Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/D_1aeMhw8PyQkygFn40P_gwwXcc.roa
File: D_1aeMhw8PyQkygFn40P_gwwXcc.roa (raw, json)
Hash identifier: ZlL48Vlua9ykJ+089epzLBx0G9q06uybmNDfvgw5NCo=
Subject key identifier: 0F:FD:5A:78:C8:70:F0:FC:90:93:28:05:9F:8D:0F:FE:0C:30:5D:C7
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09CE
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/D_1aeMhw8PyQkygFn40P_gwwXcc.roa
Signing time: Wed 29 Sep 2021 02:52:01 +0000
ROA not before: Wed 29 Sep 2021 02:52:01 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 27.147.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2510 (0x9ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:01 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=0FFD5A78C870F0FC909328059F8D0FFE0C305DC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f2:87:a0:f4:ea:16:0e:6b:22:c2:ba:a0:36:
23:19:23:7c:3d:1a:a4:89:9e:68:0a:a4:09:04:14:
79:a9:1a:ea:d1:ac:38:dc:15:2e:db:82:d2:c7:e4:
c1:46:7c:94:e1:f2:2a:c9:d4:c6:8b:1c:ee:3e:33:
3f:65:91:11:3b:32:56:48:7b:49:3d:c0:d2:7f:aa:
96:cb:77:02:b8:67:ad:90:2e:66:55:f5:64:94:f9:
2f:c2:cb:47:66:cb:dc:00:47:10:b8:78:16:4c:97:
6d:ed:fb:fb:c0:e3:d4:fc:78:a5:d1:fc:16:68:af:
17:8a:f9:09:3d:ee:d6:4b:66:a0:7c:9c:77:2a:ce:
5a:f0:d7:11:c6:ea:b2:f5:cf:0f:ff:eb:e6:de:45:
0f:e4:d7:82:7d:63:65:ba:e3:67:b9:57:22:57:32:
5c:34:1f:25:5e:72:98:c3:b6:4b:c8:20:f6:1f:5c:
dd:28:5f:0c:fb:a7:6e:0d:de:47:75:56:a1:dc:0d:
23:ad:b3:29:6b:23:fd:fa:d7:1b:7c:7f:bf:2e:76:
04:96:5a:47:8b:d7:cb:11:42:99:6b:b9:70:ee:1c:
0e:15:d5:ba:ab:de:a0:27:4c:cd:fe:91:6b:2e:9e:
6e:53:0f:fb:67:22:12:19:cb:2a:b2:06:5b:d3:c8:
86:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FD:5A:78:C8:70:F0:FC:90:93:28:05:9F:8D:0F:FE:0C:30:5D:C7
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/D_1aeMhw8PyQkygFn40P_gwwXcc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.24.0/21
Signature Algorithm: sha256WithRSAEncryption
12:eb:40:29:5a:ae:30:97:69:bc:ed:99:8c:d5:00:15:73:2a:
94:27:dd:f3:db:80:4f:b3:d5:87:9b:06:3b:bf:ab:49:85:91:
fe:00:2d:27:83:7e:8d:bb:4b:77:1a:d4:3d:8a:40:1b:5a:74:
a1:f9:ed:28:7d:78:49:7a:72:73:b1:6d:bd:94:0d:2c:e9:44:
50:29:7b:b3:3b:78:7d:ad:8f:a4:a0:a4:96:55:d4:d0:c8:62:
43:84:82:8e:89:6a:0e:d6:67:9a:9b:a0:c5:19:06:33:59:90:
fa:0a:c6:07:d5:2e:43:47:4b:56:ab:50:de:ff:44:08:0e:bb:
8b:11:99:02:c0:e2:8b:77:1f:2f:0f:98:d4:08:d6:ad:16:a5:
35:2c:90:fa:4c:fd:c7:ee:58:34:3d:82:83:cd:f1:ea:5a:c2:
f8:1f:d9:e9:72:1d:b3:f5:a4:da:ca:5a:43:f8:32:7d:d4:a3:
cf:5f:25:b4:b9:92:fb:04:76:15:88:89:d0:b0:1e:c1:a7:3a:
9d:ed:83:bc:e3:c1:68:3d:84:0d:91:c2:5e:ff:60:66:e3:8b:
b3:8a:7e:8e:ec:dd:69:5a:c4:14:b9:32:fd:f9:ff:e2:71:5b:
d6:66:7e:19:73:7f:cf:28:b6:c9:e6:e3:96:01:8e:2a:3f:6a:
01:33:e6:0e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCc4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDBGRkQ1QTc4Qzg3MEYw
RkM5MDkzMjgwNTlGOEQwRkZFMEMzMDVEQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG8oeg9OoWDmsiwrqgNiMZI3w9GqSJnmgKpAkEFHmpGurRrDjc
FS7bgtLH5MFGfJTh8irJ1MaLHO4+Mz9lkRE7MlZIe0k9wNJ/qpbLdwK4Z62QLmZV
9WSU+S/Cy0dmy9wARxC4eBZMl23t+/vA49T8eKXR/BZorxeK+Qk97tZLZqB8nHcq
zlrw1xHG6rL1zw//6+beRQ/k14J9Y2W642e5VyJXMlw0HyVecpjDtkvIIPYfXN0o
Xwz7p24N3kd1VqHcDSOtsylrI/361xt8f78udgSWWkeL18sRQplruXDuHA4V1bqr
3qAnTM3+kWsunm5TD/tnIhIZyyqyBlvTyIYBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUD/1aeMhw8PyQkygFn40P/gwwXccwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9EXzFhZU1odzhQeVFreWdGbjQw
UF9nd3dYY2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MY
MA0GCSqGSIb3DQEBCwUAA4IBAQAS60ApWq4wl2m87ZmM1QAVcyqUJ93z24BPs9WH
mwY7v6tJhZH+AC0ng36Nu0t3GtQ9ikAbWnSh+e0ofXhJenJzsW29lA0s6URQKXuz
O3h9rY+koKSWVdTQyGJDhIKOiWoO1meam6DFGQYzWZD6CsYH1S5DR0tWq1De/0QI
DruLEZkCwOKLdx8vD5jUCNatFqU1LJD6TP3H7lg0PYKDzfHqWsL4H9npch2z9aTa
ylpD+DJ91KPPXyW0uZL7BHYViInQsB7Bpzqd7YO848FoPYQNkcJe/2Bm44uzin6O
7N1pWsQUuTL9+f/icVvWZn4Zc3/PKLbJ5uOWAY4qP2oBM+YO
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org