Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/LDYmgWoqPP7QZX1FctooJag0GgA.roa
File: LDYmgWoqPP7QZX1FctooJag0GgA.roa (raw, json)
Hash identifier: oMBTDZKsAp75yKYXeJmp0NZZuSo86AT5GtE81bx9AjU=
Subject key identifier: 2C:36:26:81:6A:2A:3C:FE:D0:65:7D:45:72:DA:28:25:A8:34:1A:00
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 08F9
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/LDYmgWoqPP7QZX1FctooJag0GgA.roa
Signing time: Sun 07 Feb 2021 12:44:58 +0000
ROA not before: Sun 07 Feb 2021 12:44:58 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 27.147.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2297 (0x8f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 7 12:44:58 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=2C3626816A2A3CFED0657D4572DA2825A8341A00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:39:dc:c4:a8:f9:46:2c:16:1c:4f:ba:5e:e1:
f5:74:ef:ee:2a:85:e6:d3:15:c6:d1:e0:8f:23:41:
c7:ef:6d:8e:4a:64:ac:6d:2b:33:a8:90:b1:81:c7:
03:4d:38:7d:1b:46:98:b1:53:87:11:f1:3a:99:bb:
89:b2:16:8a:ec:31:b2:d2:f2:f5:44:90:c8:5a:01:
c7:d8:c3:04:61:86:a6:34:69:ae:64:57:04:69:12:
1f:07:41:dd:95:b1:3a:b2:25:80:e9:4f:5e:a4:82:
22:15:5b:23:91:54:e5:81:d6:76:5d:28:94:24:a2:
03:8c:20:5f:ac:bd:5e:41:95:21:89:65:1d:d0:c0:
02:6e:de:c4:51:24:83:6b:2d:e7:ed:ae:ff:3c:ab:
95:9c:98:0a:d3:0d:3a:c5:0c:f4:23:ba:da:7e:1b:
35:d7:ea:b7:e7:e7:f3:b9:14:37:53:85:55:2b:95:
d0:34:3f:5a:c1:5f:1d:19:70:bf:6a:2b:ce:dc:79:
f9:a3:da:fb:27:54:04:5f:a2:73:cf:bb:40:68:6b:
25:c1:9c:27:31:30:b9:bd:b7:54:8a:73:6f:5a:8c:
6b:5a:8e:71:ef:de:b1:dd:38:da:81:72:27:19:0e:
d7:11:76:d0:3e:4c:9e:33:c0:ed:01:4f:cd:62:ca:
8e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:36:26:81:6A:2A:3C:FE:D0:65:7D:45:72:DA:28:25:A8:34:1A:00
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/LDYmgWoqPP7QZX1FctooJag0GgA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.24.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:fc:38:26:2c:b5:bf:f7:ad:99:8e:f2:66:e9:f8:47:19:31:
01:57:5a:a1:e6:73:45:23:2e:a8:78:5e:45:16:18:de:f5:2f:
64:b0:73:d0:18:d1:4a:cd:5d:88:63:15:a2:bb:fa:f3:6f:b8:
27:a8:f4:12:01:dc:e0:3d:b5:99:f7:51:99:24:9c:4e:85:cd:
01:90:9e:1c:75:27:4f:ac:6b:e6:20:03:18:a4:a5:6b:d4:59:
e7:f8:7d:c3:f2:b7:80:6a:b9:d6:65:0c:85:01:5a:56:de:89:
65:61:7f:27:98:07:3b:e1:aa:a2:38:10:6b:80:4c:61:61:8d:
1e:25:35:aa:37:ee:a5:a0:b2:aa:67:8a:95:fb:b3:1b:d8:17:
3a:5b:b4:8c:fe:7a:88:6c:89:80:9b:e3:6d:95:34:4a:44:5e:
5f:21:df:49:6d:ef:b1:16:8a:04:22:29:7c:59:4d:3a:a2:57:
e7:32:94:3b:ca:d3:88:06:53:24:9c:eb:09:30:63:3f:8c:11:
71:cd:2f:ea:4c:4c:3a:8a:76:92:e8:46:23:cf:a1:a2:cc:bf:
47:23:d6:44:da:65:2f:85:de:f9:4b:3a:08:78:cd:75:82:e4:
8a:cb:92:a7:c5:8b:a1:02:23:06:dc:87:70:64:a9:3b:e6:f6:
93:ba:80:c0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ0NThaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJDMzYyNjgxNkEyQTND
RkVEMDY1N0Q0NTcyREEyODI1QTgzNDFBMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnOdzEqPlGLBYcT7pe4fV07+4qhebTFcbR4I8jQcfvbY5KZKxt
KzOokLGBxwNNOH0bRpixU4cR8TqZu4myForsMbLS8vVEkMhaAcfYwwRhhqY0aa5k
VwRpEh8HQd2VsTqyJYDpT16kgiIVWyORVOWB1nZdKJQkogOMIF+svV5BlSGJZR3Q
wAJu3sRRJINrLeftrv88q5WcmArTDTrFDPQjutp+GzXX6rfn5/O5FDdThVUrldA0
P1rBXx0ZcL9qK87cefmj2vsnVARfonPPu0BoayXBnCcxMLm9t1SKc29ajGtajnHv
3rHdONqBcicZDtcRdtA+TJ4zwO0BT81iyo7VAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQULDYmgWoqPP7QZX1FctooJag0GgAwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9MRFltZ1dvcVBQN1FaWDFGY3Rv
b0phZzBHZ0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MY
MA0GCSqGSIb3DQEBCwUAA4IBAQA7/DgmLLW/962ZjvJm6fhHGTEBV1qh5nNFIy6o
eF5FFhje9S9ksHPQGNFKzV2IYxWiu/rzb7gnqPQSAdzgPbWZ91GZJJxOhc0BkJ4c
dSdPrGvmIAMYpKVr1Fnn+H3D8reAarnWZQyFAVpW3ollYX8nmAc74aqiOBBrgExh
YY0eJTWqN+6loLKqZ4qV+7Mb2Bc6W7SM/nqIbImAm+NtlTRKRF5fId9Jbe+xFooE
Iil8WU06olfnMpQ7ytOIBlMknOsJMGM/jBFxzS/qTEw6inaS6EYjz6GizL9HI9ZE
2mUvhd75SzoIeM11guSKy5KnxYuhAiMG3IdwZKk75vaTuoDA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:57 2023 by rpki-client on console-fra.rpki-client.org