Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/N77oQksCMVQYcAmSg-KZ9DXsz3k.roa
File: N77oQksCMVQYcAmSg-KZ9DXsz3k.roa (raw, json)
Hash identifier: rQh5KqHTysbifm/yMEUHQm/mdEjOfSt477WtBrJBIcs=
Subject key identifier: 37:BE:E8:42:4B:02:31:54:18:70:09:92:83:E2:99:F4:35:EC:CF:79
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09D0
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/N77oQksCMVQYcAmSg-KZ9DXsz3k.roa
Signing time: Wed 29 Sep 2021 02:52:01 +0000
ROA not before: Wed 29 Sep 2021 02:52:01 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 27.147.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2512 (0x9d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:01 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=37BEE8424B0231541870099283E299F435ECCF79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6f:60:44:9e:b5:88:9d:7f:e8:91:6f:61:2e:
1b:64:25:09:94:02:71:27:8b:76:b4:e6:d6:85:0a:
02:87:05:16:8f:ac:6c:52:fb:57:5f:ad:49:f7:3a:
0f:39:cf:c0:3c:61:20:a9:32:50:90:34:4a:f9:44:
93:e0:a4:5f:e2:76:92:db:ec:b5:dc:3c:13:34:e7:
46:87:15:a8:cb:ea:ce:64:58:ae:82:ba:46:9f:1d:
db:c0:3a:7c:61:b3:a5:0d:aa:e6:79:c4:d7:06:f5:
e9:de:0c:1b:0a:25:10:fd:c7:93:b8:5a:f3:4b:6c:
07:dd:2e:91:1a:0a:be:74:b7:b1:af:e5:9b:1a:78:
89:4c:3b:ad:57:39:ba:3c:50:58:88:4d:16:15:45:
d2:96:c3:be:69:37:32:42:22:af:4f:19:73:53:75:
23:5e:6a:8b:60:7a:9f:75:f9:60:91:c7:29:75:29:
ce:d6:3d:43:65:79:77:a8:a1:87:49:28:0c:27:8a:
b8:3b:c7:8c:e0:71:5c:f1:7a:27:c7:de:29:b1:8a:
c1:85:82:92:45:40:62:51:ef:0e:08:5e:34:f9:93:
1e:e9:4f:b0:8f:d5:9a:02:11:3d:13:7d:c6:41:8f:
5b:5f:73:fb:97:0f:af:d4:4a:9d:c8:2a:d0:8c:7d:
8d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BE:E8:42:4B:02:31:54:18:70:09:92:83:E2:99:F4:35:EC:CF:79
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/N77oQksCMVQYcAmSg-KZ9DXsz3k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.40.0/21
Signature Algorithm: sha256WithRSAEncryption
16:21:44:14:a2:9a:af:b3:d9:48:b7:11:58:f7:c9:f4:84:52:
09:35:e0:f4:eb:3e:fd:0f:f8:e5:8a:fd:76:f4:50:f6:b3:42:
e7:74:31:29:28:6f:fe:39:35:6a:4a:b1:3a:b3:fa:b2:05:b1:
e4:b6:55:32:d7:23:8f:01:75:57:eb:ea:ea:31:e1:a8:4d:0e:
7f:45:5b:f6:ce:d9:df:f9:2e:5f:4b:b6:50:bc:ae:fd:a0:69:
58:d1:85:dc:fa:2a:37:b2:bb:10:56:e8:b6:80:d2:a9:8e:af:
ca:27:48:0b:fb:5d:ca:51:e3:17:d9:3e:fb:25:bc:fb:53:3d:
90:0a:07:82:0c:02:dd:ee:c8:73:0c:ac:64:3c:96:99:e1:ae:
ba:23:43:a0:35:80:ce:93:63:9c:e7:8a:68:72:62:2e:af:88:
2a:e9:12:d0:40:d9:da:13:c8:69:a7:da:bc:0e:35:51:31:60:
a9:a4:65:6d:c8:3b:36:5f:66:0b:1c:6f:6a:ec:58:66:e8:88:
3c:81:0c:5d:52:8a:45:64:42:d1:3b:bf:d9:9a:04:4e:ee:9b:
bb:90:5a:06:ac:be:d7:7a:74:5a:b8:11:6f:b9:ef:f2:7c:74:
bb:35:0e:1c:ba:55:f3:d4:a4:98:18:b5:b7:5d:2e:d4:0c:fe:
ff:f9:f2:b3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCdAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM3QkVFODQyNEIwMjMx
NTQxODcwMDk5MjgzRTI5OUY0MzVFQ0NGNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKb2BEnrWInX/okW9hLhtkJQmUAnEni3a05taFCgKHBRaPrGxS
+1dfrUn3Og85z8A8YSCpMlCQNEr5RJPgpF/idpLb7LXcPBM050aHFajL6s5kWK6C
ukafHdvAOnxhs6UNquZ5xNcG9eneDBsKJRD9x5O4WvNLbAfdLpEaCr50t7Gv5Zsa
eIlMO61XObo8UFiITRYVRdKWw75pNzJCIq9PGXNTdSNeaotgep91+WCRxyl1Kc7W
PUNleXeooYdJKAwnirg7x4zgcVzxeifH3imxisGFgpJFQGJR7w4IXjT5kx7pT7CP
1ZoCET0TfcZBj1tfc/uXD6/USp3IKtCMfY39AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUN77oQksCMVQYcAmSg+KZ9DXsz3kwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9ONzdvUWtzQ01WUVljQW1TZy1L
WjlEWHN6M2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mo
MA0GCSqGSIb3DQEBCwUAA4IBAQAWIUQUopqvs9lItxFY98n0hFIJNeD06z79D/jl
iv129FD2s0LndDEpKG/+OTVqSrE6s/qyBbHktlUy1yOPAXVX6+rqMeGoTQ5/RVv2
ztnf+S5fS7ZQvK79oGlY0YXc+io3srsQVui2gNKpjq/KJ0gL+13KUeMX2T77Jbz7
Uz2QCgeCDALd7shzDKxkPJaZ4a66I0OgNYDOk2Oc54pocmIur4gq6RLQQNnaE8hp
p9q8DjVRMWCppGVtyDs2X2YLHG9q7Fhm6Ig8gQxdUopFZELRO7/ZmgRO7pu7kFoG
rL7XenRauBFvue/yfHS7NQ4culXz1KSYGLW3XS7UDP7/+fKz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org