Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/BoQVMS3qcMcT2IIUeHKlv9tEzfg.roa
File: BoQVMS3qcMcT2IIUeHKlv9tEzfg.roa (raw, json)
Hash identifier: AOKLFXwSzMpkrmYwKXnVMBFuF488PBnlwBrt7ZKPQ7M=
Subject key identifier: 06:84:15:31:2D:EA:70:C7:13:D8:82:14:78:72:A5:BF:DB:44:CD:F8
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0A84
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/BoQVMS3qcMcT2IIUeHKlv9tEzfg.roa
Signing time: Wed 04 May 2022 03:14:48 +0000
ROA not before: Wed 04 May 2022 03:14:48 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 27.147.16.0/21 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2692 (0xa84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: May 4 03:14:48 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=068415312DEA70C713D882147872A5BFDB44CDF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:26:56:a0:51:0b:75:2a:16:57:3d:1a:77:01:
e7:ad:23:f7:cb:15:72:51:6b:83:3b:4e:8d:b1:76:
bd:b3:25:20:ed:a1:6e:8b:18:4c:3c:72:72:86:fd:
6f:bc:64:6d:42:00:46:5a:14:4e:b1:37:9f:ad:81:
48:96:3f:1c:a7:26:b2:7b:c1:a7:72:dd:c6:ab:01:
4a:a7:ec:b4:21:cc:b1:20:9c:91:7c:79:15:58:24:
60:08:9c:7c:d2:cf:c4:fe:74:ce:bf:33:a1:47:df:
ef:b8:6c:80:95:c4:d9:cd:c5:91:06:65:93:5f:f3:
60:88:20:00:60:e6:da:dd:8a:ed:70:a0:a0:54:e1:
e5:2b:53:e4:a4:d2:4f:e7:c5:f2:fa:b0:d5:61:36:
8b:e4:d0:bd:0f:62:ec:5d:96:f8:3e:dd:b5:65:80:
7b:40:f3:f7:c6:1b:f9:dc:48:10:4c:32:67:e9:b7:
cf:33:eb:80:f1:3f:45:47:f1:6a:aa:e8:0f:31:64:
57:b2:9d:dd:27:cc:60:f2:0b:61:0a:a3:3a:94:25:
32:70:5e:ba:08:30:72:c4:a4:02:08:ae:99:ec:5a:
c7:f3:27:56:5f:6a:ce:fa:ba:d9:bd:f2:45:15:45:
e4:d8:6e:7e:5e:4c:21:27:37:c8:4c:6f:64:5a:f2:
23:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:84:15:31:2D:EA:70:C7:13:D8:82:14:78:72:A5:BF:DB:44:CD:F8
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/BoQVMS3qcMcT2IIUeHKlv9tEzfg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.16.0/21
Signature Algorithm: sha256WithRSAEncryption
a2:50:4b:3c:78:10:c8:89:df:ed:13:5d:be:9f:c3:c8:50:04:
5c:80:f6:59:5b:f2:2f:ab:24:1f:fe:64:20:43:51:7c:ca:c4:
47:1e:05:ac:87:f8:4e:5c:06:59:41:f1:92:f8:7b:cb:09:5d:
4e:a8:4c:5c:b7:4d:47:36:2a:83:77:93:60:e5:d5:ee:43:e7:
cf:e3:c4:ee:8a:9d:e0:fb:62:84:7f:3d:1e:8e:8e:82:06:57:
2d:53:83:de:b9:46:73:43:36:7c:4d:b0:a7:c4:6e:81:c1:e3:
e6:02:d8:30:90:a0:cc:2e:a8:06:a3:83:8a:b9:4f:0b:c6:2c:
25:9f:79:6b:0f:51:b9:17:15:99:9a:46:5c:97:dd:ec:75:32:
7f:2b:a9:33:9c:db:8c:09:02:54:03:10:32:94:b0:9f:16:e1:
9c:96:3b:64:c0:7d:56:3e:56:ea:32:f3:fb:cc:a4:cf:4c:92:
c0:97:a9:48:4f:a8:6f:2c:3b:71:b8:df:93:ff:01:8d:6c:d4:
58:43:6b:96:c5:82:2d:42:f9:0f:78:83:67:66:6f:19:b5:84:
6c:0f:8c:6a:25:c1:bd:d9:e5:6a:16:61:48:09:cf:29:a9:26:
b3:c3:85:f0:f1:1c:55:28:64:57:b8:d1:f2:41:dd:54:97:e6:
ba:19:ce:59
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA1MDQw
MzE0NDhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA2ODQxNTMxMkRFQTcw
QzcxM0Q4ODIxNDc4NzJBNUJGREI0NENERjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQJlagUQt1KhZXPRp3AeetI/fLFXJRa4M7To2xdr2zJSDtoW6L
GEw8cnKG/W+8ZG1CAEZaFE6xN5+tgUiWPxynJrJ7wady3carAUqn7LQhzLEgnJF8
eRVYJGAInHzSz8T+dM6/M6FH3++4bICVxNnNxZEGZZNf82CIIABg5trdiu1woKBU
4eUrU+Sk0k/nxfL6sNVhNovk0L0PYuxdlvg+3bVlgHtA8/fGG/ncSBBMMmfpt88z
64DxP0VH8Wqq6A8xZFeynd0nzGDyC2EKozqUJTJwXroIMHLEpAIIrpnsWsfzJ1Zf
as76utm98kUVReTYbn5eTCEnN8hMb2Ra8iMDAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUBoQVMS3qcMcT2IIUeHKlv9tEzfgwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9Cb1FWTVMzcWNNY1QySUlVZUhL
bHY5dEV6Zmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCiUEs8eBDIid/tE12+n8PIUARcgPZZW/IvqyQf
/mQgQ1F8ysRHHgWsh/hOXAZZQfGS+HvLCV1OqExct01HNiqDd5Ng5dXuQ+fP48Tu
ip3g+2KEfz0ejo6CBlctU4PeuUZzQzZ8TbCnxG6BwePmAtgwkKDMLqgGo4OKuU8L
xiwln3lrD1G5FxWZmkZcl93sdTJ/K6kznNuMCQJUAxAylLCfFuGcljtkwH1WPlbq
MvP7zKTPTJLAl6lIT6hvLDtxuN+T/wGNbNRYQ2uWxYItQvkPeINnZm8ZtYRsD4xq
JcG92eVqFmFICc8pqSazw4Xw8RxVKGRXuNHyQd1Ul+a6Gc5Z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:57 2023 by rpki-client on console-fra.rpki-client.org