Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/e5L9sgYkeh1GwlkjVtHD5U5u7W0.roa
File: e5L9sgYkeh1GwlkjVtHD5U5u7W0.roa (raw, json)
Hash identifier: W6fV5bYN9CIGZG5BJ2mtmyO9LpNNshPLKv0YMOB7f2I=
Subject key identifier: 7B:92:FD:B2:06:24:7A:1D:46:C2:59:23:56:D1:C3:E5:4E:6E:ED:6D
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B4C
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/e5L9sgYkeh1GwlkjVtHD5U5u7W0.roa
Signing time: Thu 15 Dec 2022 02:56:56 +0000
ROA not before: Thu 15 Dec 2022 02:56:56 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 124.155.168.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2892 (0xb4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:56:56 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=7B92FDB206247A1D46C2592356D1C3E54E6EED6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:12:db:29:18:6a:ba:60:ee:4b:b3:86:97:3c:
e7:be:da:21:7f:fb:54:be:e0:fe:b8:64:4f:f9:f0:
37:c3:cb:ee:94:45:83:ee:27:74:7c:11:5d:ec:ec:
30:e2:1f:8b:46:55:43:07:9d:bb:29:e9:00:67:76:
a8:93:39:46:0e:f8:c2:ea:a1:6e:82:5d:fc:b0:7a:
e0:5e:77:6b:ee:0c:9d:44:0b:a5:85:b1:01:1d:d3:
08:60:48:fb:f6:3b:12:d1:7f:52:e7:85:b0:02:6c:
f7:37:ec:5d:11:d7:27:5b:2a:27:2d:19:50:09:cf:
29:98:8d:10:d9:f0:c8:f7:27:b0:d4:78:3a:8a:48:
dd:b7:4f:21:36:28:e3:a3:14:10:a2:36:07:b9:33:
d5:97:2b:10:5a:72:4c:20:7b:8a:25:8f:f5:97:34:
04:8b:10:a7:7c:cc:af:cb:f1:af:d7:65:ac:19:e3:
6d:4c:c7:75:79:d9:cc:b7:f9:a1:dc:40:c8:b8:20:
79:9c:ca:58:7b:46:fe:77:87:9f:f1:15:40:25:c6:
9f:86:2f:05:fc:4e:fd:2f:d8:26:9a:38:2c:5a:60:
ea:f5:90:ce:85:7d:8f:27:43:a8:d7:a5:bf:d6:a4:
c4:3d:23:01:d1:f1:ce:d3:d0:df:bf:17:2f:7c:7d:
77:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:92:FD:B2:06:24:7A:1D:46:C2:59:23:56:D1:C3:E5:4E:6E:ED:6D
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/e5L9sgYkeh1GwlkjVtHD5U5u7W0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.168.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:3b:fd:ca:c9:ba:5c:46:17:b0:c3:fe:8e:19:73:00:fb:cd:
91:94:29:a7:62:16:25:48:23:f2:23:f6:fc:37:a7:3b:69:0f:
5a:02:f0:09:c8:da:15:6a:86:93:eb:85:2b:0a:99:be:70:82:
a6:e9:b1:5e:22:0e:dc:e4:e6:0a:12:5b:c4:19:80:bc:4f:31:
03:28:2f:27:90:9d:1c:24:8b:7b:66:d8:f7:66:43:37:a6:d4:
dc:a5:6b:d8:f7:d1:5c:88:dd:05:47:d6:d7:53:de:07:13:01:
17:28:10:7a:99:52:db:17:6d:17:0e:c0:d2:8a:43:42:26:39:
f1:48:7f:b9:38:c9:c2:47:bc:b5:0a:22:30:c3:5e:48:4d:3b:
87:4c:e1:28:01:b6:8c:81:e8:bf:17:f0:ff:ea:ad:62:02:22:
42:3f:f2:5f:6d:cf:95:00:6c:f3:f6:b2:93:d5:ec:85:50:91:
c3:3f:63:0d:06:ee:de:56:75:e3:91:51:11:29:43:21:a2:fc:
3a:8b:b7:63:6e:01:ba:e4:7a:3f:5a:90:fd:c0:7e:c2:ff:44:
fe:da:59:62:fd:e7:14:b8:46:8c:32:93:a0:3f:20:7f:4c:e3:
3f:d0:89:05:fe:4a:10:73:1a:da:fa:3c:43:8a:13:48:1f:be:
d2:6a:69:d4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC0wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU2NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDdCOTJGREIyMDYyNDdB
MUQ0NkMyNTkyMzU2RDFDM0U1NEU2RUVENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKEtspGGq6YO5Ls4aXPOe+2iF/+1S+4P64ZE/58DfDy+6URYPu
J3R8EV3s7DDiH4tGVUMHnbsp6QBndqiTOUYO+MLqoW6CXfyweuBed2vuDJ1EC6WF
sQEd0whgSPv2OxLRf1LnhbACbPc37F0R1ydbKictGVAJzymYjRDZ8Mj3J7DUeDqK
SN23TyE2KOOjFBCiNge5M9WXKxBackwge4olj/WXNASLEKd8zK/L8a/XZawZ421M
x3V52cy3+aHcQMi4IHmcylh7Rv53h5/xFUAlxp+GLwX8Tv0v2CaaOCxaYOr1kM6F
fY8nQ6jXpb/WpMQ9IwHR8c7T0N+/Fy98fXeXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUe5L9sgYkeh1GwlkjVtHD5U5u7W0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9lNUw5c2dZa2VoMUd3bGtqVnRI
RDVVNXU3VzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBfJuo
MA0GCSqGSIb3DQEBCwUAA4IBAQAKO/3KybpcRheww/6OGXMA+82RlCmnYhYlSCPy
I/b8N6c7aQ9aAvAJyNoVaoaT64UrCpm+cIKm6bFeIg7c5OYKElvEGYC8TzEDKC8n
kJ0cJIt7Ztj3ZkM3ptTcpWvY99FciN0FR9bXU94HEwEXKBB6mVLbF20XDsDSikNC
JjnxSH+5OMnCR7y1CiIww15ITTuHTOEoAbaMgei/F/D/6q1iAiJCP/Jfbc+VAGzz
9rKT1eyFUJHDP2MNBu7eVnXjkVERKUMhovw6i7djbgG65Ho/WpD9wH7C/0T+2lli
/ecUuEaMMpOgPyB/TOM/0IkF/koQcxra+jxDihNIH77SamnU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org