Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q7bKpDgR6QVFs1_oxTRx7sVGDeo.roa
File: Q7bKpDgR6QVFs1_oxTRx7sVGDeo.roa (raw, json)
Hash identifier: 0cos0YntT9hmN8N8Hm7p7l4H+bvRtkxLEdnIghf0Llw=
Subject key identifier: 43:B6:CA:A4:38:11:E9:05:45:B3:5F:E8:C5:34:71:EE:C5:46:0D:EA
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0AC5
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q7bKpDgR6QVFs1_oxTRx7sVGDeo.roa
Signing time: Wed 27 Jul 2022 02:27:18 +0000
ROA not before: Wed 27 Jul 2022 02:27:18 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 61.57.128.0/21 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2757 (0xac5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Jul 27 02:27:18 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=43B6CAA43811E90545B35FE8C53471EEC5460DEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7b:10:15:2b:21:87:11:a1:f8:42:2b:01:3e:
6f:02:42:0f:ae:05:0c:42:4b:ba:d5:ce:9b:40:b4:
98:e1:a3:ee:d3:2e:a5:ba:97:a0:15:44:58:73:45:
d1:4e:72:0b:43:da:41:69:a6:75:c6:94:b3:68:56:
5e:ab:fa:7f:c0:2c:5d:3b:a1:8e:88:73:7c:6f:67:
b0:1e:dd:67:36:02:c3:1f:7f:4c:6b:65:3a:c6:92:
3f:70:ab:1c:49:2c:9b:ff:66:38:d2:d4:6c:aa:58:
ee:cc:61:42:97:23:c1:19:dc:4d:46:b8:34:0b:b9:
21:49:96:a1:8a:dd:80:19:01:99:58:0e:e1:70:98:
17:ae:87:c3:92:96:2d:c5:13:6b:cc:a8:69:9f:b5:
a5:ac:4f:a4:0e:d5:6e:42:03:81:0e:5c:72:7a:91:
50:43:13:17:11:13:d2:5e:1a:35:98:02:e8:03:a9:
f1:a4:34:d1:bb:81:ce:78:26:84:5e:2b:32:af:88:
9c:c3:a0:c7:f4:41:ec:9c:40:f2:58:dd:d0:71:5d:
b6:e8:e8:7e:d9:cc:5c:87:c3:72:61:81:fc:61:1b:
d5:a7:ee:b8:00:3e:7c:cb:59:55:fe:6e:b1:9e:1c:
b9:6b:26:81:09:c7:a1:e4:e7:4d:f1:9a:9e:95:dd:
e3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B6:CA:A4:38:11:E9:05:45:B3:5F:E8:C5:34:71:EE:C5:46:0D:EA
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q7bKpDgR6QVFs1_oxTRx7sVGDeo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.128.0/21
Signature Algorithm: sha256WithRSAEncryption
7e:fd:bc:4e:6a:72:14:2f:a3:3d:12:1f:71:1a:3a:57:28:5d:
15:20:80:77:90:59:73:a1:de:3c:01:d4:aa:1a:c5:e7:80:0c:
df:59:0f:6e:ad:c6:a9:32:cc:13:79:b4:bc:4a:7e:1e:e1:fb:
96:77:58:c6:7a:c4:c5:cd:a9:c3:c6:fb:6f:ce:c2:27:f2:b2:
48:e6:42:39:af:fa:15:cd:31:47:a6:70:85:60:1e:2e:e0:06:
a3:f2:32:8e:db:0c:79:0d:d1:77:c7:3a:cf:f0:e8:37:69:98:
1b:2f:da:5a:85:2d:a4:a0:a6:13:f1:60:a9:1f:51:9f:ee:97:
b6:fe:76:af:85:7f:99:80:0c:5d:02:a8:05:3d:c5:40:d6:9c:
e4:d9:7c:63:c9:d7:c3:45:b4:77:fd:c6:5f:31:92:3c:ce:2c:
b1:35:3c:62:d6:e5:35:4d:80:c3:17:5f:47:17:74:55:de:18:
b9:8d:5e:13:37:64:c2:b0:3e:77:ea:d1:8b:6e:c1:17:9c:1d:
38:70:b0:ce:ad:e8:47:08:f8:bd:bb:38:9d:f1:63:e7:16:ec:
78:00:43:59:2b:6c:bd:ce:d1:6c:53:b8:69:48:20:23:98:23:
1e:b9:7c:71:74:35:19:48:c2:88:e6:6d:b6:a7:a0:4c:2e:65:
96:b9:76:30
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA3Mjcw
MjI3MThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQzQjZDQUE0MzgxMUU5
MDU0NUIzNUZFOEM1MzQ3MUVFQzU0NjBERUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiexAVKyGHEaH4QisBPm8CQg+uBQxCS7rVzptAtJjho+7TLqW6
l6AVRFhzRdFOcgtD2kFppnXGlLNoVl6r+n/ALF07oY6Ic3xvZ7Ae3Wc2AsMff0xr
ZTrGkj9wqxxJLJv/ZjjS1GyqWO7MYUKXI8EZ3E1GuDQLuSFJlqGK3YAZAZlYDuFw
mBeuh8OSli3FE2vMqGmftaWsT6QO1W5CA4EOXHJ6kVBDExcRE9JeGjWYAugDqfGk
NNG7gc54JoReKzKviJzDoMf0QeycQPJY3dBxXbbo6H7ZzFyHw3JhgfxhG9Wn7rgA
PnzLWVX+brGeHLlrJoEJx6Hk503xmp6V3eN9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUQ7bKpDgR6QVFs1/oxTRx7sVGDeowHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9RN2JLcERnUjZRVkZzMV9veFRS
eDdzVkdEZW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmA
MA0GCSqGSIb3DQEBCwUAA4IBAQB+/bxOanIUL6M9Eh9xGjpXKF0VIIB3kFlzod48
AdSqGsXngAzfWQ9urcapMswTebS8Sn4e4fuWd1jGesTFzanDxvtvzsIn8rJI5kI5
r/oVzTFHpnCFYB4u4Aaj8jKO2wx5DdF3xzrP8Og3aZgbL9pahS2koKYT8WCpH1Gf
7pe2/navhX+ZgAxdAqgFPcVA1pzk2XxjydfDRbR3/cZfMZI8ziyxNTxi1uU1TYDD
F19HF3RV3hi5jV4TN2TCsD536tGLbsEXnB04cLDOrehHCPi9uzid8WPnFux4AENZ
K2y9ztFsU7hpSCAjmCMeuXxxdDUZSMKI5m22p6BMLmWWuXYw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:47 2023 by rpki-client on console-ams.rpki-client.org