Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/_Rxlba4cStoIMqLZIXTZskHINc4.roa
File: _Rxlba4cStoIMqLZIXTZskHINc4.roa (raw, json)
Hash identifier: +jLzmPvAn9Qyt0yMHu7Z8B+1dod0ZaEMcr+J2nAJVtw=
Subject key identifier: FD:1C:65:6D:AE:1C:4A:DA:08:32:A2:D9:21:74:D9:B2:41:C8:35:CE
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0A74
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/_Rxlba4cStoIMqLZIXTZskHINc4.roa
Signing time: Thu 21 Apr 2022 02:42:52 +0000
ROA not before: Thu 21 Apr 2022 02:42:52 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 61.57.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2676 (0xa74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Apr 21 02:42:52 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=FD1C656DAE1C4ADA0832A2D92174D9B241C835CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ee:e9:e9:d2:ad:ce:f0:3c:09:2e:ca:81:7a:
54:19:ba:70:1c:15:1f:8e:63:d9:86:19:e9:14:9f:
cd:09:ca:2c:37:8b:90:0e:9b:78:0f:08:68:46:df:
cb:9a:f3:63:92:77:e0:03:eb:ad:ae:d5:dc:02:eb:
a2:75:fe:d4:b8:44:a7:81:41:f9:7a:1b:de:bc:fa:
fb:27:bc:c4:2b:ea:b4:b3:9a:d3:a6:77:60:58:11:
14:a7:ff:e3:00:82:0a:8a:f6:82:f4:fe:9d:42:18:
5a:f8:5f:8e:0b:d7:32:63:f4:af:c9:b1:46:40:6d:
75:47:e6:0e:b6:50:f1:77:ac:2e:8e:d2:99:1f:33:
ae:95:f3:57:d1:d4:9d:19:6d:b3:79:be:e3:e7:c2:
3f:3b:b4:b9:39:70:4d:4d:48:33:a7:a5:13:62:fc:
c9:97:e1:b8:cb:32:85:3e:8c:94:2f:8d:7b:21:86:
72:f8:83:81:e1:eb:a8:3e:ad:a6:e0:fb:2b:0e:a4:
17:81:e7:cf:65:25:46:1c:08:74:88:3b:4b:d5:59:
ec:be:36:9e:4b:e6:b3:50:a4:2f:46:4c:3d:3b:7c:
79:41:3e:69:52:bc:73:88:b7:7d:23:4a:ef:03:51:
34:6d:c7:11:21:87:48:ee:90:22:38:17:fd:b6:fe:
9e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1C:65:6D:AE:1C:4A:DA:08:32:A2:D9:21:74:D9:B2:41:C8:35:CE
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/_Rxlba4cStoIMqLZIXTZskHINc4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.156.0/22
Signature Algorithm: sha256WithRSAEncryption
31:a8:25:1c:14:5f:93:8c:af:d7:6f:ea:9a:12:83:8a:19:5e:
ed:e1:ef:e1:a6:22:ce:6d:4f:c0:38:e5:8e:db:a5:a5:e0:c7:
3c:80:ab:26:1a:03:6a:87:df:f3:34:e6:b4:e6:ff:41:75:d5:
f8:3e:af:dd:0b:19:f6:b1:26:64:35:5b:a2:cc:dc:75:14:c5:
50:83:40:ef:b7:96:db:ad:c3:c2:a4:d5:cd:50:62:40:1e:d1:
03:d4:84:3e:e4:ba:ad:d1:eb:b9:f8:bd:95:86:5c:fe:d2:58:
a4:d6:70:66:72:11:67:18:7b:11:dc:97:6f:d6:94:3b:e3:92:
08:c2:da:0b:43:cf:e8:68:6b:87:91:23:df:5c:fe:5e:7f:72:
9f:57:b8:19:ef:fe:aa:7e:ba:a3:35:36:c2:c2:16:70:ff:a9:
28:a3:64:2b:12:f1:13:e5:62:eb:9c:f5:3e:d0:b2:60:33:2f:
2f:aa:4e:f8:2f:a7:1c:73:62:a4:51:9f:32:f7:d7:a9:03:00:
cd:66:d1:97:d1:13:0b:e5:03:e2:e1:58:17:de:07:f2:a3:b9:
94:59:cc:d9:72:e1:ec:64:67:2d:26:ca:da:ac:ad:5f:a8:12:
87:a0:ed:1a:8c:1f:28:79:d1:36:12:29:b6:42:f5:2c:53:7a:
69:3f:e3:4e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCnQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA0MjEw
MjQyNTJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEZEMUM2NTZEQUUxQzRB
REEwODMyQTJEOTIxNzREOUIyNDFDODM1Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC87unp0q3O8DwJLsqBelQZunAcFR+OY9mGGekUn80Jyiw3i5AO
m3gPCGhG38ua82OSd+AD662u1dwC66J1/tS4RKeBQfl6G968+vsnvMQr6rSzmtOm
d2BYERSn/+MAggqK9oL0/p1CGFr4X44L1zJj9K/JsUZAbXVH5g62UPF3rC6O0pkf
M66V81fR1J0ZbbN5vuPnwj87tLk5cE1NSDOnpRNi/MmX4bjLMoU+jJQvjXshhnL4
g4Hh66g+rabg+ysOpBeB589lJUYcCHSIO0vVWey+Np5L5rNQpC9GTD07fHlBPmlS
vHOIt30jSu8DUTRtxxEhh0jukCI4F/22/p6xAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU/Rxlba4cStoIMqLZIXTZskHINc4wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9fUnhsYmE0Y1N0b0lNcUxaSVhU
WnNrSElOYzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPTmc
MA0GCSqGSIb3DQEBCwUAA4IBAQAxqCUcFF+TjK/Xb+qaEoOKGV7t4e/hpiLObU/A
OOWO26Wl4Mc8gKsmGgNqh9/zNOa05v9BddX4Pq/dCxn2sSZkNVuizNx1FMVQg0Dv
t5bbrcPCpNXNUGJAHtED1IQ+5Lqt0eu5+L2Vhlz+0lik1nBmchFnGHsR3Jdv1pQ7
45IIwtoLQ8/oaGuHkSPfXP5ef3KfV7gZ7/6qfrqjNTbCwhZw/6koo2QrEvET5WLr
nPU+0LJgMy8vqk74L6ccc2KkUZ8y99epAwDNZtGX0RML5QPi4VgX3gfyo7mUWczZ
cuHsZGctJsrarK1fqBKHoO0ajB8oedE2Eim2QvUsU3ppP+NO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org