Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/3wgGUx1lDcarA_6eE86haZJDqJU.roa
File: 3wgGUx1lDcarA_6eE86haZJDqJU.roa (raw, json)
Hash identifier: fjUlbvBAKhBUP/D9Ek4y11d1my+U+iMN6Jw019FlEWU=
Subject key identifier: DF:08:06:53:1D:65:0D:C6:AB:03:FE:9E:13:CE:A1:69:92:43:A8:95
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0AEB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/3wgGUx1lDcarA_6eE86haZJDqJU.roa
Signing time: Thu 15 Sep 2022 02:49:25 +0000
ROA not before: Thu 15 Sep 2022 02:49:25 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 61.57.152.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2795 (0xaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 15 02:49:25 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DF0806531D650DC6AB03FE9E13CEA1699243A895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3e:1c:5c:62:b5:b1:3f:d0:b9:f6:66:82:02:
25:f1:0c:fe:1a:39:66:c8:65:7d:0b:db:f4:18:41:
83:23:03:82:28:61:f6:13:83:1e:4c:36:61:05:ad:
44:cf:ee:46:ce:8b:8b:f6:a4:e4:d0:5e:fb:b2:ed:
57:29:28:84:00:7b:d9:71:01:11:39:6f:63:65:74:
e5:80:b2:6c:3f:6f:37:fb:cd:af:d0:94:ad:20:b3:
0d:a7:9d:1b:06:2b:3f:03:ba:e9:f9:88:89:41:0b:
6a:20:30:59:2b:a9:92:47:f7:61:13:43:52:d6:0f:
57:4e:40:ce:0d:07:d2:72:ed:38:cd:85:df:63:b5:
e5:9d:fb:3b:2a:fd:a2:c6:bd:7f:ac:d1:65:3c:b3:
6b:15:e1:19:76:f9:7e:b2:ee:9c:cc:bb:83:de:5e:
02:05:41:49:f6:54:b8:ea:10:2a:12:50:d0:11:21:
ad:d6:12:64:b6:43:cb:43:74:61:81:de:a8:44:15:
72:4e:3a:22:dd:69:a7:7b:de:34:df:ce:be:5a:ef:
e0:84:c4:32:3d:e0:eb:d9:40:aa:db:a4:17:8f:95:
20:2d:bf:5a:51:da:ab:0d:d3:b5:8e:9a:3d:bc:75:
af:ab:9c:e9:a5:f8:e3:8d:b7:97:21:ac:59:9f:2d:
a3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:08:06:53:1D:65:0D:C6:AB:03:FE:9E:13:CE:A1:69:92:43:A8:95
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/3wgGUx1lDcarA_6eE86haZJDqJU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.152.0/21
Signature Algorithm: sha256WithRSAEncryption
90:3e:2c:6e:c6:96:93:16:8a:62:ad:10:30:76:98:45:ab:47:
f7:ce:52:62:63:e0:ac:c9:90:1b:5e:65:9a:18:62:4e:55:56:
a0:6f:22:ff:26:57:50:d8:ea:62:6f:fa:a4:4f:16:5a:09:c2:
77:26:14:63:2d:1f:c9:cc:5b:3a:2c:fd:b9:be:d1:ea:31:58:
b8:d8:bf:68:f4:27:e5:99:4b:fd:2a:53:40:ba:92:d3:f7:c0:
d7:4b:71:ef:87:60:f8:06:f8:c0:7f:90:06:78:8f:bd:69:1e:
59:ef:c8:9a:79:f6:04:1d:14:25:63:8d:97:04:15:ad:05:05:
48:56:95:2b:a4:36:b1:e1:fc:b1:93:5c:18:75:c8:dd:b2:db:
08:1c:74:c7:a0:ad:c6:00:99:4f:16:8a:12:cb:b1:c5:d7:9c:
ad:9f:e4:26:d9:82:6b:da:39:74:cc:b2:f1:48:24:4a:e1:97:
63:6c:bd:a5:9f:51:ef:fe:cf:e9:57:e9:e5:bd:16:84:b3:cb:
16:a3:96:b5:6f:7c:cc:63:29:e7:06:e4:b7:c9:3b:56:3e:a3:
ed:ca:00:23:23:8b:34:80:25:bd:6e:a9:2c:17:c1:12:60:6e:
8b:a4:36:d1:49:90:f1:1e:67:28:4a:12:99:f2:d9:3b:70:25:
01:41:ec:d6
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA5MTUw
MjQ5MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERGMDgwNjUzMUQ2NTBE
QzZBQjAzRkU5RTEzQ0VBMTY5OTI0M0E4OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlPhxcYrWxP9C59maCAiXxDP4aOWbIZX0L2/QYQYMjA4IoYfYT
gx5MNmEFrUTP7kbOi4v2pOTQXvuy7VcpKIQAe9lxARE5b2NldOWAsmw/bzf7za/Q
lK0gsw2nnRsGKz8Duun5iIlBC2ogMFkrqZJH92ETQ1LWD1dOQM4NB9Jy7TjNhd9j
teWd+zsq/aLGvX+s0WU8s2sV4Rl2+X6y7pzMu4PeXgIFQUn2VLjqECoSUNARIa3W
EmS2Q8tDdGGB3qhEFXJOOiLdaad73jTfzr5a7+CExDI94OvZQKrbpBePlSAtv1pR
2qsN07WOmj28da+rnOml+OONt5chrFmfLaPTAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3wgGUx1lDcarA/6eE86haZJDqJUwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8zd2dHVXgxbERjYXJBXzZlRTg2
aGFaSkRxSlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmY
MA0GCSqGSIb3DQEBCwUAA4IBAQCQPixuxpaTFopirRAwdphFq0f3zlJiY+CsyZAb
XmWaGGJOVVagbyL/JldQ2Opib/qkTxZaCcJ3JhRjLR/JzFs6LP25vtHqMVi42L9o
9CflmUv9KlNAupLT98DXS3Hvh2D4BvjAf5AGeI+9aR5Z78iaefYEHRQlY42XBBWt
BQVIVpUrpDax4fyxk1wYdcjdstsIHHTHoK3GAJlPFooSy7HF15ytn+Qm2YJr2jl0
zLLxSCRK4ZdjbL2ln1Hv/s/pV+nlvRaEs8sWo5a1b3zMYynnBuS3yTtWPqPtygAj
I4s0gCW9bqksF8ESYG6LpDbRSZDxHmcoShKZ8tk7cCUBQezW
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org