Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/CNIBMC_j6Zs7aQyTBnlQK5vEv5k.roa
File: CNIBMC_j6Zs7aQyTBnlQK5vEv5k.roa (raw, json)
Hash identifier: 2w9H2LN98haMNMUquOh8Vu2vujejqjcxRrM0JpYdj9E=
Subject key identifier: 08:D2:01:30:2F:E3:E9:9B:3B:69:0C:93:06:79:50:2B:9B:C4:BF:99
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09CB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/CNIBMC_j6Zs7aQyTBnlQK5vEv5k.roa
Signing time: Wed 29 Sep 2021 02:52:00 +0000
ROA not before: Wed 29 Sep 2021 02:52:00 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 27.147.8.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2507 (0x9cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:00 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=08D201302FE3E99B3B690C930679502B9BC4BF99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:6f:89:1d:97:9c:e1:9d:4c:f9:98:b9:ed:
a7:9c:a2:90:08:72:d0:79:02:2d:dd:93:f1:8e:cf:
f4:33:77:b6:a9:26:11:8b:33:05:5c:4a:9d:b3:2a:
b6:f0:1f:39:38:bb:a4:7f:67:86:33:84:99:49:ee:
4d:af:68:87:4b:cb:4b:7f:d2:09:55:92:36:89:81:
61:31:11:9e:3e:9b:a1:69:ac:ac:99:92:34:99:88:
5b:25:18:89:63:af:6f:b7:9d:2e:37:af:de:fd:d6:
f7:58:24:2e:11:75:5e:c5:12:05:4b:16:aa:01:44:
1a:65:d1:b5:9c:a8:92:7a:11:e9:21:27:9b:be:d7:
98:17:31:57:90:1e:98:00:b2:94:56:91:d8:88:39:
2b:28:c4:86:53:c9:72:90:75:b6:3f:fb:2b:f6:73:
b0:8f:68:f3:39:b9:a2:a2:71:0b:c5:7a:f4:89:4a:
b5:0a:d8:02:49:d8:14:3d:7e:fc:25:dc:b6:89:f1:
23:6e:d2:e8:80:c7:8e:db:0a:69:bb:26:00:47:72:
e8:72:11:f1:34:0b:53:cb:4d:4f:02:7b:7b:de:2d:
48:13:ca:c3:8f:38:94:d2:d5:4c:e7:de:55:4d:36:
ca:7e:3e:23:bc:c0:02:45:fa:74:5d:f0:50:4a:aa:
4a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D2:01:30:2F:E3:E9:9B:3B:69:0C:93:06:79:50:2B:9B:C4:BF:99
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/CNIBMC_j6Zs7aQyTBnlQK5vEv5k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:c3:26:a5:e5:e1:27:f8:78:a2:8e:4f:e9:10:ac:7e:a2:b2:
64:4f:06:06:4d:8d:14:b1:07:08:f8:b6:cb:1c:11:b4:ea:76:
61:ce:3b:b7:15:ee:1b:53:aa:29:a4:d7:d8:43:5d:96:e5:4a:
e2:83:fb:e5:79:96:ed:bd:df:19:1e:0b:12:04:72:21:e0:96:
03:e1:f1:96:71:d0:0d:01:30:7e:6b:b2:25:55:5b:6f:ac:7b:
4c:4d:82:68:42:ff:30:ee:84:61:59:c7:41:d1:5b:97:19:06:
43:c3:0b:12:70:2c:17:7d:79:66:9f:d2:f7:0e:48:2f:6c:85:
4a:98:b0:8e:6e:45:5d:c6:b3:01:86:45:34:33:3e:01:29:de:
b3:c5:0b:16:ec:e8:0f:c0:a7:cf:49:09:b9:a3:59:a4:b3:6f:
7f:48:66:68:ae:ce:3e:de:2f:2f:91:e9:1f:b0:19:21:fc:68:
c0:7e:7b:70:50:61:8b:74:f3:2c:72:05:20:47:ac:b5:2d:0b:
11:f6:cd:f2:e4:b6:60:ac:7a:41:6e:52:e9:91:67:47:d2:ed:
50:a7:ac:5e:e5:97:13:a4:51:56:e6:a8:1c:04:5e:0c:a4:45:
2b:2c:0d:91:76:ef:6b:0f:97:52:69:1a:60:cd:27:4c:70:f1:
2e:f6:af:e4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA4RDIwMTMwMkZFM0U5
OUIzQjY5MEM5MzA2Nzk1MDJCOUJDNEJGOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCurG+JHZec4Z1M+Zi57aecopAIctB5Ai3dk/GOz/Qzd7apJhGL
MwVcSp2zKrbwHzk4u6R/Z4YzhJlJ7k2vaIdLy0t/0glVkjaJgWExEZ4+m6FprKyZ
kjSZiFslGIljr2+3nS43r9791vdYJC4RdV7FEgVLFqoBRBpl0bWcqJJ6EekhJ5u+
15gXMVeQHpgAspRWkdiIOSsoxIZTyXKQdbY/+yv2c7CPaPM5uaKicQvFevSJSrUK
2AJJ2BQ9fvwl3LaJ8SNu0uiAx47bCmm7JgBHcuhyEfE0C1PLTU8Ce3veLUgTysOP
OJTS1Uzn3lVNNsp+PiO8wAJF+nRd8FBKqkpNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUCNIBMC/j6Zs7aQyTBnlQK5vEv5kwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9DTklCTUNfajZaczdhUXlUQm5s
UUs1dkV2NWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCG5MI
MA0GCSqGSIb3DQEBCwUAA4IBAQBKwyal5eEn+Hiijk/pEKx+orJkTwYGTY0UsQcI
+LbLHBG06nZhzju3Fe4bU6oppNfYQ12W5Urig/vleZbtvd8ZHgsSBHIh4JYD4fGW
cdANATB+a7IlVVtvrHtMTYJoQv8w7oRhWcdB0VuXGQZDwwsScCwXfXlmn9L3Dkgv
bIVKmLCObkVdxrMBhkU0Mz4BKd6zxQsW7OgPwKfPSQm5o1mks29/SGZors4+3i8v
kekfsBkh/GjAfntwUGGLdPMscgUgR6y1LQsR9s3y5LZgrHpBblLpkWdH0u1Qp6xe
5ZcTpFFW5qgcBF4MpEUrLA2Rdu9rD5dSaRpgzSdMcPEu9q/k
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org