Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/H4Y--WuolXWbyRu5DqsFMto8luM.roa
File: H4Y--WuolXWbyRu5DqsFMto8luM.roa (raw, json)
Hash identifier: 7A7I+tvZAYgACCkNPihyBLMTBhsWZOqSmBd/cMJNDAQ=
Subject key identifier: 1F:86:3E:F9:6B:A8:95:75:9B:C9:1B:B9:0E:AB:05:32:DA:3C:96:E3
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0AEB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/H4Y--WuolXWbyRu5DqsFMto8luM.roa
Signing time: Thu 15 Sep 2022 02:49:29 +0000
ROA not before: Thu 15 Sep 2022 02:49:29 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2795 (0xaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 15 02:49:29 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1F863EF96BA895759BC91BB90EAB0532DA3C96E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:86:50:2b:78:05:26:90:fa:0f:77:29:2c:41:
f9:cf:d4:1e:d6:9b:0a:b9:d1:49:6d:47:3a:34:d9:
72:43:27:2f:0c:ba:3a:2a:55:aa:d5:4f:d5:47:d4:
56:aa:b9:f3:8b:ea:4f:48:e6:2c:7e:fc:4f:b3:05:
ad:50:90:3d:d0:59:be:9e:77:7a:69:22:c8:5d:e2:
96:83:41:98:a5:6e:67:20:15:98:47:01:4a:da:c2:
5e:ff:9d:ea:ae:46:a5:42:b4:99:47:f6:5f:b7:9e:
cf:ae:65:2a:39:d4:e8:e8:3a:7d:bb:3d:9e:cc:eb:
3e:21:df:c6:c9:17:3d:af:e4:c0:85:63:7f:2b:ed:
d9:66:6b:66:b0:69:11:df:db:4a:fa:ea:37:d1:d2:
25:f0:87:25:94:5f:93:cb:5f:64:bd:8f:b3:1f:a0:
6b:16:bc:17:95:ad:f3:25:17:05:1c:18:08:8e:5d:
f3:0d:6b:54:bb:a0:bf:f0:64:cf:b4:eb:93:ff:59:
e5:d2:0a:4d:ea:77:c6:65:c4:a0:51:6a:55:47:bb:
a0:06:ef:0f:91:7e:0f:02:6b:c9:05:16:9e:77:9d:
3b:66:8f:20:12:08:17:ff:3e:e6:35:c8:30:2f:24:
b3:32:95:e8:ff:85:1c:08:7e:f0:0a:e9:c5:e0:4d:
1e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:86:3E:F9:6B:A8:95:75:9B:C9:1B:B9:0E:AB:05:32:DA:3C:96:E3
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/H4Y--WuolXWbyRu5DqsFMto8luM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.56.0/21
Signature Algorithm: sha256WithRSAEncryption
94:c7:a0:3e:63:a3:53:59:17:b2:c8:8b:f5:d7:ee:81:87:57:
b8:c2:e5:6b:73:a8:41:8c:9d:36:6d:a6:93:d8:6b:fc:7a:58:
8e:b8:38:70:26:cc:73:47:e8:11:09:be:f9:da:de:17:ce:9d:
9c:de:06:11:7e:70:45:b7:6f:ad:5e:a0:84:cd:75:7d:1a:fb:
5f:79:5b:37:f6:f5:d6:20:e2:5b:e6:4f:81:0c:93:53:1c:00:
50:26:25:38:cc:97:b1:40:93:c7:a0:75:f7:61:08:3e:fc:29:
de:d8:7a:1e:65:d5:c4:1d:48:93:2f:14:0f:e7:8d:4b:88:34:
61:7f:ea:f0:b9:1c:9e:ff:f8:7e:46:a7:81:d0:1c:f6:a3:cf:
b5:91:42:80:7c:bf:70:c3:46:c4:3e:4d:15:9c:a8:45:5d:5f:
c6:e1:3a:e3:95:ab:4a:5e:87:97:6b:d9:07:f8:c0:22:64:46:
1a:ca:80:c1:69:1f:b6:d6:73:a5:c7:13:2b:a5:75:82:d0:fa:
6b:ac:dc:e0:d1:4a:0e:21:f1:73:f8:dc:68:43:08:1f:00:db:
f0:e2:e5:a1:c3:b0:ee:30:93:c1:dd:83:89:b4:68:5e:eb:a9:
36:a5:f6:7f:71:58:70:9f:92:85:d8:41:cb:5c:36:3c:85:7b:
b0:ba:43:d4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA5MTUw
MjQ5MjlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFGODYzRUY5NkJBODk1
NzU5QkM5MUJCOTBFQUIwNTMyREEzQzk2RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCehlAreAUmkPoPdyksQfnP1B7Wmwq50UltRzo02XJDJy8Mujoq
VarVT9VH1FaqufOL6k9I5ix+/E+zBa1QkD3QWb6ed3ppIshd4paDQZilbmcgFZhH
AUrawl7/nequRqVCtJlH9l+3ns+uZSo51OjoOn27PZ7M6z4h38bJFz2v5MCFY38r
7dlma2awaRHf20r66jfR0iXwhyWUX5PLX2S9j7MfoGsWvBeVrfMlFwUcGAiOXfMN
a1S7oL/wZM+065P/WeXSCk3qd8ZlxKBRalVHu6AG7w+Rfg8Ca8kFFp53nTtmjyAS
CBf/PuY1yDAvJLMylej/hRwIfvAK6cXgTR7RAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUH4Y++WuolXWbyRu5DqsFMto8luMwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9INFktLVd1b2xYV2J5UnU1RHFz
Rk10bzhsdU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5M4
MA0GCSqGSIb3DQEBCwUAA4IBAQCUx6A+Y6NTWReyyIv11+6Bh1e4wuVrc6hBjJ02
baaT2Gv8eliOuDhwJsxzR+gRCb752t4Xzp2c3gYRfnBFt2+tXqCEzXV9GvtfeVs3
9vXWIOJb5k+BDJNTHABQJiU4zJexQJPHoHX3YQg+/Cne2HoeZdXEHUiTLxQP541L
iDRhf+rwuRye//h+RqeB0Bz2o8+1kUKAfL9ww0bEPk0VnKhFXV/G4TrjlatKXoeX
a9kH+MAiZEYayoDBaR+21nOlxxMrpXWC0PprrNzg0UoOIfFz+NxoQwgfANvw4uWh
w7DuMJPB3YOJtGhe66k2pfZ/cVhwn5KF2EHLXDY8hXuwukPU
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org