Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/HftzKHzdJvz8-ejZKlEXhz6Afuc.roa
File: HftzKHzdJvz8-ejZKlEXhz6Afuc.roa (raw, json)
Hash identifier: YcK4XQWRB/bqz1ApcZpDETXM6CpaX3Vjpw4QjxMjt9E=
Subject key identifier: 1D:FB:73:28:7C:DD:26:FC:FC:F9:E8:D9:2A:51:17:87:3E:80:7E:E7
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0AEB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/HftzKHzdJvz8-ejZKlEXhz6Afuc.roa
Signing time: Thu 15 Sep 2022 02:49:30 +0000
ROA not before: Thu 15 Sep 2022 02:49:30 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2795 (0xaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 15 02:49:30 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1DFB73287CDD26FCFCF9E8D92A5117873E807EE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b2:93:a1:9f:ee:52:c1:85:83:69:4f:91:48:
6e:73:58:36:d1:f9:dc:2e:79:17:9f:88:24:78:39:
d5:b0:d4:03:41:9a:62:1e:6c:7d:04:6d:b3:f5:f2:
dd:f1:75:80:db:fe:9d:f2:64:f1:8c:52:ab:a5:bb:
1e:eb:0b:68:05:21:36:31:b7:8e:ad:24:23:cc:05:
60:45:9b:9d:48:10:c2:06:b1:1d:ff:f1:da:6b:81:
5c:37:25:c2:4b:29:bc:95:d8:94:6a:4c:dc:dc:2b:
81:ad:8a:a3:2a:df:b9:5c:c9:e8:80:0d:48:c5:ea:
72:2f:d1:1f:12:fa:0a:e7:0d:cc:cb:a1:36:94:98:
30:d4:1a:da:e4:3f:3f:e0:5e:dd:e6:83:4f:be:af:
5d:44:83:5d:87:1d:05:9b:b1:6f:de:dd:d5:aa:af:
30:d5:54:4b:e8:c3:f6:ae:96:a0:86:03:01:29:b0:
e3:d5:6c:e7:91:4f:fe:7e:a6:b2:4b:93:37:29:66:
b6:29:32:0f:79:8a:9f:e7:6a:04:7a:d4:ae:48:7f:
24:62:e2:24:b8:c8:71:57:ce:22:de:53:f8:56:37:
c6:5d:d9:19:3c:e6:8d:25:ad:32:e8:fe:31:39:89:
4a:70:c7:6c:7f:f1:f8:c0:c9:c4:be:67:84:aa:f7:
b0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FB:73:28:7C:DD:26:FC:FC:F9:E8:D9:2A:51:17:87:3E:80:7E:E7
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/HftzKHzdJvz8-ejZKlEXhz6Afuc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.40.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:e3:c8:7a:9c:9c:bb:3b:2c:c9:18:c3:ca:71:c7:d7:ef:ac:
27:0e:01:83:99:cd:ec:7b:34:01:48:c1:38:10:b8:23:ac:0b:
98:56:0a:b8:c2:66:48:ca:9d:9c:08:6d:b2:e1:e1:65:09:67:
06:4d:0c:93:70:be:21:89:01:06:b8:b2:03:85:a3:86:e0:6e:
2a:03:67:c4:8c:fd:a1:6c:04:32:c3:ad:7f:21:b4:40:4a:56:
30:d3:a4:05:7e:df:b4:c7:82:2a:94:00:3f:f6:73:d0:52:e8:
86:48:19:55:16:e1:8b:ee:de:45:e4:ae:2b:c8:7f:c7:14:bb:
b2:a5:13:23:64:31:3e:ac:cf:ec:3b:ee:4c:a0:a3:50:10:eb:
8a:ba:44:cf:f1:fd:57:e4:04:db:b8:b0:60:8b:8d:a4:07:3e:
c3:76:85:ea:2a:b8:d9:71:8b:ea:f7:20:1d:d4:e8:cc:8c:c4:
02:e1:e9:ed:47:59:e9:c2:1b:66:5d:d7:c2:0f:a9:1d:f1:17:
50:02:80:18:fd:37:50:72:ec:a3:f7:ca:fd:92:0c:51:bd:c9:
cf:0a:80:e9:14:5b:73:65:47:23:2e:89:1c:9f:94:9e:10:f6:
40:49:a2:a4:d0:8a:76:93:1e:f7:14:d5:24:53:78:f5:90:8a:
4e:82:e2:e8
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA5MTUw
MjQ5MzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFERkI3MzI4N0NERDI2
RkNGQ0Y5RThEOTJBNTExNzg3M0U4MDdFRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6spOhn+5SwYWDaU+RSG5zWDbR+dwueRefiCR4OdWw1ANBmmIe
bH0EbbP18t3xdYDb/p3yZPGMUqulux7rC2gFITYxt46tJCPMBWBFm51IEMIGsR3/
8dprgVw3JcJLKbyV2JRqTNzcK4GtiqMq37lcyeiADUjF6nIv0R8S+grnDczLoTaU
mDDUGtrkPz/gXt3mg0++r11Eg12HHQWbsW/e3dWqrzDVVEvow/aulqCGAwEpsOPV
bOeRT/5+prJLkzcpZrYpMg95ip/nagR61K5IfyRi4iS4yHFXziLeU/hWN8Zd2Rk8
5o0lrTLo/jE5iUpwx2x/8fjAycS+Z4Sq97BnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHftzKHzdJvz8+ejZKlEXhz6AfucwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9IZnR6S0h6ZEp2ejgtZWpaS2xF
WGh6NkFmdWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mo
MA0GCSqGSIb3DQEBCwUAA4IBAQCP48h6nJy7OyzJGMPKccfX76wnDgGDmc3sezQB
SME4ELgjrAuYVgq4wmZIyp2cCG2y4eFlCWcGTQyTcL4hiQEGuLIDhaOG4G4qA2fE
jP2hbAQyw61/IbRASlYw06QFft+0x4IqlAA/9nPQUuiGSBlVFuGL7t5F5K4ryH/H
FLuypRMjZDE+rM/sO+5MoKNQEOuKukTP8f1X5ATbuLBgi42kBz7DdoXqKrjZcYvq
9yAd1OjMjMQC4entR1npwhtmXdfCD6kd8RdQAoAY/TdQcuyj98r9kgxRvcnPCoDp
FFtzZUcjLokcn5SeEPZASaKk0Ip2kx73FNUkU3j1kIpOguLo
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org