Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/LZhIjDB0hBPLrWWboaiJ9h9x7Ss.roa
File: LZhIjDB0hBPLrWWboaiJ9h9x7Ss.roa (raw, json)
Hash identifier: X3CjspCuxMSBjelH5H5fxQV9dwmU4TfbGpqIUh/egzg=
Subject key identifier: 2D:98:48:8C:30:74:84:13:CB:AD:65:9B:A1:A8:89:F6:1F:71:ED:2B
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B54
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/LZhIjDB0hBPLrWWboaiJ9h9x7Ss.roa
Signing time: Thu 15 Dec 2022 02:57:00 +0000
ROA not before: Thu 15 Dec 2022 02:57:00 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.24.0/21 maxlen: 21
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2900 (0xb54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:57:00 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2D98488C30748413CBAD659BA1A889F61F71ED2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:90:82:42:69:07:06:58:1c:6f:7a:78:3d:ad:
2f:28:cd:b4:fd:f1:2c:9f:99:5e:28:48:e9:cf:2b:
4d:2d:eb:b9:88:e0:72:c7:be:05:93:81:88:e4:3c:
23:36:d1:a1:d3:95:b8:e4:17:f9:e9:14:b0:27:f0:
d9:32:fc:b2:1a:06:bd:10:1d:f1:c5:30:21:b2:96:
08:75:1c:4f:db:7f:55:ec:ba:83:49:25:27:06:0d:
a1:76:fa:b9:04:52:f9:7a:71:f5:f1:2d:2f:1d:18:
01:71:5f:2f:20:0e:6a:bd:be:e6:f7:77:91:48:5f:
3b:5a:9c:a1:2c:88:8c:35:cd:d1:db:b9:bd:b3:db:
38:c6:22:15:8f:57:41:5e:e7:10:35:c0:b1:fe:dc:
f4:6a:70:fa:1f:89:ae:df:49:aa:19:d4:36:7d:27:
8e:14:ea:d3:1d:5c:43:66:ca:c3:f3:57:86:8f:b6:
01:a5:ff:77:7a:0f:2c:11:e6:aa:9e:06:2d:c0:c9:
58:84:25:c5:3e:b2:76:ed:82:f4:29:e7:a9:3d:aa:
ef:02:d7:79:fe:ff:de:75:92:9a:6d:50:c1:68:c3:
ab:0c:d9:e1:62:5a:ac:2d:ce:e8:03:3d:78:71:e3:
0b:b0:b7:e6:df:72:dd:08:70:a1:aa:21:17:4a:ef:
d1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:98:48:8C:30:74:84:13:CB:AD:65:9B:A1:A8:89:F6:1F:71:ED:2B
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/LZhIjDB0hBPLrWWboaiJ9h9x7Ss.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.24.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:b8:c7:be:9c:da:12:af:ab:06:9e:78:fd:d8:56:c0:ee:da:
db:c8:4e:bb:9a:53:32:fe:33:fc:34:6f:92:60:1c:73:8a:a6:
d8:e1:d7:4d:bc:87:78:6d:45:55:24:c1:b6:64:38:b8:54:ea:
0d:bc:2b:3c:5a:df:e4:c0:f3:aa:ac:77:af:5d:0e:14:3c:d4:
e3:1c:20:49:2b:8d:52:13:70:14:00:ae:8c:0d:33:32:42:91:
a3:bc:fa:86:c4:21:64:76:8a:e2:43:54:b8:0f:b3:07:86:df:
dc:e4:09:e8:66:ac:6c:5d:f4:9f:58:d3:b7:98:3b:ed:35:cf:
65:4a:b5:2f:0f:77:10:27:10:6a:a5:94:5c:5f:bb:8b:fe:73:
95:3e:ad:85:1e:38:06:34:47:57:89:17:20:ab:cf:3f:9f:3a:
5b:8a:93:a8:8f:44:c0:88:f8:c3:6c:0b:71:44:d1:fe:73:d0:
85:75:f8:23:4f:6a:55:d1:56:f6:ec:3d:e3:46:bc:5a:51:33:
29:6a:06:74:9f:08:65:58:d7:e5:c2:cb:21:72:c7:3e:73:20:
5d:3b:2c:4a:79:32:e3:11:ae:d6:41:fe:64:2d:71:96:12:80:
21:52:88:da:30:31:af:bf:c2:ac:aa:47:45:c4:1f:06:c4:f8:
31:44:7a:5d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC1QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU3MDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJEOTg0ODhDMzA3NDg0
MTNDQkFENjU5QkExQTg4OUY2MUY3MUVEMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHkIJCaQcGWBxveng9rS8ozbT98SyfmV4oSOnPK00t67mI4HLH
vgWTgYjkPCM20aHTlbjkF/npFLAn8Nky/LIaBr0QHfHFMCGylgh1HE/bf1XsuoNJ
JScGDaF2+rkEUvl6cfXxLS8dGAFxXy8gDmq9vub3d5FIXztanKEsiIw1zdHbub2z
2zjGIhWPV0Fe5xA1wLH+3PRqcPofia7fSaoZ1DZ9J44U6tMdXENmysPzV4aPtgGl
/3d6DywR5qqeBi3AyViEJcU+snbtgvQp56k9qu8C13n+/951kpptUMFow6sM2eFi
WqwtzugDPXhx4wuwt+bfct0IcKGqIRdK79EFAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQULZhIjDB0hBPLrWWboaiJ9h9x7SswHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9MWmhJakRCMGhCUExyV1dib2Fp
SjloOXg3U3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MY
MA0GCSqGSIb3DQEBCwUAA4IBAQB7uMe+nNoSr6sGnnj92FbA7trbyE67mlMy/jP8
NG+SYBxziqbY4ddNvId4bUVVJMG2ZDi4VOoNvCs8Wt/kwPOqrHevXQ4UPNTjHCBJ
K41SE3AUAK6MDTMyQpGjvPqGxCFkdoriQ1S4D7MHht/c5AnoZqxsXfSfWNO3mDvt
Nc9lSrUvD3cQJxBqpZRcX7uL/nOVPq2FHjgGNEdXiRcgq88/nzpbipOoj0TAiPjD
bAtxRNH+c9CFdfgjT2pV0Vb27D3jRrxaUTMpagZ0nwhlWNflwsshcsc+cyBdOyxK
eTLjEa7WQf5kLXGWEoAhUojaMDGvv8KsqkdFxB8GxPgxRHpd
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:39 2025 by rpki-client