Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/Ygwfsk7D6MccLD0wIZPgjmTdw-w.roa
File: Ygwfsk7D6MccLD0wIZPgjmTdw-w.roa (raw, json)
Hash identifier: YV6+5CUiZ66cIZaZnKfAY1HOvK0aMBjvficybOD56mY=
Subject key identifier: 62:0C:1F:B2:4E:C3:E8:C7:1C:2C:3D:30:21:93:E0:8E:64:DD:C3:EC
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0AEB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Ygwfsk7D6MccLD0wIZPgjmTdw-w.roa
Signing time: Thu 15 Sep 2022 02:49:24 +0000
ROA not before: Thu 15 Sep 2022 02:49:24 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 124.155.168.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2795 (0xaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 15 02:49:24 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=620C1FB24EC3E8C71C2C3D302193E08E64DDC3EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a4:89:9b:f3:3e:3b:32:5b:06:5c:7e:8b:3b:
8e:c3:70:73:d8:36:90:b3:55:9b:e4:fd:2a:97:39:
b5:3f:65:8e:c7:ff:1c:c9:f7:17:7e:11:5b:da:b1:
b0:e4:3d:fb:b5:9b:43:da:6d:4e:9b:be:3a:16:38:
18:db:bb:3b:3b:10:8d:2a:b8:64:84:35:c0:19:ab:
80:87:8d:b6:9a:4c:d8:5f:41:65:ee:d5:a3:80:0c:
39:50:fb:1e:c4:a4:48:bb:a8:da:17:7b:91:eb:23:
00:c0:8d:47:21:a3:af:95:b4:fc:0b:f2:1f:d8:4d:
06:71:4e:9a:f3:fd:c4:bc:2a:1e:b9:a4:16:68:91:
6b:fc:f9:4b:3c:3d:ed:c0:49:22:78:10:2c:a8:7b:
08:72:16:a5:98:72:ca:b6:d3:f8:5f:30:9f:ee:08:
51:dd:ab:1f:ef:b8:6d:04:3e:bb:0d:57:30:58:66:
11:85:3d:be:06:1c:3f:df:6b:d3:1d:81:59:2d:d6:
da:5a:27:0a:df:52:f1:41:c0:45:0e:a8:1d:ad:82:
bc:5f:a2:01:cd:d7:a7:b3:40:db:52:2a:a8:45:df:
16:f7:54:4e:3c:5a:c5:93:08:fe:da:20:01:70:54:
8a:47:df:33:c4:3c:30:8b:da:49:87:3f:28:64:a6:
60:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0C:1F:B2:4E:C3:E8:C7:1C:2C:3D:30:21:93:E0:8E:64:DD:C3:EC
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Ygwfsk7D6MccLD0wIZPgjmTdw-w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.168.0/21
Signature Algorithm: sha256WithRSAEncryption
58:32:31:8b:ba:43:76:45:93:5e:80:a3:4f:ff:c3:98:69:db:
0b:4e:fc:b7:c2:3b:13:fe:2d:a4:05:c2:89:6a:78:15:f4:9c:
88:4b:dc:b4:04:ad:01:40:17:5d:00:6a:81:ee:84:a5:bc:19:
8f:af:00:bd:77:04:af:f7:e5:70:13:b2:cd:50:9b:18:a1:8f:
74:5e:02:8b:9a:5e:83:a2:95:65:a2:ce:cc:bb:15:7c:08:b9:
5f:fe:09:80:e5:7f:cd:d0:32:ce:3b:81:af:80:c9:77:7d:15:
34:3a:25:29:12:79:7a:62:9b:9f:4c:c2:75:f2:22:59:91:55:
b2:b0:03:7f:d6:c2:37:e8:9e:9b:cc:80:bf:b8:98:78:01:6d:
58:83:76:76:65:09:3c:d3:f4:1e:a1:bd:25:9c:cb:b7:12:0e:
b5:50:9e:39:d9:29:50:cf:62:7e:81:2d:2f:81:05:06:64:b9:
43:8a:9d:a3:37:4e:26:77:99:b6:bd:b8:8c:78:9f:4f:5d:c2:
a5:6b:2b:a9:56:d1:25:fc:b7:18:39:5a:0e:2a:f4:a5:51:78:
9d:c3:d9:cb:58:3c:e0:49:87:25:7f:a2:ea:ef:73:48:5f:27:
89:75:c5:5f:81:ec:b9:6a:ff:7e:ed:1d:0d:db:54:bc:28:26:
91:f9:49:45
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA5MTUw
MjQ5MjRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYyMEMxRkIyNEVDM0U4
QzcxQzJDM0QzMDIxOTNFMDhFNjREREMzRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCapImb8z47MlsGXH6LO47DcHPYNpCzVZvk/SqXObU/ZY7H/xzJ
9xd+EVvasbDkPfu1m0PabU6bvjoWOBjbuzs7EI0quGSENcAZq4CHjbaaTNhfQWXu
1aOADDlQ+x7EpEi7qNoXe5HrIwDAjUcho6+VtPwL8h/YTQZxTprz/cS8Kh65pBZo
kWv8+Us8Pe3ASSJ4ECyoewhyFqWYcsq20/hfMJ/uCFHdqx/vuG0EPrsNVzBYZhGF
Pb4GHD/fa9MdgVkt1tpaJwrfUvFBwEUOqB2tgrxfogHN16ezQNtSKqhF3xb3VE48
WsWTCP7aIAFwVIpH3zPEPDCL2kmHPyhkpmDxAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUYgwfsk7D6MccLD0wIZPgjmTdw+wwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9ZZ3dmc2s3RDZNY2NMRDB3SVpQ
Z2ptVGR3LXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJuo
MA0GCSqGSIb3DQEBCwUAA4IBAQBYMjGLukN2RZNegKNP/8OYadsLTvy3wjsT/i2k
BcKJangV9JyIS9y0BK0BQBddAGqB7oSlvBmPrwC9dwSv9+VwE7LNUJsYoY90XgKL
ml6DopVlos7MuxV8CLlf/gmA5X/N0DLOO4GvgMl3fRU0OiUpEnl6YpufTMJ18iJZ
kVWysAN/1sI36J6bzIC/uJh4AW1Yg3Z2ZQk80/Qeob0lnMu3Eg61UJ452SlQz2J+
gS0vgQUGZLlDip2jN04md5m2vbiMeJ9PXcKlayupVtEl/LcYOVoOKvSlUXidw9nL
WDzgSYclf6Lq73NIXyeJdcVfgey5av9+7R0N21S8KCaR+UlF
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org