Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/DxWBsehLKviEZjPPkpsjxllh5jY.roa
File: DxWBsehLKviEZjPPkpsjxllh5jY.roa (raw, json)
Hash identifier: at40l+pmFJ7CegAPPLOOTkD59NIPzW4chwg2z4GXFFo=
Subject key identifier: 0F:15:81:B1:E8:4B:2A:F8:84:66:33:CF:92:9B:23:C6:59:61:E6:36
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C5E
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/DxWBsehLKviEZjPPkpsjxllh5jY.roa
Signing time: Fri 01 Sep 2023 08:26:28 +0000
ROA not before: Fri 01 Sep 2023 08:26:28 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 27.147.0.0/18 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3166 (0xc5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:28 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0F1581B1E84B2AF8846633CF929B23C65961E636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a3:52:bd:8a:0e:60:59:80:4a:4c:13:d8:2a:
ed:58:b8:4c:ea:e4:d4:4d:ef:72:2d:89:94:33:e6:
4f:47:79:77:57:df:d7:55:a7:6e:d6:69:b1:2f:91:
6b:3d:f7:76:b0:da:a0:5e:22:3b:4e:a7:c2:0c:89:
ca:7d:f7:6d:4c:5a:a6:c8:ef:c8:3c:95:a1:c1:45:
c7:33:f8:8e:49:de:0e:d3:84:38:83:4c:b8:c3:25:
5f:28:05:0e:66:54:e7:d0:b6:b4:27:67:cb:70:13:
20:8e:c1:71:43:4f:6f:64:11:7b:65:46:b2:b2:ba:
78:45:10:b9:fe:dc:f5:09:83:8f:3b:8e:28:fe:9b:
41:68:5b:5b:a4:a2:96:55:9c:94:b9:3b:b2:e5:6b:
c6:03:1c:d7:86:f2:6b:4b:55:84:7a:fa:c8:e2:fa:
be:b8:47:34:77:1a:21:da:3f:4a:18:d7:47:31:91:
c2:65:6c:50:bf:da:44:18:ec:97:74:e0:a1:5c:74:
5f:8b:22:0a:4b:65:0c:5d:e6:ed:b1:c1:7b:3a:83:
f8:3d:d1:3d:f8:39:0e:64:85:9c:8d:46:90:30:7a:
d7:ac:ac:78:06:f0:c9:15:9a:0e:c1:9a:a4:ae:59:
40:82:2a:13:53:5c:38:f2:77:40:d3:48:5b:df:96:
b2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:15:81:B1:E8:4B:2A:F8:84:66:33:CF:92:9B:23:C6:59:61:E6:36
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/DxWBsehLKviEZjPPkpsjxllh5jY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.0.0/18
Signature Algorithm: sha256WithRSAEncryption
92:09:42:c5:c3:e6:30:cc:60:82:83:72:99:2f:40:20:ae:f2:
75:1c:60:41:51:6c:11:6e:4c:e5:51:3d:a3:84:7f:2a:6b:3b:
6e:80:f7:e8:48:44:c4:66:41:fc:0b:ad:66:1e:7a:91:f9:82:
60:cd:1a:8b:22:79:de:88:2f:1b:49:e0:27:36:80:20:58:62:
33:e4:f6:f7:20:d2:d9:4f:aa:3d:6c:85:3c:f4:44:86:8d:b4:
1c:98:98:0d:08:75:cd:1b:35:f0:2f:07:ab:97:58:16:63:2f:
5c:2d:fa:53:43:f4:e4:e4:d2:4e:10:89:c1:8a:b5:24:a2:1b:
99:ea:fc:3b:27:73:b7:86:f2:e9:bc:7e:83:5b:5b:88:bf:10:
ea:c3:d6:02:48:27:24:89:1f:81:eb:47:21:73:09:76:64:b9:
f4:18:30:25:1c:7d:e0:1a:79:4d:63:e6:2b:a9:d9:6c:c1:46:
ca:ba:c2:61:f9:8c:3e:15:e1:5e:31:b9:cc:f2:8a:0e:1a:4e:
99:8e:0d:a6:0b:39:fb:1e:5e:f9:5c:ad:48:36:e3:be:2c:96:
77:fc:16:66:b2:c6:d5:cb:92:17:34:61:3a:55:c3:7e:91:b6:
ea:9a:71:62:de:8f:45:16:37:63:a2:6b:66:ab:7a:2d:88:98:
d2:8e:50:57
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MjhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBGMTU4MUIxRTg0QjJB
Rjg4NDY2MzNDRjkyOUIyM0M2NTk2MUU2MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJo1K9ig5gWYBKTBPYKu1YuEzq5NRN73ItiZQz5k9HeXdX39dV
p27WabEvkWs993aw2qBeIjtOp8IMicp9921MWqbI78g8laHBRccz+I5J3g7ThDiD
TLjDJV8oBQ5mVOfQtrQnZ8twEyCOwXFDT29kEXtlRrKyunhFELn+3PUJg487jij+
m0FoW1ukopZVnJS5O7Lla8YDHNeG8mtLVYR6+sji+r64RzR3GiHaP0oY10cxkcJl
bFC/2kQY7Jd04KFcdF+LIgpLZQxd5u2xwXs6g/g90T34OQ5khZyNRpAwetesrHgG
8MkVmg7BmqSuWUCCKhNTXDjyd0DTSFvflrLzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUDxWBsehLKviEZjPPkpsjxllh5jYwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9EeFdCc2VoTEt2aUVaalBQa3Bz
anhsbGg1alkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGG5MA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSCULFw+YwzGCCg3KZL0AgrvJ1HGBBUWwRbkzl
UT2jhH8qaztugPfoSETEZkH8C61mHnqR+YJgzRqLInneiC8bSeAnNoAgWGIz5Pb3
INLZT6o9bIU89ESGjbQcmJgNCHXNGzXwLwerl1gWYy9cLfpTQ/Tk5NJOEInBirUk
ohuZ6vw7J3O3hvLpvH6DW1uIvxDqw9YCSCckiR+B60chcwl2ZLn0GDAlHH3gGnlN
Y+YrqdlswUbKusJh+Yw+FeFeMbnM8ooOGk6Zjg2mCzn7Hl75XK1INuO+LJZ3/BZm
ssbVy5IXNGE6VcN+kbbqmnFi3o9FFjdjomtmq3otiJjSjlBX
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:00 2025 by rpki-client