Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/NSnss6s7VKKMkyxT0zD--uHD3BM.roa
File: NSnss6s7VKKMkyxT0zD--uHD3BM.roa (raw, json)
Hash identifier: W0Ews/oA+fnnN200AQGUd5b5+TleVv2PeiNGpLVZe/E=
Subject key identifier: 35:29:EC:B3:AB:3B:54:A2:8C:93:2C:53:D3:30:FE:FA:E1:C3:DC:13
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 08FD
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/NSnss6s7VKKMkyxT0zD--uHD3BM.roa
Signing time: Sun 07 Feb 2021 12:45:01 +0000
ROA not before: Sun 07 Feb 2021 12:45:01 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 27.147.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2301 (0x8fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 7 12:45:01 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3529ECB3AB3B54A28C932C53D330FEFAE1C3DC13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:87:d4:c0:f5:7a:25:86:37:9b:24:b5:be:21:
38:c8:9c:8a:49:78:90:d8:70:b6:ac:9f:a9:d8:8e:
51:11:9b:3e:13:4b:78:89:7a:29:95:28:16:c7:6f:
e6:2f:d2:27:18:40:d3:29:04:4d:e5:10:a0:68:17:
27:3e:cf:ea:88:8e:93:a2:4f:93:38:bc:bb:b4:9e:
26:7f:c3:1f:73:dd:a8:e2:08:c4:a4:de:da:8d:4f:
67:df:fe:8a:e5:01:25:a0:d1:1c:50:54:59:13:a2:
8f:c5:ff:e3:96:d7:73:db:71:5a:40:63:76:e5:5f:
8e:92:0f:08:d0:d8:05:38:e8:51:a6:4d:59:58:f5:
c2:67:d0:9e:f9:5b:a5:c1:9c:ce:6f:ba:d2:af:97:
48:1c:67:e0:fe:f8:c6:05:f0:0c:a4:51:52:ec:08:
dc:7d:17:24:2a:d3:13:ef:8b:2d:99:1f:93:d1:73:
e6:ad:b7:9a:f1:a1:06:77:ec:16:48:e9:0d:86:52:
a0:2f:d5:f2:d1:3d:47:f6:33:9a:c4:d1:f0:66:13:
fb:e7:06:85:6f:96:53:8c:9b:a9:af:6f:e3:4a:c9:
ee:3b:0a:6c:3f:cb:28:89:5a:39:5c:44:8b:9a:93:
85:5f:08:ad:30:b5:ec:00:3a:08:e5:c2:77:fc:4e:
17:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:29:EC:B3:AB:3B:54:A2:8C:93:2C:53:D3:30:FE:FA:E1:C3:DC:13
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/NSnss6s7VKKMkyxT0zD--uHD3BM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.40.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:36:01:c7:68:8e:b1:8f:cc:90:e1:c8:a1:83:cf:26:52:30:
58:01:8f:31:fc:43:68:ab:74:d5:04:45:72:8f:23:00:a9:6e:
21:51:ca:7c:df:63:e7:f4:06:1e:ca:fa:d4:6f:08:a9:4c:92:
5c:ba:31:4a:3a:9f:3c:17:e6:7d:41:31:b9:e8:fd:1f:e6:c2:
3e:11:01:16:f3:90:10:bf:c7:15:fc:a4:6f:5c:3f:9b:2c:0e:
67:f3:0e:df:2e:78:8e:85:1e:b2:ff:8b:2b:09:44:91:52:ab:
1d:dc:07:c8:0e:f4:91:3c:ec:9b:95:42:b6:11:e5:38:a3:53:
fc:2b:e2:90:88:b0:22:e6:76:ba:15:6c:49:43:ef:1d:21:84:
8e:f4:f5:71:2c:da:8f:d9:88:3f:36:cf:23:ac:97:2e:ef:04:
9a:75:1b:21:20:8f:87:d2:46:b5:97:2c:17:84:9f:08:77:12:
29:ad:53:73:42:90:16:d8:31:9c:d4:fc:04:3a:7f:57:bc:92:
a8:c9:95:99:35:52:f8:47:89:3f:6d:b3:41:28:58:cf:6d:31:
f4:9f:5e:ef:df:f9:5d:39:78:17:71:42:f6:d3:ac:c8:3d:2e:
50:1a:77:cc:47:77:32:6b:85:9a:48:b6:86:2a:8d:a9:db:5f:
b8:bd:21:a8
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ1MDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM1MjlFQ0IzQUIzQjU0
QTI4QzkzMkM1M0QzMzBGRUZBRTFDM0RDMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzh9TA9XolhjebJLW+ITjInIpJeJDYcLasn6nYjlERmz4TS3iJ
eimVKBbHb+Yv0icYQNMpBE3lEKBoFyc+z+qIjpOiT5M4vLu0niZ/wx9z3ajiCMSk
3tqNT2ff/orlASWg0RxQVFkToo/F/+OW13PbcVpAY3blX46SDwjQ2AU46FGmTVlY
9cJn0J75W6XBnM5vutKvl0gcZ+D++MYF8AykUVLsCNx9FyQq0xPviy2ZH5PRc+at
t5rxoQZ37BZI6Q2GUqAv1fLRPUf2M5rE0fBmE/vnBoVvllOMm6mvb+NKye47Cmw/
yyiJWjlcRIuak4VfCK0wtewAOgjlwnf8ThePAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUNSnss6s7VKKMkyxT0zD++uHD3BMwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9OU25zczZzN1ZLS01reXhUMHpE
LS11SEQzQk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mo
MA0GCSqGSIb3DQEBCwUAA4IBAQA9NgHHaI6xj8yQ4cihg88mUjBYAY8x/ENoq3TV
BEVyjyMAqW4hUcp832Pn9AYeyvrUbwipTJJcujFKOp88F+Z9QTG56P0f5sI+EQEW
85AQv8cV/KRvXD+bLA5n8w7fLniOhR6y/4srCUSRUqsd3AfIDvSRPOyblUK2EeU4
o1P8K+KQiLAi5na6FWxJQ+8dIYSO9PVxLNqP2Yg/Ns8jrJcu7wSadRshII+H0ka1
lywXhJ8IdxIprVNzQpAW2DGc1PwEOn9XvJKoyZWZNVL4R4k/bbNBKFjPbTH0n17v
3/ldOXgXcUL206zIPS5QGnfMR3cya4WaSLaGKo2p21+4vSGo
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org