Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/NQXthd1JyOABUa5qwP0BvVide-Q.roa
File: NQXthd1JyOABUa5qwP0BvVide-Q.roa (raw, json)
Hash identifier: 791fq4b2NlJIzt17IRFP25CsqXbgjejzQmAQ5UxO7sI=
Subject key identifier: 35:05:ED:85:DD:49:C8:E0:01:51:AE:6A:C0:FD:01:BD:58:9D:7B:E4
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0AEB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/NQXthd1JyOABUa5qwP0BvVide-Q.roa
Signing time: Thu 15 Sep 2022 02:49:25 +0000
ROA not before: Thu 15 Sep 2022 02:49:25 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 124.155.184.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2795 (0xaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 15 02:49:25 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3505ED85DD49C8E00151AE6AC0FD01BD589D7BE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9e:0f:3a:9d:bc:fa:c2:10:33:c4:73:28:cd:
31:79:c9:7c:cf:24:07:d0:e8:3f:8c:3c:5f:2f:3e:
17:ef:15:1c:54:7e:3d:0c:03:eb:89:2e:e4:44:56:
67:4d:e7:2f:11:eb:0f:40:b8:c3:d7:cc:60:62:95:
10:a4:4f:70:20:06:b7:29:0f:c8:56:4f:a6:ae:64:
ec:73:75:52:4a:f6:b3:72:da:3b:2f:ff:c4:ce:cb:
50:6e:c4:00:56:40:bc:c9:8d:25:c7:e9:47:6a:08:
9a:58:8f:05:a6:ae:c7:58:03:f9:c0:b1:ac:bb:17:
52:25:ea:d8:03:79:a9:5e:0b:e3:30:f9:3f:d2:58:
33:82:4b:f3:50:3a:e8:86:88:1f:10:a2:6f:aa:43:
53:b4:80:99:72:1e:4d:1a:c7:c1:f4:f7:19:3d:c9:
82:d9:fd:80:d1:e1:97:b8:d6:44:9b:77:5b:74:21:
9b:e5:a4:7f:43:ec:28:bd:a3:e4:f3:64:89:ed:37:
35:08:1a:31:5f:4b:e4:e8:6b:c0:c1:ac:f6:12:b2:
4d:1a:0a:ec:ac:da:4b:3e:c7:58:17:32:bb:28:ef:
af:b2:89:d5:32:e8:a5:76:ba:84:a6:0f:87:2c:e5:
8f:88:53:d4:34:7b:4e:cc:72:02:ac:ec:c1:86:6f:
84:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:05:ED:85:DD:49:C8:E0:01:51:AE:6A:C0:FD:01:BD:58:9D:7B:E4
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/NQXthd1JyOABUa5qwP0BvVide-Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.184.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:f3:04:cd:73:39:9c:75:40:91:4c:83:f6:4f:25:cb:51:77:
a9:35:9a:a0:24:41:fb:06:e2:2c:e3:0d:ad:c7:e6:f4:ae:c1:
2a:69:bb:32:aa:3f:98:47:66:87:ce:51:ee:31:48:a9:68:70:
33:81:1f:3a:99:e6:c8:f7:d0:68:69:a5:e8:6e:28:47:af:f5:
e3:53:f0:08:7c:75:15:50:6b:1f:0e:9d:18:af:bc:55:10:3f:
95:0a:1c:c5:28:d5:85:9d:bc:a7:1d:f5:c7:fb:1b:e9:b9:48:
90:a4:83:c3:3e:06:45:0d:91:13:c9:98:20:af:b8:d7:62:04:
2a:0a:72:4e:2a:ae:4a:ed:07:f4:5e:dc:4e:13:72:ad:e7:bf:
af:c5:37:cd:9d:22:84:12:0e:6e:90:ae:f2:23:f9:33:08:ed:
31:fe:36:27:e6:35:34:a3:5e:2f:62:a1:d6:4b:e4:a2:11:ab:
7d:c9:8e:45:6f:c1:e9:be:d3:41:24:10:c7:37:f7:d9:0a:d0:
77:8c:b0:4c:25:00:ce:be:18:c0:41:eb:b1:8e:f4:99:93:16:
5c:e0:f6:dc:7a:20:39:fb:b7:2f:1c:84:df:0c:52:2c:c4:f9:
82:a6:4c:bb:a2:b5:c6:be:0e:1a:7c:a2:ec:b8:11:17:af:cf:
cb:99:22:d0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA5MTUw
MjQ5MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM1MDVFRDg1REQ0OUM4
RTAwMTUxQUU2QUMwRkQwMUJENTg5RDdCRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwng86nbz6whAzxHMozTF5yXzPJAfQ6D+MPF8vPhfvFRxUfj0M
A+uJLuREVmdN5y8R6w9AuMPXzGBilRCkT3AgBrcpD8hWT6auZOxzdVJK9rNy2jsv
/8TOy1BuxABWQLzJjSXH6UdqCJpYjwWmrsdYA/nAsay7F1Il6tgDealeC+Mw+T/S
WDOCS/NQOuiGiB8Qom+qQ1O0gJlyHk0ax8H09xk9yYLZ/YDR4Ze41kSbd1t0IZvl
pH9D7Ci9o+TzZIntNzUIGjFfS+Toa8DBrPYSsk0aCuys2ks+x1gXMrso76+yidUy
6KV2uoSmD4cs5Y+IU9Q0e07McgKs7MGGb4QvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUNQXthd1JyOABUa5qwP0BvVide+QwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9OUVh0aGQxSnlPQUJVYTVxd1Aw
QnZWaWRlLVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJu4
MA0GCSqGSIb3DQEBCwUAA4IBAQCe8wTNczmcdUCRTIP2TyXLUXepNZqgJEH7BuIs
4w2tx+b0rsEqabsyqj+YR2aHzlHuMUipaHAzgR86mebI99BoaaXobihHr/XjU/AI
fHUVUGsfDp0Yr7xVED+VChzFKNWFnbynHfXH+xvpuUiQpIPDPgZFDZETyZggr7jX
YgQqCnJOKq5K7Qf0XtxOE3Kt57+vxTfNnSKEEg5ukK7yI/kzCO0x/jYn5jU0o14v
YqHWS+SiEat9yY5Fb8HpvtNBJBDHN/fZCtB3jLBMJQDOvhjAQeuxjvSZkxZc4Pbc
eiA5+7cvHITfDFIsxPmCpky7orXGvg4afKLsuBEXr8/LmSLQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org