Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/KrbHsbPCydh8E7YNOkIOu0ghfcI.roa
File: KrbHsbPCydh8E7YNOkIOu0ghfcI.roa (raw, json)
Hash identifier: /TC1d9W7Hl0HYUaIWMvZkpbs6uhoFdOZ7+00PWxaXtY=
Subject key identifier: 2A:B6:C7:B1:B3:C2:C9:D8:7C:13:B6:0D:3A:42:0E:BB:48:21:7D:C2
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B39
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/KrbHsbPCydh8E7YNOkIOu0ghfcI.roa
Signing time: Thu 15 Dec 2022 02:21:51 +0000
ROA not before: Thu 15 Dec 2022 02:21:51 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 124.155.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2873 (0xb39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:21:51 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2AB6C7B1B3C2C9D87C13B60D3A420EBB48217DC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ac:71:cd:d6:2b:e4:34:3d:2a:61:e1:e6:41:
7f:ae:d5:ad:23:f5:07:e5:c3:02:ec:2a:dc:f3:a5:
4c:50:80:eb:51:9a:9c:73:f3:57:7a:a5:81:70:b4:
b4:91:5d:0f:49:59:59:69:7c:11:55:3d:d2:13:2b:
77:88:c3:c0:d5:ef:07:ec:68:cc:cb:24:35:fe:e2:
c9:d7:b2:ba:ce:33:70:ff:a1:3e:d3:0a:62:cf:5b:
5f:72:75:6e:61:b7:17:b4:10:5c:2e:90:b4:b8:62:
08:43:72:97:6c:2f:b4:cb:83:60:1f:19:f8:0d:50:
d8:5c:34:3f:f7:8b:1b:12:e9:1a:73:7a:53:40:8f:
6d:45:b7:46:95:f8:a2:47:d2:ad:77:5d:0d:df:0a:
06:7f:61:53:69:81:aa:b4:6c:bc:67:57:69:96:bf:
2b:b2:26:13:bb:cf:86:f7:a2:44:df:04:0d:7b:14:
bf:42:9c:3f:f3:1d:c3:82:78:6d:aa:0a:03:28:8c:
14:ee:1f:d4:95:1a:54:37:f7:a1:02:08:0f:40:e6:
2e:57:78:b8:1a:b1:ec:44:48:33:6f:1a:25:fe:92:
f3:84:3a:95:e4:74:8f:48:54:48:7b:7a:73:0f:6d:
63:d5:9d:f3:14:20:b0:8d:50:83:02:27:3a:34:09:
18:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B6:C7:B1:B3:C2:C9:D8:7C:13:B6:0D:3A:42:0E:BB:48:21:7D:C2
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/KrbHsbPCydh8E7YNOkIOu0ghfcI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.168.0/21
Signature Algorithm: sha256WithRSAEncryption
44:71:6b:f6:dd:13:5d:b3:79:44:aa:7f:3c:53:72:9f:81:e1:
e0:ef:4f:74:f8:12:fc:0c:ed:b2:9b:79:a1:73:3a:c4:f3:ce:
fb:e7:8e:86:a7:53:c6:93:f7:ac:df:c8:37:5d:d9:27:43:05:
d5:c2:d9:e2:eb:a7:fd:ca:e4:7d:c7:c5:b6:a7:af:95:c0:d4:
74:0d:57:93:fb:82:22:82:ae:56:0c:79:d7:65:60:16:49:87:
8c:db:e4:1c:70:46:d1:86:82:77:6e:09:ed:16:a5:d5:2c:fd:
75:5b:f6:6a:1e:be:47:7e:fa:04:e6:29:9f:61:d1:11:e1:31:
16:a2:de:dc:42:1b:2b:34:91:32:2c:4e:96:de:4a:28:ab:26:
e3:91:ec:87:60:01:3d:f8:6f:12:f5:fd:b5:bb:be:6c:06:96:
a0:0d:c9:7b:ac:16:6b:43:26:ec:ce:a4:73:3f:29:74:d8:52:
70:c2:da:d8:5d:7a:91:9d:55:ef:af:04:94:e0:10:07:7c:f2:
1c:66:6e:4c:75:72:a2:af:88:47:55:f5:97:66:a7:f1:b0:dd:
c2:00:a3:b7:91:9a:8b:0a:b0:49:c2:b5:70:6e:78:2d:db:4f:
40:5b:19:f3:4b:8b:a2:7a:09:77:e9:93:a3:6d:e9:6d:06:c1:
aa:06:af:1f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCzkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjIxNTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJBQjZDN0IxQjNDMkM5
RDg3QzEzQjYwRDNBNDIwRUJCNDgyMTdEQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDArHHN1ivkND0qYeHmQX+u1a0j9QflwwLsKtzzpUxQgOtRmpxz
81d6pYFwtLSRXQ9JWVlpfBFVPdITK3eIw8DV7wfsaMzLJDX+4snXsrrOM3D/oT7T
CmLPW19ydW5htxe0EFwukLS4YghDcpdsL7TLg2AfGfgNUNhcND/3ixsS6RpzelNA
j21Ft0aV+KJH0q13XQ3fCgZ/YVNpgaq0bLxnV2mWvyuyJhO7z4b3okTfBA17FL9C
nD/zHcOCeG2qCgMojBTuH9SVGlQ396ECCA9A5i5XeLgasexESDNvGiX+kvOEOpXk
dI9IVEh7enMPbWPVnfMUILCNUIMCJzo0CRjzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKrbHsbPCydh8E7YNOkIOu0ghfcIwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9LcmJIc2JQQ3lkaDhFN1lOT2tJ
T3UwZ2hmY0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJuo
MA0GCSqGSIb3DQEBCwUAA4IBAQBEcWv23RNds3lEqn88U3KfgeHg7090+BL8DO2y
m3mhczrE8877546Gp1PGk/es38g3XdknQwXVwtni66f9yuR9x8W2p6+VwNR0DVeT
+4Iigq5WDHnXZWAWSYeM2+QccEbRhoJ3bgntFqXVLP11W/ZqHr5HfvoE5imfYdER
4TEWot7cQhsrNJEyLE6W3kooqybjkeyHYAE9+G8S9f21u75sBpagDcl7rBZrQybs
zqRzPyl02FJwwtrYXXqRnVXvrwSU4BAHfPIcZm5MdXKir4hHVfWXZqfxsN3CAKO3
kZqLCrBJwrVwbngt209AWxnzS4uiegl36ZOjbeltBsGqBq8f
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org