Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/OC7fnNetEOKIhZtM4b6UTijbY7A.roa
File: OC7fnNetEOKIhZtM4b6UTijbY7A.roa (raw, json)
Hash identifier: ZJBPnBtS3i/vRL9ExEu4GjcQgXtSXsEQY6cY3Xa2BRk=
Subject key identifier: 38:2E:DF:9C:D7:AD:10:E2:88:85:9B:4C:E1:BE:94:4E:28:DB:63:B0
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B58
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/OC7fnNetEOKIhZtM4b6UTijbY7A.roa
Signing time: Thu 15 Dec 2022 02:57:01 +0000
ROA not before: Thu 15 Dec 2022 02:57:01 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.48.0/21 maxlen: 21
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2904 (0xb58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:57:01 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=382EDF9CD7AD10E288859B4CE1BE944E28DB63B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:08:a7:6f:ad:b3:dd:2f:71:f2:cd:ac:29:93:
d6:56:74:89:2f:4a:0c:a7:cd:b1:b7:37:c7:20:df:
d9:41:38:f4:17:c4:81:91:e8:a5:e4:a5:4f:53:ed:
c3:60:6d:48:1c:2b:a2:9f:33:c9:18:cd:4d:6b:1c:
75:67:18:db:e1:a9:46:69:8e:87:4f:23:fe:f1:7e:
d7:fd:03:13:60:ef:0f:1b:86:72:57:2b:51:90:b4:
ad:bd:ea:1b:1e:0c:0e:e1:67:fa:d4:41:f2:d8:f7:
e3:68:f1:b1:4c:af:64:3c:a5:73:5f:1f:05:9b:c9:
b6:3e:1e:cc:13:be:7f:db:53:08:a2:9f:74:cc:5d:
c3:50:d2:e8:d6:15:34:f9:b1:2b:cd:be:cf:81:49:
50:89:5f:88:3a:8f:a9:36:46:39:b1:e7:06:ff:10:
58:00:61:48:0a:27:00:22:e5:0f:c6:71:d4:f1:63:
4e:28:bd:c7:9e:e0:fb:9c:4c:31:fb:86:6a:46:1b:
e8:3b:62:c0:70:84:56:82:a3:a1:f8:e4:ee:68:ec:
63:5e:48:75:71:70:a1:aa:79:82:6b:42:bd:75:20:
80:eb:17:91:34:63:50:a4:d1:c7:79:c4:d6:51:a8:
93:b0:e0:02:e2:20:90:ff:01:fb:a2:9d:99:56:e3:
cb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2E:DF:9C:D7:AD:10:E2:88:85:9B:4C:E1:BE:94:4E:28:DB:63:B0
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/OC7fnNetEOKIhZtM4b6UTijbY7A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.48.0/21
Signature Algorithm: sha256WithRSAEncryption
29:cc:9d:86:1d:32:9e:fc:fd:7a:ae:2d:f0:80:e2:cd:d9:6f:
3a:cd:73:2f:0c:7a:f6:91:c3:27:03:43:55:46:40:b9:a6:3f:
d2:89:87:72:e8:2d:81:9b:d9:52:4e:1e:d0:4f:e9:ba:e3:e9:
f5:9b:d9:8b:14:a8:9c:e4:b7:f5:87:a0:8e:63:39:a8:84:3a:
c4:fd:a2:04:58:7d:d2:3d:18:8e:36:10:39:7d:3a:10:93:c8:
88:7a:60:92:60:ec:2a:6a:92:83:b0:88:07:01:14:6b:57:4d:
da:99:b8:43:b7:ee:ec:a2:79:0b:59:ff:12:be:7f:7b:01:df:
43:c8:f7:99:d8:31:2d:cb:22:66:aa:f6:a3:76:43:5b:94:7b:
66:bc:0f:18:f6:54:c1:7f:9a:e9:18:4b:ac:8e:ea:2f:7a:58:
13:73:73:89:8b:97:12:22:de:7b:27:d9:c6:c2:1e:5c:3f:25:
ba:20:d3:ec:78:52:0e:e2:78:7a:a9:0c:21:0d:b6:fb:16:57:
9c:38:a7:4b:90:4c:a6:b5:90:9e:a8:2c:4e:79:40:e1:f5:e3:
da:81:76:ff:44:7a:a2:c2:c7:aa:f9:08:83:fd:67:6a:ed:59:
d4:8c:d8:07:0b:5a:bc:39:c2:73:08:de:8b:cc:5f:77:aa:b3:
ef:8b:ad:81
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC1gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU3MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM4MkVERjlDRDdBRDEw
RTI4ODg1OUI0Q0UxQkU5NDRFMjhEQjYzQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpCKdvrbPdL3Hyzawpk9ZWdIkvSgynzbG3N8cg39lBOPQXxIGR
6KXkpU9T7cNgbUgcK6KfM8kYzU1rHHVnGNvhqUZpjodPI/7xftf9AxNg7w8bhnJX
K1GQtK296hseDA7hZ/rUQfLY9+No8bFMr2Q8pXNfHwWbybY+HswTvn/bUwiin3TM
XcNQ0ujWFTT5sSvNvs+BSVCJX4g6j6k2Rjmx5wb/EFgAYUgKJwAi5Q/GcdTxY04o
vcee4PucTDH7hmpGG+g7YsBwhFaCo6H45O5o7GNeSHVxcKGqeYJrQr11IIDrF5E0
Y1Ck0cd5xNZRqJOw4ALiIJD/AfuinZlW48uNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUOC7fnNetEOKIhZtM4b6UTijbY7AwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9PQzdmbk5ldEVPS0loWnRNNGI2
VVRpamJZN0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mw
MA0GCSqGSIb3DQEBCwUAA4IBAQApzJ2GHTKe/P16ri3wgOLN2W86zXMvDHr2kcMn
A0NVRkC5pj/SiYdy6C2Bm9lSTh7QT+m64+n1m9mLFKic5Lf1h6COYzmohDrE/aIE
WH3SPRiONhA5fToQk8iIemCSYOwqapKDsIgHARRrV03ambhDt+7sonkLWf8Svn97
Ad9DyPeZ2DEtyyJmqvajdkNblHtmvA8Y9lTBf5rpGEusjuovelgTc3OJi5cSIt57
J9nGwh5cPyW6INPseFIO4nh6qQwhDbb7FlecOKdLkEymtZCeqCxOeUDh9ePagXb/
RHqiwseq+QiD/Wdq7VnUjNgHC1q8OcJzCN6LzF93qrPvi62B
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:03 2025 by rpki-client