Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/KhCISn3Nlk6cIOvUDjGegpSasIU.roa
File: KhCISn3Nlk6cIOvUDjGegpSasIU.roa (raw, json)
Hash identifier: OXqbcXhog/jCIGQMwnyQuTnYQXFT1BiGOQVlvMydz0c=
Subject key identifier: 2A:10:88:4A:7D:CD:96:4E:9C:20:EB:D4:0E:31:9E:82:94:9A:B0:85
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B26
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/KhCISn3Nlk6cIOvUDjGegpSasIU.roa
Signing time: Thu 08 Dec 2022 08:29:11 +0000
ROA not before: Thu 08 Dec 2022 08:29:11 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.62.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2854 (0xb26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 8 08:29:11 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2A10884A7DCD964E9C20EBD40E319E82949AB085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:17:51:df:fe:2c:00:7a:32:44:42:fc:e0:49:
70:8a:3d:e6:68:ff:5f:00:35:41:ec:de:13:7b:dd:
ee:3b:6f:18:18:8a:a8:7f:22:9e:31:20:80:58:a3:
52:20:d1:3a:25:0a:7d:03:91:e7:cf:d5:58:d1:f6:
5c:e4:c6:70:a0:35:15:25:54:20:0a:c3:fb:1c:de:
11:26:2e:2c:ce:31:66:a9:cc:fc:bf:24:92:6e:2a:
d0:70:8c:fc:81:1a:3a:88:e3:71:15:bd:d1:58:ea:
83:fd:b5:5b:38:61:16:94:cf:6b:6a:fe:b9:f2:0f:
79:80:fd:a6:a1:ac:35:ea:99:f1:23:ff:6a:90:a7:
99:7d:13:a6:0a:e4:db:14:39:7e:0d:1d:69:b1:29:
b4:5c:a2:05:9e:c9:44:fa:bc:e2:68:cf:42:18:0b:
84:7c:1a:3e:4c:ae:5a:4e:2c:ef:fc:99:b0:50:ed:
b7:8d:07:d8:d2:2f:3b:73:d2:65:57:eb:f0:69:45:
12:5e:2b:82:b4:02:78:87:08:dd:95:ee:f2:b6:15:
7b:a8:42:30:28:28:70:ae:99:07:31:d5:15:9a:85:
b2:14:55:53:87:5f:57:13:14:45:16:35:01:7b:9a:
11:e0:29:e4:a8:9e:2e:dc:45:64:89:74:e5:fc:b4:
a5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:10:88:4A:7D:CD:96:4E:9C:20:EB:D4:0E:31:9E:82:94:9A:B0:85
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/KhCISn3Nlk6cIOvUDjGegpSasIU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.62.0/23
Signature Algorithm: sha256WithRSAEncryption
43:96:32:81:cb:6b:28:0e:5c:74:dd:be:04:da:2d:6b:46:e0:
06:cd:23:fa:e9:52:58:65:4a:94:9f:6b:3f:0a:14:b5:71:a9:
9e:c6:dd:52:f9:94:90:32:d8:a3:d5:46:72:b1:76:09:b7:33:
7a:6d:13:7f:a7:86:c6:aa:a7:3a:44:fe:b7:4a:9c:0d:c2:1e:
cb:a2:0a:23:61:6a:b5:ee:8a:1a:90:6c:08:7e:b8:3d:a1:9c:
9b:d9:0b:10:38:72:88:9f:ba:c0:71:de:65:86:18:bb:73:2e:
48:c0:3c:50:da:30:07:27:9f:90:b2:c8:2c:80:ff:10:99:1d:
4f:b0:5b:fb:c8:8a:b2:61:2e:02:da:ae:97:d6:b3:c0:ac:bd:
d4:d9:b1:a8:26:60:50:9a:0a:48:29:3d:25:14:a3:04:73:54:
68:69:d2:e2:e9:9a:b2:3e:a9:18:c1:03:e7:8b:3d:cd:83:4b:
39:f7:7b:8a:43:d0:da:03:a4:20:90:b2:4a:a1:cc:0f:7a:23:
96:44:12:48:98:0f:f0:15:42:a7:95:1e:41:d8:11:ff:24:34:
12:cb:05:c1:74:cd:cb:6a:9b:43:29:54:23:74:1b:0e:24:7a:
e3:40:8b:73:f9:ec:af:61:6b:38:5b:67:f0:1f:94:70:b1:35:
9a:4b:ce:2d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMDgw
ODI5MTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJBMTA4ODRBN0RDRDk2
NEU5QzIwRUJENDBFMzE5RTgyOTQ5QUIwODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgF1Hf/iwAejJEQvzgSXCKPeZo/18ANUHs3hN73e47bxgYiqh/
Ip4xIIBYo1Ig0TolCn0DkefP1VjR9lzkxnCgNRUlVCAKw/sc3hEmLizOMWapzPy/
JJJuKtBwjPyBGjqI43EVvdFY6oP9tVs4YRaUz2tq/rnyD3mA/aahrDXqmfEj/2qQ
p5l9E6YK5NsUOX4NHWmxKbRcogWeyUT6vOJoz0IYC4R8Gj5MrlpOLO/8mbBQ7beN
B9jSLztz0mVX6/BpRRJeK4K0AniHCN2V7vK2FXuoQjAoKHCumQcx1RWahbIUVVOH
X1cTFEUWNQF7mhHgKeSoni7cRWSJdOX8tKUfAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKhCISn3Nlk6cIOvUDjGegpSasIUwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9LaENJU24zTmxrNmNJT3ZVRGpH
ZWdwU2FzSVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBG5M+
MA0GCSqGSIb3DQEBCwUAA4IBAQBDljKBy2soDlx03b4E2i1rRuAGzSP66VJYZUqU
n2s/ChS1camext1S+ZSQMtij1UZysXYJtzN6bRN/p4bGqqc6RP63SpwNwh7Logoj
YWq17ooakGwIfrg9oZyb2QsQOHKIn7rAcd5lhhi7cy5IwDxQ2jAHJ5+QssgsgP8Q
mR1PsFv7yIqyYS4C2q6X1rPArL3U2bGoJmBQmgpIKT0lFKMEc1RoadLi6ZqyPqkY
wQPniz3Ng0s593uKQ9DaA6QgkLJKocwPeiOWRBJImA/wFUKnlR5B2BH/JDQSywXB
dM3LaptDKVQjdBsOJHrjQItz+eyvYWs4W2fwH5RwsTWaS84t
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org