Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/MrmWqMKektZg7ar-hAzAugLQyT0.roa
File: MrmWqMKektZg7ar-hAzAugLQyT0.roa (raw, json)
Hash identifier: 1JpUVwjzG9t7Qa9MN683ynHvFvhQKo94FgfgdOtklHk=
Subject key identifier: 32:B9:96:A8:C2:9E:92:D6:60:ED:AA:FE:84:0C:C0:BA:02:D0:C9:3D
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 078F
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/MrmWqMKektZg7ar-hAzAugLQyT0.roa
Signing time: Tue 29 Sep 2020 09:59:28 +0000
ROA not before: Tue 29 Sep 2020 09:59:28 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 61.57.136.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1935 (0x78f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 09:59:28 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=32B996A8C29E92D660EDAAFE840CC0BA02D0C93D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ab:6a:d0:e6:d5:52:b8:d7:4b:ea:81:18:2b:
a0:93:6b:99:b6:8d:a5:16:c2:4b:dc:a4:fd:d1:a2:
9a:a3:4e:93:48:74:94:57:9f:81:cd:8b:d3:48:76:
44:f2:e6:c7:e4:4c:a8:51:2b:80:02:7c:e1:d3:44:
79:d1:90:9a:31:58:8a:46:dd:a1:d7:13:c0:3e:2e:
33:b9:3b:44:8f:38:ef:28:cd:0c:06:d6:71:9a:9c:
07:d3:84:9c:42:75:2f:ad:23:5c:62:12:10:35:33:
6c:33:ee:b8:cd:36:e4:ab:0c:d9:28:52:37:07:3f:
17:26:e6:f0:22:ff:db:c0:73:ad:1c:d8:8d:9e:89:
20:33:53:45:04:e9:43:8a:27:51:cf:a3:32:ca:f8:
12:4f:65:d3:0b:a1:18:9e:43:b5:60:42:a4:a8:52:
14:7d:38:20:89:c0:7e:13:da:97:56:18:9d:e1:72:
4f:b9:fc:ee:3e:af:50:ae:ce:66:d8:ea:21:89:6a:
ba:84:b6:4b:6f:0f:bc:3d:e7:b4:5b:8c:01:86:70:
78:01:9f:b6:10:a5:e2:a3:38:7b:a9:3f:6f:bb:36:
ed:23:76:76:e6:fb:89:19:22:7b:26:af:29:8b:89:
89:8e:0f:d7:76:f6:f3:8e:98:82:17:c0:ae:07:5f:
78:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B9:96:A8:C2:9E:92:D6:60:ED:AA:FE:84:0C:C0:BA:02:D0:C9:3D
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/MrmWqMKektZg7ar-hAzAugLQyT0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.136.0/21
Signature Algorithm: sha256WithRSAEncryption
70:54:92:44:83:52:21:44:6a:bd:04:a5:2b:c8:17:f5:ec:06:
5c:35:80:67:37:39:cf:88:2d:19:7c:d6:24:e6:b0:c7:59:52:
4b:34:d3:8b:0b:8e:6c:ae:4a:45:ed:b2:a5:6d:47:07:f9:96:
d1:77:3d:b4:49:9c:e6:b3:f1:3b:a0:20:2b:87:6d:62:c9:eb:
48:e0:e8:3a:e8:bc:da:9e:46:b2:32:7d:da:75:40:d3:50:a4:
01:28:d3:a6:d0:42:3d:65:62:67:78:0d:ab:90:91:f1:b2:c7:
5e:a0:5c:48:68:db:e1:78:11:46:77:87:a1:df:e5:dd:d3:d4:
97:72:cf:42:c3:fb:95:b0:30:18:36:34:0a:cb:43:26:a5:80:
7e:88:23:72:45:58:c0:07:29:d5:bc:04:64:f1:8e:fa:d2:c3:
d5:85:aa:e8:5d:04:2f:33:b7:06:ac:f4:7a:3b:f5:bb:a5:d2:
e2:8f:c3:24:95:be:45:43:76:90:05:5d:b5:dd:c4:32:a1:21:
38:08:ae:cd:58:e5:68:f2:34:a6:92:43:fb:5d:85:03:cd:ec:
a3:b1:88:6c:b7:af:41:45:17:4e:01:eb:57:64:8c:88:24:cb:
10:be:9f:22:d8:9b:47:54:00:98:e6:2d:23:ea:57:53:41:12:
20:97:8b:ea
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMDA5Mjkw
OTU5MjhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDMyQjk5NkE4QzI5RTky
RDY2MEVEQUFGRTg0MENDMEJBMDJEMEM5M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFq2rQ5tVSuNdL6oEYK6CTa5m2jaUWwkvcpP3RopqjTpNIdJRX
n4HNi9NIdkTy5sfkTKhRK4ACfOHTRHnRkJoxWIpG3aHXE8A+LjO5O0SPOO8ozQwG
1nGanAfThJxCdS+tI1xiEhA1M2wz7rjNNuSrDNkoUjcHPxcm5vAi/9vAc60c2I2e
iSAzU0UE6UOKJ1HPozLK+BJPZdMLoRieQ7VgQqSoUhR9OCCJwH4T2pdWGJ3hck+5
/O4+r1CuzmbY6iGJarqEtktvD7w957RbjAGGcHgBn7YQpeKjOHupP2+7Nu0jdnbm
+4kZInsmrymLiYmOD9d29vOOmIIXwK4HX3h1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUMrmWqMKektZg7ar+hAzAugLQyT0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9Ncm1XcU1LZWt0Wmc3YXItaEF6
QXVnTFF5VDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmI
MA0GCSqGSIb3DQEBCwUAA4IBAQBwVJJEg1IhRGq9BKUryBf17AZcNYBnNznPiC0Z
fNYk5rDHWVJLNNOLC45srkpF7bKlbUcH+ZbRdz20SZzms/E7oCArh21iyetI4Og6
6LzankayMn3adUDTUKQBKNOm0EI9ZWJneA2rkJHxssdeoFxIaNvheBFGd4eh3+Xd
09SXcs9Cw/uVsDAYNjQKy0MmpYB+iCNyRVjABynVvARk8Y760sPVharoXQQvM7cG
rPR6O/W7pdLij8Mklb5FQ3aQBV213cQyoSE4CK7NWOVo8jSmkkP7XYUDzeyjsYhs
t69BRRdOAetXZIyIJMsQvp8i2JtHVACY5i0j6ldTQRIgl4vq
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org