Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/Lj3tJX12E_uyTRCen6SX9s6kxpE.roa
File: Lj3tJX12E_uyTRCen6SX9s6kxpE.roa (raw, json)
Hash identifier: lWSPwkGvswbYRZ7ZXTrjRkC7j6oO5v/KPA9PnfpdkIw=
Subject key identifier: 2E:3D:ED:25:7D:76:13:FB:B2:4D:10:9E:9F:A4:97:F6:CE:A4:C6:91
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09CC
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Lj3tJX12E_uyTRCen6SX9s6kxpE.roa
Signing time: Wed 29 Sep 2021 02:52:00 +0000
ROA not before: Wed 29 Sep 2021 02:52:00 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 27.147.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2508 (0x9cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:00 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=2E3DED257D7613FBB24D109E9FA497F6CEA4C691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7d:6a:89:c6:ba:ba:cf:5d:aa:e2:38:fe:f1:
d4:4c:03:51:62:93:61:ae:de:82:42:88:1e:b0:be:
a1:2d:82:21:03:61:d1:ec:90:f8:77:e1:2d:e0:5b:
c9:a1:f6:18:c1:35:8c:f4:5d:46:d4:fa:f3:a7:6f:
d9:ed:5c:24:7c:11:b0:5b:c9:10:45:30:c2:23:df:
25:3c:35:29:87:2e:9a:96:f0:a4:db:92:b4:20:67:
b3:c4:98:bc:c9:43:fb:cd:af:4b:9d:bd:b5:49:9c:
55:cd:f3:bb:f3:9d:23:cb:6c:fb:fa:5d:52:2d:e2:
2e:2c:93:cf:fe:d7:c9:9f:11:11:b9:64:37:10:b9:
1e:95:44:88:cd:40:c1:ae:c0:45:db:33:4c:bc:1d:
11:e8:81:64:ef:5d:e4:2b:df:e4:38:df:fe:8c:5f:
c1:8b:9a:21:60:17:80:59:fd:b6:8e:83:62:e0:62:
f6:8e:a0:a0:a4:b5:c3:f2:f9:f9:52:00:f3:26:e1:
4f:eb:eb:9d:39:6b:79:5d:42:01:f0:c3:6b:51:ec:
eb:32:b2:30:6f:8a:ea:07:52:b0:97:95:c3:9a:a0:
d9:a1:44:6a:42:18:2e:96:b4:5e:7b:f7:22:25:b7:
9d:cf:38:de:49:a1:09:0f:95:ac:f2:21:e9:72:c1:
a1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:3D:ED:25:7D:76:13:FB:B2:4D:10:9E:9F:A4:97:F6:CE:A4:C6:91
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Lj3tJX12E_uyTRCen6SX9s6kxpE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.12.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:51:9b:43:a0:50:0b:a9:10:4f:67:07:cd:d2:69:2e:d6:ef:
67:8b:10:6d:68:6c:f5:d1:ca:f5:c8:8b:69:1c:58:c3:57:46:
52:02:0e:fd:88:7d:9e:c9:d9:7c:94:1e:1b:78:61:0b:f5:5e:
40:89:25:b4:b1:ba:a2:06:01:ae:89:30:f6:f6:28:50:b3:37:
fa:ff:3a:33:c3:c5:a8:f6:d9:cf:04:20:98:1a:81:2c:ed:cc:
4f:ea:56:a1:6d:42:e6:1a:57:6f:b6:b5:94:a3:35:9c:41:27:
6b:b2:8a:1c:68:e4:34:f5:0c:f7:3a:9e:fb:64:5b:57:49:07:
af:27:7a:b7:b6:21:80:cf:df:4a:87:a2:3b:4e:27:f7:a9:ac:
d9:37:d4:36:c3:e1:d9:1d:e7:86:dc:fd:87:71:a5:8a:62:5d:
11:ff:c3:17:12:84:16:4c:db:90:e9:90:a8:b1:2e:02:f1:02:
62:47:bb:54:47:91:3f:d5:98:c2:87:e7:5e:e4:90:3a:ea:82:
95:44:da:e2:e7:af:c5:15:33:df:05:15:54:a8:41:3c:2c:19:
12:bb:33:ae:e4:02:3a:9c:a0:3c:6c:3b:02:52:6d:d0:fa:13:
27:65:3f:5a:7c:f3:26:97:b8:cd:6c:59:fb:33:15:90:b6:60:
70:4f:05:75
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDJFM0RFRDI1N0Q3NjEz
RkJCMjREMTA5RTlGQTQ5N0Y2Q0VBNEM2OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2fWqJxrq6z12q4jj+8dRMA1Fik2Gu3oJCiB6wvqEtgiEDYdHs
kPh34S3gW8mh9hjBNYz0XUbU+vOnb9ntXCR8EbBbyRBFMMIj3yU8NSmHLpqW8KTb
krQgZ7PEmLzJQ/vNr0udvbVJnFXN87vznSPLbPv6XVIt4i4sk8/+18mfERG5ZDcQ
uR6VRIjNQMGuwEXbM0y8HRHogWTvXeQr3+Q43/6MX8GLmiFgF4BZ/baOg2LgYvaO
oKCktcPy+flSAPMm4U/r6505a3ldQgHww2tR7OsysjBviuoHUrCXlcOaoNmhRGpC
GC6WtF579yIlt53PON5JoQkPlazyIelywaHVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQULj3tJX12E/uyTRCen6SX9s6kxpEwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9MajN0SlgxMkVfdXlUUkNlbjZT
WDlzNmt4cEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCG5MM
MA0GCSqGSIb3DQEBCwUAA4IBAQAfUZtDoFALqRBPZwfN0mku1u9nixBtaGz10cr1
yItpHFjDV0ZSAg79iH2eydl8lB4beGEL9V5AiSW0sbqiBgGuiTD29ihQszf6/zoz
w8Wo9tnPBCCYGoEs7cxP6lahbULmGldvtrWUozWcQSdrsoocaOQ09Qz3Op77ZFtX
SQevJ3q3tiGAz99Kh6I7Tif3qazZN9Q2w+HZHeeG3P2HcaWKYl0R/8MXEoQWTNuQ
6ZCosS4C8QJiR7tUR5E/1ZjCh+de5JA66oKVRNri56/FFTPfBRVUqEE8LBkSuzOu
5AI6nKA8bDsCUm3Q+hMnZT9afPMml7jNbFn7MxWQtmBwTwV1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org