7a:e7:ec:dd:20:33:fa:
81:78:57:87:8d:5c:46:d5:36:dc:f1:34:73:5b:d2:99:bf:23:
a3:fd:cd:3b:b0:98:a6:e4:33:ac:52:c2:32:5b:08:96:29:e2:
f5:c7:e3:b7:92:6b:51:ce:d9:a6:d5:52:4b:f5:60:e8:f3:5f:
d9:99:48:9d:35:3d:9a:d6:d3:d0:af:4b:a1:ad:e9:05:1e:d1:
64:cb:81:01:bc:6f:60:f7:06:bc:a1:c7:28:0b:60:8a:af:54:
2d:39:4a:56:4d:b3:cc:5d:bc:f6:5c:6d:91:df:c9:01:96:39:
57:95:72:65:16:62:01:13:21:cd:3f:8e:94:6d:11:64:34:73:
4f:b5:f7:12:9a:6f:07:ef:60:17:69:f9:b8:47:1f:49:c2:b9:
95:03:e8:a3:28:a7:ec:19:20:99:93:75:04:16:f5:77:a7:91:
ae:cf:b4:d0:bb:1d:34:99:ea:d6:3b:59:ce:ad:fc:a4:b0:00:
db:ce:26:0c:3f:40:44:88:eb:cd:a5:62:db:9e:0c:0d:ee:64:
a5:d3:6d:b2:cb:bd:25:38:87:4d:95:44:c4:89:30:90:7b:d3:
c2:c9:98:35:39:e2:37:33:21:64:eb:69:dc:ac:c8:83:b1:75:
7e:14:68:ec
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU2NTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEREOTQ0NTdFQ0MzQTM1
QzBBQ0IxMUI3NEFBMzBBNzFBQTc0NDFDRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJIn2x/MdhwWKqHGN9PBOypJ+7XlZJ1Ew6JO2wACovlsfS1GJ/
RXSMUu8FZb671yUS67WsZVRH9YpLbjM4/jLfaxYpmcL7T3l2hpHJUA7qYh0nagCY
l00ePTohaXQqeRlpQLZ24zxlm36Js97eka2MLloy4X1gNyuCgnQvjDampWNT/sUi
YkISmVBx0lRGk3xV81A3RLdrZzz6w1IZSPbfdVbEyOp1hUpti3u4KBoAd4pBbUee
cTKazc8s9TO1chQVr/NTmE7VvIxAuJekB+KX9hV5ZphC2haaT9OE1b4SbdZveDeC
T+Vgds/MetFBrFUTxF4zuVaNWFhHsyhiSLNtAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3ZRFfsw6NcCssRt0qjCnGqdEHPAwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8zWlJGZnN3Nk5jQ3NzUnQwcWpD
bkdxZEVIUEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDezIw
MA0GCSqGSIb3DQEBCwUAA4IBAQAgVExgZ/o8Yls38Xrn7N0gM/qBeFeHjVxG1Tbc
8TRzW9KZvyOj/c07sJim5DOsUsIyWwiWKeL1x+O3kmtRztmm1VJL9WDo81/ZmUid
NT2a1tPQr0uhrekFHtFky4EBvG9g9wa8occoC2CKr1QtOUpWTbPMXbz2XG2R38kB
ljlXlXJlFmIBEyHNP46UbRFkNHNPtfcSmm8H72AXafm4Rx9JwrmVA+ijKKfsGSCZ
k3UEFvV3p5Guz7TQux00merWO1nOrfyksADbziYMP0BEiOvNpWLbngwN7mSl022y
y70lOIdNlUTEiTCQe9PCyZg1OeI3MyFk62ncrMiDsXV+FGjs
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org