Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/5v04KUfCI9DSL_FMgWYMK4RXG5s.roa
File: 5v04KUfCI9DSL_FMgWYMK4RXG5s.roa (raw, json)
Hash identifier: Dev9hutrUj6nhvYfZkD1T59AYyoGPdWFZQN2P9GBfQw=
Subject key identifier: E6:FD:38:29:47:C2:23:D0:D2:2F:F1:4C:81:66:0C:2B:84:57:1B:9B
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0AEB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/5v04KUfCI9DSL_FMgWYMK4RXG5s.roa
Signing time: Thu 15 Sep 2022 02:49:28 +0000
ROA not before: Thu 15 Sep 2022 02:49:28 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 61.57.128.0/21 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2795 (0xaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 15 02:49:28 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E6FD382947C223D0D22FF14C81660C2B84571B9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:f7:6c:05:5a:1c:ef:75:17:40:1b:91:2f:
b1:e1:67:7f:c8:f6:1b:e0:44:2f:65:86:8c:38:7d:
d2:8d:a7:63:b6:a9:5d:bf:aa:2b:ab:ea:ff:1a:5f:
37:a5:87:27:4c:da:c3:b2:ab:34:6b:3a:d1:f0:60:
f7:23:ab:7a:a8:9d:05:42:b7:ce:ae:5b:ae:07:35:
1b:af:23:46:c9:08:e6:97:71:13:20:29:75:15:a1:
22:53:cc:32:f2:50:d1:7e:8b:b5:f6:30:e4:48:aa:
d1:44:26:ce:80:ef:2f:ed:9b:db:77:bd:07:d3:ab:
ca:fd:f8:23:6f:09:ba:37:09:22:d1:f3:3c:66:d4:
03:e7:db:1e:91:f1:1a:8d:c4:d8:a4:98:cb:f9:af:
47:fe:ba:52:80:fd:96:27:79:d9:69:fb:ea:43:ec:
4b:f1:08:bc:a7:49:cc:4b:38:82:6b:ec:b3:41:3a:
96:98:4d:c5:77:38:51:ea:d7:d4:a2:1c:d9:ae:cd:
7c:5c:0c:07:f3:46:06:2d:4e:16:96:c1:71:f3:6c:
f4:e4:28:5e:f4:e1:25:b0:4f:d5:21:08:da:5c:a8:
66:1e:72:ed:6d:ee:51:ee:05:ba:79:d2:e3:4d:dc:
d4:52:be:a5:eb:d7:7d:b1:8e:ea:03:fc:1b:f5:8e:
54:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:FD:38:29:47:C2:23:D0:D2:2F:F1:4C:81:66:0C:2B:84:57:1B:9B
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/5v04KUfCI9DSL_FMgWYMK4RXG5s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.128.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:ca:c4:9a:57:ff:b6:ac:71:19:5a:cc:e3:57:09:59:df:e4:
04:58:3f:86:a9:08:3c:27:80:e8:18:a1:f8:60:2b:c8:5c:3a:
4c:e1:7b:24:8c:6a:8e:c7:1c:0b:da:ce:e2:7d:b4:86:57:22:
ad:8b:0e:6c:02:7c:7b:16:b3:c4:d1:d2:57:02:44:d0:2c:cb:
02:0f:91:8b:69:ba:d6:fb:0c:d1:d0:52:d4:e3:95:5d:2d:92:
66:21:be:ee:d3:9b:15:06:87:f4:e8:1b:8a:c8:5b:13:10:27:
10:a7:15:b5:7f:14:c2:e5:54:bd:42:48:0a:63:9e:53:12:a1:
b7:5c:cb:88:e5:69:68:ef:a2:63:03:ca:4d:84:6b:b4:50:5d:
db:1c:d8:02:51:05:90:36:b7:f7:9d:bf:30:7a:17:58:4f:ba:
84:a5:7e:fe:2b:6a:a9:83:a9:38:e1:eb:7e:e2:5f:e5:a4:ae:
c6:d5:3f:dc:58:39:32:91:83:91:5d:a9:e1:b3:4e:40:f3:dd:
53:39:dc:af:62:a4:f8:04:fd:03:f3:82:24:82:1e:75:f4:92:
7a:7b:14:f8:d8:7f:2f:9c:8e:14:0c:b6:93:77:51:cf:ee:f0:
e2:56:69:07:95:1e:95:d8:fd:70:43:f5:95:5a:cf:a4:aa:f8:
eb:bd:c3:20
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA5MTUw
MjQ5MjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEU2RkQzODI5NDdDMjIz
RDBEMjJGRjE0QzgxNjYwQzJCODQ1NzFCOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf5PdsBVoc73UXQBuRL7HhZ3/I9hvgRC9lhow4fdKNp2O2qV2/
qiur6v8aXzelhydM2sOyqzRrOtHwYPcjq3qonQVCt86uW64HNRuvI0bJCOaXcRMg
KXUVoSJTzDLyUNF+i7X2MORIqtFEJs6A7y/tm9t3vQfTq8r9+CNvCbo3CSLR8zxm
1APn2x6R8RqNxNikmMv5r0f+ulKA/ZYnedlp++pD7EvxCLynScxLOIJr7LNBOpaY
TcV3OFHq19SiHNmuzXxcDAfzRgYtThaWwXHzbPTkKF704SWwT9UhCNpcqGYecu1t
7lHuBbp50uNN3NRSvqXr132xjuoD/Bv1jlRvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU5v04KUfCI9DSL/FMgWYMK4RXG5swHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC81djA0S1VmQ0k5RFNMX0ZNZ1dZ
TUs0UlhHNXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAPysSaV/+2rHEZWszjVwlZ3+QEWD+GqQg8J4Do
GKH4YCvIXDpM4XskjGqOxxwL2s7ifbSGVyKtiw5sAnx7FrPE0dJXAkTQLMsCD5GL
abrW+wzR0FLU45VdLZJmIb7u05sVBof06BuKyFsTECcQpxW1fxTC5VS9QkgKY55T
EqG3XMuI5Wlo76JjA8pNhGu0UF3bHNgCUQWQNrf3nb8wehdYT7qEpX7+K2qpg6k4
4et+4l/lpK7G1T/cWDkykYORXanhs05A891TOdyvYqT4BP0D84Ikgh519JJ6exT4
2H8vnI4UDLaTd1HP7vDiVmkHlR6V2P1wQ/WVWs+kqvjrvcMg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org