Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/afY_zB6SmAo_qbBj2qFFtE7uUjg.roa
File: afY_zB6SmAo_qbBj2qFFtE7uUjg.roa (raw, json)
Hash identifier: yMq9/BgS9kUZGAoxoFfqsTvrJ2RnPD6gDxIab2gASqQ=
Subject key identifier: 69:F6:3F:CC:1E:92:98:0A:3F:A9:B0:63:DA:A1:45:B4:4E:EE:52:38
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B5F
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/afY_zB6SmAo_qbBj2qFFtE7uUjg.roa
Signing time: Thu 15 Dec 2022 02:57:03 +0000
ROA not before: Thu 15 Dec 2022 02:57:03 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.8.0/21 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2911 (0xb5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:57:03 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=69F63FCC1E92980A3FA9B063DAA145B44EEE5238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:0a:ce:4e:1f:b9:dd:72:f9:ed:75:0c:73:b9:
64:80:3d:8c:87:ad:5f:f0:b2:88:23:7c:26:dd:c0:
ec:20:3c:b3:fa:bf:de:ca:1e:0a:7a:89:21:dc:05:
d5:2a:50:85:17:03:f3:1f:60:59:8d:fc:d7:50:bb:
04:29:eb:87:25:55:21:09:17:0b:35:5a:67:bd:c4:
01:07:f9:b7:69:e3:38:2e:23:da:0a:42:86:e6:2f:
e4:ee:14:d1:ab:55:35:16:77:73:7f:22:ab:95:7f:
99:72:3b:4b:c0:8a:e8:40:bf:35:e0:b1:6c:85:65:
a1:e4:cd:de:3b:50:52:31:43:f7:03:e4:d1:9a:4f:
8a:23:46:70:1d:fb:5b:7c:a2:8e:07:21:fa:c8:85:
2d:e8:a3:41:41:bd:09:cb:64:a3:0b:f3:8c:d7:c9:
60:75:b3:74:32:22:78:2c:d0:b3:71:17:c1:19:6b:
e8:1b:b1:54:81:e4:bc:4a:a0:55:25:4e:a0:cb:c1:
c8:80:22:a6:b7:3c:eb:2c:4f:27:f2:00:a1:47:fc:
1e:d5:48:e0:34:06:35:3e:05:bd:ca:e8:02:14:90:
f1:1f:c7:2b:74:f7:96:f6:94:a0:32:f3:8f:dd:0d:
9d:3b:c9:67:2d:2c:8f:5e:5d:d6:0f:6d:89:10:ab:
ab:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F6:3F:CC:1E:92:98:0A:3F:A9:B0:63:DA:A1:45:B4:4E:EE:52:38
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/afY_zB6SmAo_qbBj2qFFtE7uUjg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.8.0/21
Signature Algorithm: sha256WithRSAEncryption
32:9f:82:c7:75:18:96:01:16:c6:5c:03:a6:11:e3:e3:e7:30:
ab:41:1c:67:ed:84:c9:9e:86:31:f3:db:1f:0e:ef:ea:49:c7:
a9:ee:34:33:6f:5f:a8:6c:0f:a7:0a:87:01:a8:ed:7c:dd:48:
23:89:04:cf:0e:ef:db:54:43:d2:fe:a2:6e:2c:7f:aa:4f:79:
f4:1d:36:11:0c:09:f1:1d:47:37:bd:09:36:43:1b:52:68:01:
7a:d5:5c:ec:c7:8a:87:f6:a7:ee:24:40:e8:bc:6a:00:35:02:
41:2a:f0:e0:6c:6b:1b:21:b4:19:fe:c8:50:39:1b:e4:c3:c7:
84:a0:b0:32:6a:c6:1c:b9:b0:09:8a:d1:d4:24:fd:bc:b7:cf:
fa:dc:ca:1e:75:f9:cd:20:38:43:1c:9b:be:54:c9:cb:7b:c7:
e1:74:56:33:64:db:3f:21:7d:3a:cc:1b:9e:30:53:29:df:08:
7d:4f:8f:7b:c3:2b:0a:8d:e3:8b:51:9c:83:e3:cb:b9:cd:b7:
d3:3f:24:a9:fb:12:76:9c:af:d2:21:84:28:80:2b:a6:52:ae:
64:83:71:41:cd:da:c6:75:c3:2e:8d:e9:ae:e6:80:2e:81:b4:
71:f5:a4:47:cd:c2:d2:fc:b2:00:4f:c6:83:40:cb:4d:ac:ab:
be:79:fc:2c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU3MDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY5RjYzRkNDMUU5Mjk4
MEEzRkE5QjA2M0RBQTE0NUI0NEVFRTUyMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD5Cs5OH7ndcvntdQxzuWSAPYyHrV/wsogjfCbdwOwgPLP6v97K
Hgp6iSHcBdUqUIUXA/MfYFmN/NdQuwQp64clVSEJFws1Wme9xAEH+bdp4zguI9oK
QobmL+TuFNGrVTUWd3N/IquVf5lyO0vAiuhAvzXgsWyFZaHkzd47UFIxQ/cD5NGa
T4ojRnAd+1t8oo4HIfrIhS3oo0FBvQnLZKML84zXyWB1s3QyIngs0LNxF8EZa+gb
sVSB5LxKoFUlTqDLwciAIqa3POssTyfyAKFH/B7VSOA0BjU+Bb3K6AIUkPEfxyt0
95b2lKAy84/dDZ07yWctLI9eXdYPbYkQq6vvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUafY/zB6SmAo/qbBj2qFFtE7uUjgwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9hZllfekI2U21Bb19xYkJqMnFG
RnRFN3VVamcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MI
MA0GCSqGSIb3DQEBCwUAA4IBAQAyn4LHdRiWARbGXAOmEePj5zCrQRxn7YTJnoYx
89sfDu/qScep7jQzb1+obA+nCocBqO183UgjiQTPDu/bVEPS/qJuLH+qT3n0HTYR
DAnxHUc3vQk2QxtSaAF61Vzsx4qH9qfuJEDovGoANQJBKvDgbGsbIbQZ/shQORvk
w8eEoLAyasYcubAJitHUJP28t8/63MoedfnNIDhDHJu+VMnLe8fhdFYzZNs/IX06
zBueMFMp3wh9T497wysKjeOLUZyD48u5zbfTPySp+xJ2nK/SIYQogCumUq5kg3FB
zdrGdcMujemu5oAugbRx9aRHzcLS/LIAT8aDQMtNrKu+efws
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org