Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/XQ_y7JNIX6QiHX0-PFOnALGev-0.roa
File: XQ_y7JNIX6QiHX0-PFOnALGev-0.roa (raw, json)
Hash identifier: 2rM+wJWVyYpwpzsPQCYoEIonpznOYz3f3y2hhv4LK2A=
Subject key identifier: 5D:0F:F2:EC:93:48:5F:A4:22:1D:7D:3E:3C:53:A7:00:B1:9E:BF:ED
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 091D
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XQ_y7JNIX6QiHX0-PFOnALGev-0.roa
Signing time: Sun 07 Feb 2021 12:45:25 +0000
ROA not before: Sun 07 Feb 2021 12:45:25 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 123.50.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2333 (0x91d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 7 12:45:25 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=5D0FF2EC93485FA4221D7D3E3C53A700B19EBFED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1d:e5:c1:ff:69:47:ea:31:59:fe:ad:96:d4:
fb:ec:5a:e9:24:10:d5:31:41:b3:bf:09:e7:75:7c:
32:b7:f7:21:03:af:32:7e:da:fe:e5:1f:5d:5f:f3:
fa:71:f3:94:68:e6:70:0f:4c:4f:32:d4:cd:1a:77:
e2:26:38:6e:8f:50:df:47:36:0f:d4:6e:74:2d:57:
eb:17:42:fc:fc:04:c5:ea:d5:24:fb:f1:5e:f7:27:
f6:d7:0c:28:fe:93:a1:4c:a6:17:87:08:eb:fc:9a:
68:0a:94:8f:f9:c6:8d:bf:a9:d6:02:f0:3b:c8:66:
7f:dc:f8:5a:b8:b7:56:46:b1:c1:d4:26:1c:3a:08:
78:8e:29:0d:c6:ac:d8:93:52:23:be:15:e6:5d:64:
7e:6e:2a:02:dd:16:f4:b5:8a:fc:47:a4:79:3b:06:
60:b5:15:97:94:5e:d9:dc:19:67:76:cb:91:f8:49:
9c:43:ce:09:6a:e1:de:22:a8:65:32:68:bb:ee:b0:
07:9e:09:3d:9d:f2:2b:7c:33:c0:06:a7:4c:f9:03:
b2:5a:ed:66:5c:e5:f3:e7:3b:dc:e7:41:57:09:c3:
62:c5:41:8c:21:e8:e2:a9:05:24:93:e9:69:bd:95:
e7:80:1a:32:d6:e0:5d:0b:67:8b:fd:96:14:00:33:
ea:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0F:F2:EC:93:48:5F:A4:22:1D:7D:3E:3C:53:A7:00:B1:9E:BF:ED
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XQ_y7JNIX6QiHX0-PFOnALGev-0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.50.61.0/24
Signature Algorithm: sha256WithRSAEncryption
13:45:19:21:e3:99:4f:14:9b:e8:5d:28:e6:2a:ba:38:23:4f:
b9:73:1e:fb:45:ed:70:a5:27:7f:e4:3b:d3:b3:d9:fa:71:9d:
1b:32:8c:5b:45:7b:47:ba:c8:aa:21:0b:54:43:ad:53:ca:a2:
8c:7c:72:c1:a2:d4:f4:fb:f7:d4:cf:65:e5:c1:77:72:4d:c9:
40:f5:e1:81:7f:e8:3b:54:92:68:88:87:9e:14:29:98:08:f8:
7e:e2:7e:be:95:77:e0:8b:6e:80:1f:64:b1:0e:74:22:8c:1d:
c9:27:0c:46:6d:5c:27:5c:f3:df:81:40:c1:3d:88:ff:4f:95:
94:96:be:57:22:ca:b0:9f:74:99:0b:80:c4:f3:38:bf:30:09:
2f:47:91:f3:e8:6d:43:a9:d1:ca:9a:e0:2a:57:aa:69:f9:75:
38:a8:61:5a:b2:62:cc:c4:10:64:8c:aa:72:17:39:ba:01:ea:
64:2c:97:d1:7c:f8:11:e4:28:3b:c8:fc:aa:b1:92:1d:64:7f:
60:17:26:c9:54:32:55:56:25:94:9f:87:df:77:f3:a8:b9:74:
54:c3:de:ca:a7:02:56:74:43:a8:e4:8e:c7:a9:2b:36:f3:fa:
1e:c6:b4:b8:e1:de:66:1f:39:07:d4:23:5c:17:62:f2:a2:85:
ab:aa:6b:36
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ1MjVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDVEMEZGMkVDOTM0ODVG
QTQyMjFEN0QzRTNDNTNBNzAwQjE5RUJGRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6HeXB/2lH6jFZ/q2W1PvsWukkENUxQbO/Ced1fDK39yEDrzJ+
2v7lH11f8/px85Ro5nAPTE8y1M0ad+ImOG6PUN9HNg/UbnQtV+sXQvz8BMXq1ST7
8V73J/bXDCj+k6FMpheHCOv8mmgKlI/5xo2/qdYC8DvIZn/c+Fq4t1ZGscHUJhw6
CHiOKQ3GrNiTUiO+FeZdZH5uKgLdFvS1ivxHpHk7BmC1FZeUXtncGWd2y5H4SZxD
zglq4d4iqGUyaLvusAeeCT2d8it8M8AGp0z5A7Ja7WZc5fPnO9znQVcJw2LFQYwh
6OKpBSST6Wm9leeAGjLW4F0LZ4v9lhQAM+rHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUXQ/y7JNIX6QiHX0+PFOnALGev+0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9YUV95N0pOSVg2UWlIWDAtUEZP
bkFMR2V2LTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAezI9
MA0GCSqGSIb3DQEBCwUAA4IBAQATRRkh45lPFJvoXSjmKro4I0+5cx77Re1wpSd/
5DvTs9n6cZ0bMoxbRXtHusiqIQtUQ61TyqKMfHLBotT0+/fUz2XlwXdyTclA9eGB
f+g7VJJoiIeeFCmYCPh+4n6+lXfgi26AH2SxDnQijB3JJwxGbVwnXPPfgUDBPYj/
T5WUlr5XIsqwn3SZC4DE8zi/MAkvR5Hz6G1DqdHKmuAqV6pp+XU4qGFasmLMxBBk
jKpyFzm6AepkLJfRfPgR5Cg7yPyqsZIdZH9gFybJVDJVViWUn4ffd/OouXRUw97K
pwJWdEOo5I7HqSs28/oexrS44d5mHzkH1CNcF2LyooWrqms2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org