Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/8xDZ5CA_XS1_B_XvaBEsdZ8dc2Y.roa
File: 8xDZ5CA_XS1_B_XvaBEsdZ8dc2Y.roa (raw, json)
Hash identifier: XYHp7jryCvzbLn9RhhRsvuG3BC/tOVihwWv4Qq2A0+I=
Subject key identifier: F3:10:D9:E4:20:3F:5D:2D:7F:07:F5:EF:68:11:2C:75:9F:1D:73:66
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09D2
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/8xDZ5CA_XS1_B_XvaBEsdZ8dc2Y.roa
Signing time: Wed 29 Sep 2021 02:52:02 +0000
ROA not before: Wed 29 Sep 2021 02:52:02 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 27.147.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2514 (0x9d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:02 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=F310D9E4203F5D2D7F07F5EF68112C759F1D7366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:71:c8:20:07:79:ff:4c:c1:b7:97:17:95:38:
49:91:e5:c4:24:ce:6e:ff:0b:e4:79:9a:c3:61:d9:
f8:38:a5:ee:96:0a:1b:1c:90:be:d1:36:17:73:ba:
19:4a:3a:32:ef:e0:aa:3e:d4:b7:61:58:03:91:2c:
48:6e:b1:59:59:8f:f5:46:9e:fc:22:d6:83:9f:18:
c1:ed:32:96:58:00:fc:62:bc:aa:f1:c7:bf:56:42:
57:a3:28:37:41:e6:6b:eb:c9:05:b1:ec:4e:15:db:
3f:d9:e6:47:8d:07:1b:1e:e7:9e:4f:c2:33:43:ce:
35:a2:98:b1:7f:fe:8e:cb:86:c8:ff:09:3e:73:43:
82:a2:9a:a0:a7:92:cb:0c:46:51:55:9e:2c:e3:8c:
5c:e9:9c:7e:89:cf:db:5e:16:43:50:64:8d:f9:1b:
6b:fe:5f:a7:87:8b:fd:ec:0a:47:d5:e8:fe:35:9c:
8c:41:23:4d:5a:9c:a9:8f:56:55:9f:57:af:bd:f2:
86:5a:85:7c:e7:81:0c:6d:9d:ee:80:3d:3d:a0:4e:
c7:e1:ef:02:33:50:0c:22:d7:43:ef:f2:1f:39:72:
72:c9:3e:8b:92:b7:d8:8e:28:85:9c:09:3e:8e:db:
29:4b:16:a0:7e:00:d4:68:3c:32:de:ad:00:e3:98:
25:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:10:D9:E4:20:3F:5D:2D:7F:07:F5:EF:68:11:2C:75:9F:1D:73:66
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/8xDZ5CA_XS1_B_XvaBEsdZ8dc2Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.56.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:f5:5e:83:3e:08:f4:be:8e:ea:7f:fd:8e:5f:cf:da:e2:3b:
d7:e5:3e:31:fe:e3:24:17:01:1d:81:6d:38:55:18:c0:0e:5a:
aa:f8:fe:53:9d:eb:5d:c8:e5:8b:d2:15:3a:02:23:f8:36:3d:
40:1a:06:6f:67:20:6c:e5:96:88:4c:49:18:a9:ef:66:50:8e:
a3:cf:08:e9:93:46:a3:69:45:9b:0c:fd:a5:87:db:68:50:f8:
af:28:bd:37:c6:03:c2:9a:94:91:ce:f5:28:11:cf:aa:ae:04:
df:df:24:07:c5:55:0a:d7:d9:f1:f4:2e:05:9c:f8:a9:03:20:
a2:30:ce:bb:76:b6:fb:11:ce:9c:6b:69:97:f6:1e:44:d6:89:
85:a1:0f:dc:65:b8:36:54:20:83:cd:6a:33:0f:44:3f:28:d5:
25:9d:d7:ca:68:a6:b1:e7:63:ec:6c:1f:53:fe:44:6d:59:18:
a6:43:3a:33:1a:1a:ce:ba:f3:ed:9c:cc:4b:01:3b:f1:a2:45:
11:64:c2:50:90:9a:cc:c4:f5:58:7c:e5:4a:3b:05:60:44:c8:
43:5e:b5:3f:86:08:0c:22:53:d5:73:a7:40:f4:e9:df:3f:27:
17:43:07:59:7b:91:c5:25:a6:03:bf:1c:75:4c:9d:b1:7a:74:
b7:b1:0a:59
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEYzMTBEOUU0MjAzRjVE
MkQ3RjA3RjVFRjY4MTEyQzc1OUYxRDczNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD9ccggB3n/TMG3lxeVOEmR5cQkzm7/C+R5msNh2fg4pe6WChsc
kL7RNhdzuhlKOjLv4Ko+1LdhWAORLEhusVlZj/VGnvwi1oOfGMHtMpZYAPxivKrx
x79WQlejKDdB5mvryQWx7E4V2z/Z5keNBxse555PwjNDzjWimLF//o7Lhsj/CT5z
Q4KimqCnkssMRlFVnizjjFzpnH6Jz9teFkNQZI35G2v+X6eHi/3sCkfV6P41nIxB
I01anKmPVlWfV6+98oZahXzngQxtne6APT2gTsfh7wIzUAwi10Pv8h85cnLJPouS
t9iOKIWcCT6O2ylLFqB+ANRoPDLerQDjmCURAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU8xDZ5CA/XS1/B/XvaBEsdZ8dc2YwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC84eERaNUNBX1hTMV9CX1h2YUJF
c2RaOGRjMlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5M4
MA0GCSqGSIb3DQEBCwUAA4IBAQCK9V6DPgj0vo7qf/2OX8/a4jvX5T4x/uMkFwEd
gW04VRjADlqq+P5TnetdyOWL0hU6AiP4Nj1AGgZvZyBs5ZaITEkYqe9mUI6jzwjp
k0ajaUWbDP2lh9toUPivKL03xgPCmpSRzvUoEc+qrgTf3yQHxVUK19nx9C4FnPip
AyCiMM67drb7Ec6ca2mX9h5E1omFoQ/cZbg2VCCDzWozD0Q/KNUlndfKaKax52Ps
bB9T/kRtWRimQzozGhrOuvPtnMxLATvxokURZMJQkJrMxPVYfOVKOwVgRMhDXrU/
hggMIlPVc6dA9OnfPycXQwdZe5HFJaYDvxx1TJ2xenS3sQpZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org