Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/P7wPasCaN2nUFjlIB9oBtMeYQPI.roa
File: P7wPasCaN2nUFjlIB9oBtMeYQPI.roa (raw, json)
Hash identifier: qzm0/zmbphy5KCLERtSfe22vl6n2GfWiCqlkGWfQWfg=
Subject key identifier: 3F:BC:0F:6A:C0:9A:37:69:D4:16:39:48:07:DA:01:B4:C7:98:40:F2
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 08FB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/P7wPasCaN2nUFjlIB9oBtMeYQPI.roa
Signing time: Sun 07 Feb 2021 12:44:59 +0000
ROA not before: Sun 07 Feb 2021 12:44:59 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 27.147.32.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2299 (0x8fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 7 12:44:59 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3FBC0F6AC09A3769D416394807DA01B4C79840F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ec:fd:73:7c:e0:e5:19:a4:b6:6e:20:26:c3:
89:a8:2a:71:b0:c0:c4:aa:b1:f1:31:a4:8f:ca:da:
fc:3b:b8:4f:70:95:1a:cb:ab:8c:fa:53:41:90:3c:
72:a5:55:e4:4f:bc:76:2a:36:9a:d2:e6:8c:e1:bc:
f4:64:2e:03:cf:48:4e:1e:14:a3:58:53:d5:16:4e:
50:f6:d7:28:15:e0:2d:6a:24:8b:c4:31:bd:51:73:
23:66:b5:7e:9f:2a:4c:e9:d7:8d:a5:9c:fe:12:63:
cd:73:4e:c1:39:07:66:98:f7:7c:17:01:42:9b:1b:
5c:ba:ab:05:5f:27:a8:24:f2:0e:cc:f2:a1:3f:18:
77:6d:66:a3:60:5f:a6:8e:30:c7:85:cd:ec:4f:56:
ea:e4:86:c5:e8:8f:eb:6d:f5:a3:5c:68:4c:47:e9:
d1:db:c5:bb:d7:97:77:ec:78:ea:49:e4:6c:ce:9f:
73:0d:71:ab:e1:2f:e8:6e:ba:32:be:d5:c6:88:ab:
6f:fd:8c:5f:70:2d:57:59:81:4d:03:93:e7:07:1e:
1c:a0:e1:45:2d:4c:a5:a8:4b:74:ae:51:33:22:bd:
f6:8a:ed:bd:91:91:b2:21:a3:23:c4:d3:11:71:1a:
51:21:de:48:5e:08:64:b7:e0:5e:6e:74:43:84:5f:
7b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BC:0F:6A:C0:9A:37:69:D4:16:39:48:07:DA:01:B4:C7:98:40:F2
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/P7wPasCaN2nUFjlIB9oBtMeYQPI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.32.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:48:98:9d:e7:64:a0:0c:31:d0:65:57:17:e3:bf:06:46:89:
bb:05:c8:9c:48:95:70:a6:df:ce:d5:65:f4:67:da:97:aa:95:
7a:1b:9d:a0:09:44:e2:9b:a3:7b:61:18:3c:b5:ee:0c:9c:85:
99:5f:d5:dc:36:52:08:2c:f0:d4:ff:40:67:3a:8e:55:41:f2:
9a:fb:f1:ae:21:89:db:39:96:44:52:df:4e:c8:e2:ba:b0:55:
07:eb:13:c8:9b:ad:a5:f6:9f:5f:b5:ee:c6:db:2c:51:fe:a3:
db:cf:cc:10:f6:c9:f4:d1:57:a9:6b:12:a4:95:12:b4:31:41:
3f:9e:c2:76:01:85:8f:93:66:49:cb:73:d5:ba:74:88:9e:5f:
c6:2b:2b:75:b4:5d:2d:cb:03:76:48:74:45:9d:99:4c:60:10:
b7:b2:0c:af:d9:bb:0f:2a:4c:f2:3b:71:38:7a:f5:05:13:89:
59:be:44:c5:eb:e1:4d:cb:3d:8e:5b:d7:1a:56:2a:62:8b:17:
1e:2f:5b:31:31:6e:9c:ad:c0:81:61:08:83:95:7e:ac:5e:de:
db:30:d7:9a:3d:cf:dd:79:46:2d:a8:31:0f:cd:92:c5:1f:5b:
0c:26:06:0a:bc:3e:da:44:16:ec:91:2d:19:0a:23:2a:9e:e2:
94:1e:69:bc
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ0NTlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNGQkMwRjZBQzA5QTM3
NjlENDE2Mzk0ODA3REEwMUI0Qzc5ODQwRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy7P1zfODlGaS2biAmw4moKnGwwMSqsfExpI/K2vw7uE9wlRrL
q4z6U0GQPHKlVeRPvHYqNprS5ozhvPRkLgPPSE4eFKNYU9UWTlD21ygV4C1qJIvE
Mb1RcyNmtX6fKkzp142lnP4SY81zTsE5B2aY93wXAUKbG1y6qwVfJ6gk8g7M8qE/
GHdtZqNgX6aOMMeFzexPVurkhsXoj+tt9aNcaExH6dHbxbvXl3fseOpJ5GzOn3MN
cavhL+huujK+1caIq2/9jF9wLVdZgU0Dk+cHHhyg4UUtTKWoS3SuUTMivfaK7b2R
kbIhoyPE0xFxGlEh3kheCGS34F5udEOEX3sZAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUP7wPasCaN2nUFjlIB9oBtMeYQPIwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9QN3dQYXNDYU4yblVGamxJQjlv
QnRNZVlRUEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQANSJid52SgDDHQZVcX478GRom7BcicSJVwpt/O
1WX0Z9qXqpV6G52gCUTim6N7YRg8te4MnIWZX9XcNlIILPDU/0BnOo5VQfKa+/Gu
IYnbOZZEUt9OyOK6sFUH6xPIm62l9p9fte7G2yxR/qPbz8wQ9sn00VepaxKklRK0
MUE/nsJ2AYWPk2ZJy3PVunSInl/GKyt1tF0tywN2SHRFnZlMYBC3sgyv2bsPKkzy
O3E4evUFE4lZvkTF6+FNyz2OW9caVipiixceL1sxMW6crcCBYQiDlX6sXt7bMNea
Pc/deUYtqDEPzZLFH1sMJgYKvD7aRBbskS0ZCiMqnuKUHmm8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org