Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/QknRzNLNe1DgDdaQs_BfIcvX0QQ.roa
File: QknRzNLNe1DgDdaQs_BfIcvX0QQ.roa (raw, json)
Hash identifier: QSvYgXTAaJ7B5WKMsv9708Gu9Lb8PvraGm6L9fS/Qv0=
Subject key identifier: 42:49:D1:CC:D2:CD:7B:50:E0:0D:D6:90:B3:F0:5F:21:CB:D7:D1:04
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09D6
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/QknRzNLNe1DgDdaQs_BfIcvX0QQ.roa
Signing time: Wed 29 Sep 2021 02:52:02 +0000
ROA not before: Wed 29 Sep 2021 02:52:02 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 45.64.232.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2518 (0x9d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:02 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4249D1CCD2CD7B50E00DD690B3F05F21CBD7D104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:38:47:07:8f:90:f0:d2:c9:94:cc:66:bb:f0:
a2:3f:95:a3:ec:b7:69:2d:11:bd:d4:ee:72:01:c2:
59:72:ac:aa:1c:eb:7f:24:27:e2:6d:ea:99:dc:ca:
33:a4:6e:83:b2:b7:c7:53:39:7a:b3:74:71:ca:fd:
28:b5:dd:31:e3:cb:fc:17:1a:28:ad:5e:57:dc:ee:
f8:71:7c:60:ad:59:d9:87:ca:af:63:23:90:6e:3a:
bc:a8:d5:a2:46:b6:88:ba:7a:3f:d6:4a:b9:85:9b:
d4:26:1c:16:a9:72:bd:8e:70:3b:dd:48:a3:ca:e3:
26:b1:2e:a7:ed:d3:60:d4:74:bd:5c:9c:46:9d:13:
ff:95:ae:d7:0f:ab:1b:61:13:08:d2:d3:34:0c:1e:
80:aa:b4:18:d3:09:d1:20:12:a6:37:3f:50:27:60:
77:bf:f1:59:97:63:89:8c:1d:94:1a:9c:a1:f2:63:
68:f1:10:bf:e6:3d:be:df:53:31:18:4b:8d:b9:ea:
36:4b:a4:73:8d:53:da:5e:a1:5b:55:aa:d9:49:a8:
54:24:8e:3a:b5:dd:a3:2d:03:96:09:c0:18:53:1f:
f9:b4:ca:21:21:86:75:55:b9:86:70:2f:ab:5d:80:
f4:f2:1f:0d:bd:93:6e:fb:bc:38:14:47:df:be:b8:
6a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:49:D1:CC:D2:CD:7B:50:E0:0D:D6:90:B3:F0:5F:21:CB:D7:D1:04
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/QknRzNLNe1DgDdaQs_BfIcvX0QQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.232.0/22
Signature Algorithm: sha256WithRSAEncryption
39:83:90:95:cd:b3:7c:78:2d:f5:3b:da:bf:59:a5:7e:88:87:
25:81:c9:96:3b:ac:50:b3:4c:ad:2f:02:60:55:c8:31:8f:17:
0a:c5:ae:5f:a0:d4:77:d1:b3:3e:b4:3c:d3:6a:4e:5f:2b:65:
f3:f1:90:3c:f0:9c:df:91:56:7c:6a:a8:c0:c8:0b:cb:2e:57:
c7:d2:3a:22:4d:f5:f7:52:61:4b:41:40:8b:61:73:c2:33:0b:
0a:7a:0f:2a:51:c8:f9:58:be:cd:ba:5a:c7:7e:65:e3:3f:94:
07:cb:10:94:20:63:83:3d:b3:68:5f:5f:77:c3:7e:0e:f4:07:
52:a3:7e:3c:2b:1a:3a:d4:32:f0:e6:22:b6:5b:ff:97:2c:f6:
75:61:6a:80:65:28:aa:d8:e1:e8:10:86:69:19:a4:b4:95:5d:
7b:9b:38:57:f7:3e:41:47:2b:61:72:98:27:7d:a2:36:0f:33:
7b:97:90:b4:ad:ee:af:ef:18:9a:a7:d7:24:f2:2c:68:0c:a2:
39:7c:a6:7a:f2:f1:85:c1:ee:77:34:d7:3c:0c:90:c9:76:ec:
7f:0a:8b:97:d0:16:0a:05:d3:94:5a:f2:6f:e5:32:d8:e5:91:
58:98:ff:e9:63:68:fd:a2:93:31:19:20:0f:23:41:d6:d5:d5:
b8:04:16:77
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCdYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQyNDlEMUNDRDJDRDdC
NTBFMDBERDY5MEIzRjA1RjIxQ0JEN0QxMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZOEcHj5Dw0smUzGa78KI/laPst2ktEb3U7nIBwllyrKoc638k
J+Jt6pncyjOkboOyt8dTOXqzdHHK/Si13THjy/wXGiitXlfc7vhxfGCtWdmHyq9j
I5BuOryo1aJGtoi6ej/WSrmFm9QmHBapcr2OcDvdSKPK4yaxLqft02DUdL1cnEad
E/+VrtcPqxthEwjS0zQMHoCqtBjTCdEgEqY3P1AnYHe/8VmXY4mMHZQanKHyY2jx
EL/mPb7fUzEYS4256jZLpHONU9peoVtVqtlJqFQkjjq13aMtA5YJwBhTH/m0yiEh
hnVVuYZwL6tdgPTyHw29k277vDgUR9++uGp5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUQknRzNLNe1DgDdaQs/BfIcvX0QQwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9Ra25Sek5MTmUxRGdEZGFRc19C
ZkljdlgwUVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUDo
MA0GCSqGSIb3DQEBCwUAA4IBAQA5g5CVzbN8eC31O9q/WaV+iIclgcmWO6xQs0yt
LwJgVcgxjxcKxa5foNR30bM+tDzTak5fK2Xz8ZA88JzfkVZ8aqjAyAvLLlfH0joi
TfX3UmFLQUCLYXPCMwsKeg8qUcj5WL7NulrHfmXjP5QHyxCUIGODPbNoX193w34O
9AdSo348Kxo61DLw5iK2W/+XLPZ1YWqAZSiq2OHoEIZpGaS0lV17mzhX9z5BRyth
cpgnfaI2DzN7l5C0re6v7xiap9ck8ixoDKI5fKZ68vGFwe53NNc8DJDJdux/CouX
0BYKBdOUWvJv5TLY5ZFYmP/pY2j9opMxGSAPI0HW1dW4BBZ3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:57 2023 by rpki-client on console-fra.rpki-client.org