Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/5zIQssXfMH4ehrVampDmdRqfBlE.roa
File: 5zIQssXfMH4ehrVampDmdRqfBlE.roa (raw, json)
Hash identifier: JCpg/v73TEP08NpaS3Hk2JDQ5MN0OAAXHvXuqeIJCnM=
Subject key identifier: E7:32:10:B2:C5:DF:30:7E:1E:86:B5:5A:9A:90:E6:75:1A:9F:06:51
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0AEB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/5zIQssXfMH4ehrVampDmdRqfBlE.roa
Signing time: Thu 15 Sep 2022 02:49:31 +0000
ROA not before: Thu 15 Sep 2022 02:49:31 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 61.57.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2795 (0xaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 15 02:49:31 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E73210B2C5DF307E1E86B55A9A90E6751A9F0651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d4:6b:6a:19:12:c9:41:d8:4d:0d:a6:dc:c1:
b7:a9:7b:03:d4:98:70:3a:79:3e:23:03:1c:df:99:
ce:09:9e:f3:af:cd:7c:96:68:98:ed:ad:64:d5:66:
39:99:c9:97:2f:8f:fc:e0:5a:a5:fc:dd:11:fc:be:
3c:9c:4c:0d:38:06:25:a6:70:00:0c:b8:32:ce:7d:
0b:9d:24:55:5c:d7:17:ea:a5:09:cc:f2:94:2a:e2:
81:0b:ee:90:fb:22:39:fe:94:c7:6b:c2:c1:7a:b3:
6d:fb:62:4e:41:c2:7d:61:8f:fc:37:91:3b:52:bd:
94:17:ba:69:55:a3:c1:a9:16:1b:49:10:62:fa:b2:
48:73:26:83:0f:04:24:0f:80:f4:ab:47:0d:bb:23:
0d:db:cc:f9:f0:8c:aa:7f:61:f8:13:ad:ab:cf:7b:
de:d3:34:13:2e:c8:1a:e1:43:69:72:51:45:af:6d:
a1:2a:d8:ab:48:08:4c:18:11:79:2c:35:fe:68:11:
85:d3:47:13:f2:5b:38:50:4a:18:8e:b9:6e:e7:f3:
db:2c:c7:88:1c:6f:bd:bd:d9:58:9e:50:88:10:f5:
d4:55:f6:ec:12:95:24:96:c6:a5:38:a5:6e:b4:07:
fd:b0:86:b7:ac:1d:54:58:62:59:4c:df:e4:7a:0e:
f6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:32:10:B2:C5:DF:30:7E:1E:86:B5:5A:9A:90:E6:75:1A:9F:06:51
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/5zIQssXfMH4ehrVampDmdRqfBlE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.152.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:78:29:32:0c:c0:9e:40:96:cc:1b:36:60:d4:21:d6:0d:35:
4e:62:49:7a:f3:b1:33:19:4c:7a:34:ac:0a:78:f3:cc:9d:91:
c8:2f:1d:96:8d:15:3a:6b:72:9e:bf:8d:0c:c8:e2:1f:54:82:
da:76:4c:69:c5:80:53:cb:df:38:32:73:53:ae:6a:87:80:b8:
3c:ae:cd:d7:d1:16:cc:3b:5a:82:d2:c9:76:68:ad:c3:77:5b:
87:69:ec:a0:64:e5:1e:b2:b0:68:b4:9d:f1:2c:3b:9b:80:02:
2d:49:73:5d:ae:5e:69:12:e2:a0:f4:2a:a5:4e:e3:96:00:94:
17:af:50:75:cd:0a:4e:02:46:ea:36:ea:53:e3:5a:f7:cb:a3:
04:61:e1:05:c7:a0:a5:a6:71:c9:d3:c1:e9:24:2d:74:02:81:
2e:d4:0b:0d:9d:ed:c0:22:85:71:16:fb:c1:b0:97:31:51:bc:
f7:06:c2:fa:08:51:3f:31:93:fe:86:70:c9:5b:bd:a2:d3:40:
ce:49:b4:e5:bf:4b:0a:bc:20:5e:2f:a1:24:f1:0c:cf:a0:58:
38:12:ed:01:b2:2f:8d:8d:7d:92:00:8e:92:31:4f:7d:c1:40:
fe:43:a9:dc:cb:53:93:11:b7:51:03:7e:fe:b3:89:1a:a4:8b:
7a:32:e7:ca
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA5MTUw
MjQ5MzFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEU3MzIxMEIyQzVERjMw
N0UxRTg2QjU1QTlBOTBFNjc1MUE5RjA2NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH1GtqGRLJQdhNDabcwbepewPUmHA6eT4jAxzfmc4JnvOvzXyW
aJjtrWTVZjmZyZcvj/zgWqX83RH8vjycTA04BiWmcAAMuDLOfQudJFVc1xfqpQnM
8pQq4oEL7pD7Ijn+lMdrwsF6s237Yk5Bwn1hj/w3kTtSvZQXumlVo8GpFhtJEGL6
skhzJoMPBCQPgPSrRw27Iw3bzPnwjKp/YfgTravPe97TNBMuyBrhQ2lyUUWvbaEq
2KtICEwYEXksNf5oEYXTRxPyWzhQShiOuW7n89ssx4gcb7292VieUIgQ9dRV9uwS
lSSWxqU4pW60B/2whresHVRYYllM3+R6Dva3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU5zIQssXfMH4ehrVampDmdRqfBlEwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC81eklRc3NYZk1INGVoclZhbXBE
bWRScWZCbEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPTmY
MA0GCSqGSIb3DQEBCwUAA4IBAQBbeCkyDMCeQJbMGzZg1CHWDTVOYkl687EzGUx6
NKwKePPMnZHILx2WjRU6a3Kev40MyOIfVILadkxpxYBTy984MnNTrmqHgLg8rs3X
0RbMO1qC0sl2aK3Dd1uHaeygZOUesrBotJ3xLDubgAItSXNdrl5pEuKg9CqlTuOW
AJQXr1B1zQpOAkbqNupT41r3y6MEYeEFx6ClpnHJ08HpJC10AoEu1AsNne3AIoVx
FvvBsJcxUbz3BsL6CFE/MZP+hnDJW72i00DOSbTlv0sKvCBeL6Ek8QzPoFg4Eu0B
si+NjX2SAI6SMU99wUD+Q6ncy1OTEbdRA37+s4kapIt6MufK
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org