Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/8znMl8FjApD0rLpUihGL4_h9uns.roa
File: 8znMl8FjApD0rLpUihGL4_h9uns.roa (raw, json)
Hash identifier: Vy9T7TusAUmgUChoDR1a/GVZF0xahbRzI2H+YlSXNEM=
Subject key identifier: F3:39:CC:97:C1:63:02:90:F4:AC:BA:54:8A:11:8B:E3:F8:7D:BA:7B
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09E3
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/8znMl8FjApD0rLpUihGL4_h9uns.roa
Signing time: Wed 29 Sep 2021 02:52:06 +0000
ROA not before: Wed 29 Sep 2021 02:52:06 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 124.155.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2531 (0x9e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:06 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=F339CC97C1630290F4ACBA548A118BE3F87DBA7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e4:28:31:7f:d3:89:08:01:5f:d0:e9:c1:8e:
1e:20:cb:e6:7a:5c:52:ec:c6:13:8b:08:c5:79:41:
d9:19:10:0a:33:d3:0f:76:40:ed:3c:1c:fc:f2:77:
d7:53:86:e3:e0:81:1d:7a:48:2c:65:e5:70:cd:5a:
ed:33:f2:f5:3b:9c:03:3c:48:9e:71:ac:d8:49:df:
aa:a0:38:34:e4:9b:29:61:d3:f2:4d:14:15:3b:63:
46:ec:ba:0a:44:25:e1:e8:f6:1f:a5:2d:36:02:3c:
a8:73:0b:59:26:6c:f1:9c:2f:bc:65:ef:6c:74:fc:
b8:5f:ca:1c:87:97:fb:76:03:ef:f3:24:ff:11:5e:
4a:6e:94:28:ed:27:0c:5c:3e:c8:38:02:8c:7f:f1:
1e:30:7d:90:ad:f3:6c:e6:b8:9e:43:45:9b:2b:b5:
ac:a9:ad:3e:6c:8c:e7:e9:b8:8b:d3:c4:d2:be:72:
02:60:1a:22:c7:64:94:83:da:e7:4c:99:7c:58:d0:
42:e7:6b:fe:15:19:3f:72:41:92:0c:99:1d:41:b2:
b4:5b:ff:c6:50:5f:6a:fd:4b:1c:95:31:85:61:fa:
78:04:21:18:05:81:75:18:80:a5:47:f5:0d:83:b1:
88:c8:65:09:a3:cf:0c:5c:d0:31:97:0b:49:10:38:
c2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:39:CC:97:C1:63:02:90:F4:AC:BA:54:8A:11:8B:E3:F8:7D:BA:7B
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/8znMl8FjApD0rLpUihGL4_h9uns.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.176.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:ca:71:f4:d8:3b:26:53:13:b9:a6:05:46:3c:38:d7:6b:5d:
37:55:2e:23:eb:f6:ed:a0:b4:3e:31:46:bc:11:f1:b1:ec:3b:
3b:75:61:ac:48:8e:62:6c:d9:67:48:36:29:fe:8c:37:86:98:
69:85:fc:83:0f:78:2f:d0:89:9a:22:b0:c0:43:e6:09:83:e3:
87:d6:7b:eb:d7:9c:57:eb:58:0f:59:37:98:b8:51:59:01:da:
ed:09:83:29:dc:8c:0f:a1:92:d4:f7:08:e5:bc:57:32:78:3d:
b1:0c:06:13:67:7c:04:ac:00:29:6e:df:d6:26:83:03:dc:ec:
72:48:a0:48:0f:ba:35:3f:d5:0e:80:97:7b:83:85:b3:00:90:
19:fc:5a:5d:ee:38:0a:5c:d6:59:99:7b:64:95:02:6b:ca:50:
a7:79:7a:64:37:58:34:ac:0a:16:df:cb:ce:52:76:39:57:02:
63:95:51:2c:b7:a3:38:ce:2b:4e:8d:69:3a:ce:1a:64:e6:54:
a5:5b:26:af:3c:ec:3d:ab:24:7f:a7:dd:b8:1c:b2:ab:b8:22:
90:ba:78:ad:01:6a:6d:f4:ad:83:ac:f5:05:9d:d3:b6:07:20:
7e:90:ec:40:6d:3d:e6:80:73:de:06:eb:6f:b1:5c:67:8f:d9:
9f:b6:ff:4f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEYzMzlDQzk3QzE2MzAy
OTBGNEFDQkE1NDhBMTE4QkUzRjg3REJBN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc5Cgxf9OJCAFf0OnBjh4gy+Z6XFLsxhOLCMV5QdkZEAoz0w92
QO08HPzyd9dThuPggR16SCxl5XDNWu0z8vU7nAM8SJ5xrNhJ36qgODTkmylh0/JN
FBU7Y0bsugpEJeHo9h+lLTYCPKhzC1kmbPGcL7xl72x0/LhfyhyHl/t2A+/zJP8R
XkpulCjtJwxcPsg4Aox/8R4wfZCt82zmuJ5DRZsrtayprT5sjOfpuIvTxNK+cgJg
GiLHZJSD2udMmXxY0ELna/4VGT9yQZIMmR1BsrRb/8ZQX2r9SxyVMYVh+ngEIRgF
gXUYgKVH9Q2DsYjIZQmjzwxc0DGXC0kQOMJ9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU8znMl8FjApD0rLpUihGL4/h9unswHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC84em5NbDhGakFwRDByTHBVaWhH
TDRfaDl1bnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJuw
MA0GCSqGSIb3DQEBCwUAA4IBAQBcynH02DsmUxO5pgVGPDjXa103VS4j6/btoLQ+
MUa8EfGx7Ds7dWGsSI5ibNlnSDYp/ow3hphphfyDD3gv0ImaIrDAQ+YJg+OH1nvr
15xX61gPWTeYuFFZAdrtCYMp3IwPoZLU9wjlvFcyeD2xDAYTZ3wErAApbt/WJoMD
3OxySKBID7o1P9UOgJd7g4WzAJAZ/Fpd7jgKXNZZmXtklQJrylCneXpkN1g0rAoW
38vOUnY5VwJjlVEst6M4zitOjWk6zhpk5lSlWyavPOw9qyR/p924HLKruCKQunit
AWpt9K2DrPUFndO2ByB+kOxAbT3mgHPeButvsVxnj9mftv9P
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:33:45 2025 by rpki-client