Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/U46XjXRxeknS0bxF-5zkWYmRgv0.roa
File: U46XjXRxeknS0bxF-5zkWYmRgv0.roa (raw, json)
Hash identifier: ZO20SBc+M7dXW9Skd3DxKpTk6yGWtffRGQgSs1Utu18=
Subject key identifier: 53:8E:97:8D:74:71:7A:49:D2:D1:BC:45:FB:9C:E4:59:89:91:82:FD
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0909
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/U46XjXRxeknS0bxF-5zkWYmRgv0.roa
Signing time: Sun 07 Feb 2021 12:45:10 +0000
ROA not before: Sun 07 Feb 2021 12:45:10 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 45.64.232.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2313 (0x909)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 7 12:45:10 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=538E978D74717A49D2D1BC45FB9CE459899182FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:58:9b:4a:29:6b:52:94:aa:2f:02:f1:07:8f:
a1:04:b9:57:13:ec:f9:34:19:09:bd:c2:c9:6f:9c:
c1:3a:4e:8c:a8:1e:ac:ac:a9:01:c1:02:8e:bd:3d:
52:00:46:9a:76:21:5a:94:e6:fe:87:95:0c:97:e9:
84:7d:eb:76:66:74:15:ff:6a:2e:fd:d8:c1:be:23:
4e:f5:c4:eb:75:1a:3f:28:b0:1f:1b:a5:71:7d:bd:
82:e2:61:cf:ec:03:b8:a3:95:2d:fb:f2:a9:bc:ed:
6d:27:79:56:0d:1b:ea:f5:1b:62:9d:a1:dd:d0:a4:
65:41:82:fc:b3:e4:85:0a:f1:3a:32:8d:37:d6:9e:
9d:33:e2:99:b5:8c:7d:1c:02:43:db:3a:a3:a4:51:
c8:18:4e:d7:31:56:11:02:c2:9c:38:66:4a:b8:db:
54:9e:36:ea:95:c1:9c:8e:5e:4c:f4:9e:66:b5:ad:
8b:84:0e:cc:33:db:6f:1f:bc:70:27:9b:8d:76:3b:
9a:0e:a6:c8:8a:0d:83:dc:d4:93:44:8e:06:f8:01:
68:a4:52:08:d4:ee:c8:d3:bb:06:17:e1:a1:5f:d2:
49:b7:d4:24:47:29:da:4b:4e:37:04:cf:60:59:27:
f4:92:a2:55:18:03:34:46:d0:99:23:56:4d:37:bd:
90:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8E:97:8D:74:71:7A:49:D2:D1:BC:45:FB:9C:E4:59:89:91:82:FD
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/U46XjXRxeknS0bxF-5zkWYmRgv0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.232.0/22
Signature Algorithm: sha256WithRSAEncryption
72:db:17:80:c4:72:95:fd:81:b7:4b:e0:47:cb:61:2a:bc:af:
78:75:3b:d6:b3:aa:d6:0b:2d:f3:aa:96:d5:00:9f:8e:b2:52:
90:17:5c:d0:94:57:16:df:7f:a1:e8:f9:f1:00:91:41:f9:1e:
03:31:7f:60:4a:02:fb:81:65:6f:c8:bd:f7:64:6a:c4:88:d9:
8b:74:a1:92:06:17:13:ae:df:87:8f:db:d7:81:73:44:95:0b:
e1:5d:a6:97:49:a9:59:b7:c9:11:a6:b2:4a:bf:ca:9b:d5:e0:
8f:f2:46:df:20:5c:0b:f7:fa:05:cc:7c:80:8b:83:70:68:7b:
6b:b2:30:8c:7a:6a:b3:f4:6a:cb:cc:62:3d:29:8e:b4:ea:51:
5d:a0:fe:bb:b3:ca:d2:3a:77:06:f3:bf:e1:47:a0:a2:02:a2:
0c:bf:36:34:0e:d8:12:eb:44:7e:0c:48:13:25:d3:93:10:63:
c4:1e:f7:6b:82:ca:3c:d2:c7:f2:51:cb:18:43:f0:3f:3f:5d:
1e:ae:a4:9b:a2:43:7a:c3:ba:54:ba:4f:18:a0:25:2d:c8:d3:
f2:db:1a:b0:84:fe:90:78:13:4b:f9:d2:d5:c1:8f:9c:b2:3e:
92:72:f7:54:ca:08:b5:44:01:06:d5:9f:9d:56:ee:61:36:09:
bb:d1:42:03
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ1MTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDUzOEU5NzhENzQ3MTdB
NDlEMkQxQkM0NUZCOUNFNDU5ODk5MTgyRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoWJtKKWtSlKovAvEHj6EEuVcT7Pk0GQm9wslvnME6ToyoHqys
qQHBAo69PVIARpp2IVqU5v6HlQyX6YR963ZmdBX/ai792MG+I071xOt1Gj8osB8b
pXF9vYLiYc/sA7ijlS378qm87W0neVYNG+r1G2Kdod3QpGVBgvyz5IUK8ToyjTfW
np0z4pm1jH0cAkPbOqOkUcgYTtcxVhECwpw4Zkq421SeNuqVwZyOXkz0nma1rYuE
Dswz228fvHAnm412O5oOpsiKDYPc1JNEjgb4AWikUgjU7sjTuwYX4aFf0km31CRH
KdpLTjcEz2BZJ/SSolUYAzRG0JkjVk03vZBzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUU46XjXRxeknS0bxF+5zkWYmRgv0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9VNDZYalhSeGVrblMwYnhGLTV6
a1dZbVJndjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUDo
MA0GCSqGSIb3DQEBCwUAA4IBAQBy2xeAxHKV/YG3S+BHy2EqvK94dTvWs6rWCy3z
qpbVAJ+OslKQF1zQlFcW33+h6PnxAJFB+R4DMX9gSgL7gWVvyL33ZGrEiNmLdKGS
BhcTrt+Hj9vXgXNElQvhXaaXSalZt8kRprJKv8qb1eCP8kbfIFwL9/oFzHyAi4Nw
aHtrsjCMemqz9GrLzGI9KY606lFdoP67s8rSOncG87/hR6CiAqIMvzY0DtgS60R+
DEgTJdOTEGPEHvdrgso80sfyUcsYQ/A/P10erqSbokN6w7pUuk8YoCUtyNPy2xqw
hP6QeBNL+dLVwY+csj6ScvdUygi1RAEG1Z+dVu5hNgm70UID
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:57 2023 by rpki-client on console-fra.rpki-client.org