Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/_1pO-6OgRbFzAqjjN8vqxGaB_Lc.roa
File: _1pO-6OgRbFzAqjjN8vqxGaB_Lc.roa (raw, json)
Hash identifier: D0kSBMuZ7iwVpR44SQv9Ftzi2zMxjZl7qZs3wxv69lw=
Subject key identifier: FF:5A:4E:FB:A3:A0:45:B1:73:02:A8:E3:37:CB:EA:C4:66:81:FC:B7
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0786
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/_1pO-6OgRbFzAqjjN8vqxGaB_Lc.roa
Signing time: Tue 29 Sep 2020 09:59:25 +0000
ROA not before: Tue 29 Sep 2020 09:59:25 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 27.147.32.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1926 (0x786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 09:59:25 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=FF5A4EFBA3A045B17302A8E337CBEAC46681FCB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:42:af:c5:a0:da:0c:8c:8d:8c:f9:da:23:66:
00:75:dc:31:aa:78:a4:46:b1:21:85:15:df:b9:43:
00:24:ab:c9:28:45:4e:b6:ad:46:1a:7f:27:5a:d4:
c2:f3:13:88:e7:b6:c4:0d:51:44:a7:c6:73:ad:61:
2f:8e:ca:31:39:8b:23:47:3a:07:19:1f:39:0d:38:
86:36:75:2e:9e:da:a7:d0:bd:55:98:bf:67:03:a4:
4e:ca:08:90:c8:95:f3:32:75:1e:11:e2:07:bb:57:
c8:5b:a5:df:b1:99:01:58:af:cd:bd:ce:87:a1:c2:
c4:ac:42:3a:2e:28:36:64:bb:d7:ec:7a:1a:44:db:
ae:b1:de:92:3c:36:a0:89:5a:c8:f5:b6:7f:07:3a:
d8:17:8d:74:30:48:34:0d:3d:86:54:b4:cd:d5:f0:
6f:cf:9a:b2:bb:89:b3:f4:cc:bc:bf:87:c3:9b:a9:
2a:8b:17:d8:ed:45:33:9e:21:d1:5e:cc:f5:61:e5:
24:1d:91:89:ed:fe:10:fc:fe:3b:fa:46:d7:49:49:
f7:49:c7:e7:2c:85:bc:29:f5:c3:ce:05:2f:1e:57:
d6:03:97:fe:14:cb:c7:c0:1d:36:87:d3:4b:cb:b4:
c6:6d:9b:aa:5e:00:e5:c9:6c:0c:6d:69:8a:e9:74:
d1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5A:4E:FB:A3:A0:45:B1:73:02:A8:E3:37:CB:EA:C4:66:81:FC:B7
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/_1pO-6OgRbFzAqjjN8vqxGaB_Lc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.32.0/21
Signature Algorithm: sha256WithRSAEncryption
35:de:71:4b:b4:aa:a0:65:c0:bc:11:62:d6:d8:77:3a:62:44:
53:e2:40:0c:70:fd:b3:4b:4a:5a:77:ca:28:05:8f:ab:de:f3:
e0:c3:25:f3:8f:f5:71:83:e7:11:69:31:13:39:5d:7f:f2:89:
45:f7:8b:9a:76:fb:d9:f3:c6:be:a9:07:0e:32:42:68:63:ba:
12:6f:b6:01:91:42:d6:4b:0e:38:ac:e5:fb:2b:97:45:00:bb:
05:96:bb:c4:4f:2c:34:2b:85:00:d9:01:f1:37:ef:f9:13:58:
0c:61:ed:62:44:d9:76:d7:b7:b8:c3:4f:c8:44:a9:e0:70:5c:
da:aa:97:e8:55:3c:75:c7:e1:e6:6e:9a:5e:4a:c8:4b:b8:a0:
a3:0f:82:d5:d3:09:9f:67:12:82:e7:27:38:23:ec:24:ee:03:
b7:73:a5:66:c0:b9:9a:8f:5d:88:81:ab:1c:5a:07:62:4f:f0:
5e:1e:70:4c:22:1e:05:01:11:87:8c:fc:e6:34:da:64:fe:48:
6e:28:30:de:ee:53:81:52:76:35:dc:26:7b:88:c7:7c:5c:6f:
17:da:4d:58:42:92:d7:d9:e3:d9:08:f9:99:de:75:db:85:2c:
c5:ce:d0:11:ba:9a:30:4d:ca:81:d7:52:de:40:cd:ce:a1:6d:
48:3a:f5:17
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMDA5Mjkw
OTU5MjVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEZGNUE0RUZCQTNBMDQ1
QjE3MzAyQThFMzM3Q0JFQUM0NjY4MUZDQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0Qq/FoNoMjI2M+dojZgB13DGqeKRGsSGFFd+5QwAkq8koRU62
rUYafyda1MLzE4jntsQNUUSnxnOtYS+OyjE5iyNHOgcZHzkNOIY2dS6e2qfQvVWY
v2cDpE7KCJDIlfMydR4R4ge7V8hbpd+xmQFYr829zoehwsSsQjouKDZku9fsehpE
266x3pI8NqCJWsj1tn8HOtgXjXQwSDQNPYZUtM3V8G/PmrK7ibP0zLy/h8ObqSqL
F9jtRTOeIdFezPVh5SQdkYnt/hD8/jv6RtdJSfdJx+cshbwp9cPOBS8eV9YDl/4U
y8fAHTaH00vLtMZtm6peAOXJbAxtaYrpdNF3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU/1pO+6OgRbFzAqjjN8vqxGaB/LcwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9fMXBPLTZPZ1JiRnpBcWpqTjh2
cXhHYUJfTGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQA13nFLtKqgZcC8EWLW2Hc6YkRT4kAMcP2zS0pa
d8ooBY+r3vPgwyXzj/Vxg+cRaTETOV1/8olF94uadvvZ88a+qQcOMkJoY7oSb7YB
kULWSw44rOX7K5dFALsFlrvETyw0K4UA2QHxN+/5E1gMYe1iRNl217e4w0/IRKng
cFzaqpfoVTx1x+HmbppeSshLuKCjD4LV0wmfZxKC5yc4I+wk7gO3c6VmwLmaj12I
gascWgdiT/BeHnBMIh4FARGHjPzmNNpk/khuKDDe7lOBUnY13CZ7iMd8XG8X2k1Y
QpLX2ePZCPmZ3nXbhSzFztARupowTcqB11LeQM3OoW1IOvUX
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org