Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/hAb5D3B4_opUrU-Vqv-ZmIfO8Q8.roa
File: hAb5D3B4_opUrU-Vqv-ZmIfO8Q8.roa (raw, json)
Hash identifier: 3VR0haC774so31kH+YrU81n20dX9RZ+5SwqTZlH0IKM=
Subject key identifier: 84:06:F9:0F:70:78:FE:8A:54:AD:4F:95:AA:FF:99:98:87:CE:F1:0F
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 08F3
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/hAb5D3B4_opUrU-Vqv-ZmIfO8Q8.roa
Signing time: Sun 07 Feb 2021 12:44:54 +0000
ROA not before: Sun 07 Feb 2021 12:44:54 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 27.147.8.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2291 (0x8f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 7 12:44:54 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=8406F90F7078FE8A54AD4F95AAFF999887CEF10F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:84:c8:62:f1:29:72:c2:f0:ba:ed:06:29:91:
b0:44:d9:5a:f8:1d:cf:cc:46:1a:05:a8:36:e2:3f:
94:da:bb:09:ec:9c:33:22:33:d6:92:e5:5b:a5:b2:
40:a3:ca:f5:9f:88:c0:45:76:52:db:fa:c0:32:5e:
21:a9:40:92:05:be:9e:40:74:35:2c:ac:51:a2:52:
1a:b1:97:e6:5e:f2:8c:13:c1:9d:cb:3f:f9:cb:03:
3f:43:a5:7d:66:b8:4a:fc:0b:fa:70:7c:8c:22:38:
12:d6:05:e0:49:84:9d:79:f0:55:0e:92:ef:70:b9:
48:16:01:f0:6d:99:61:7b:11:8e:e1:ae:2c:22:c3:
e4:ad:0a:e0:12:b9:da:db:8c:14:34:84:b5:62:5d:
ec:a1:2b:ad:72:3c:1f:29:60:ef:7c:ba:c5:a6:6f:
34:d1:b2:2b:9f:3d:49:da:fe:9c:b9:45:74:67:2f:
59:09:ff:db:51:95:8f:6f:d3:fd:fe:10:ac:42:37:
ab:ef:45:16:74:a5:37:68:d7:cd:19:37:82:5e:0f:
85:cb:70:96:0a:bc:6f:c5:44:10:f7:10:9e:da:36:
97:31:a6:57:80:61:d1:5b:80:1d:af:de:9b:2b:bc:
e1:0e:b5:0e:36:eb:f8:79:70:79:fa:1d:fb:66:32:
f8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:06:F9:0F:70:78:FE:8A:54:AD:4F:95:AA:FF:99:98:87:CE:F1:0F
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/hAb5D3B4_opUrU-Vqv-ZmIfO8Q8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.8.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:3e:55:af:71:68:ee:06:88:26:87:92:93:60:5d:e0:95:a6:
8b:9b:a6:78:f8:c1:24:e2:25:16:8c:d9:ee:cf:5a:79:fa:c4:
85:e4:3b:ff:0f:85:46:14:6d:3f:6a:f9:ce:b4:80:29:a7:22:
57:dd:95:da:21:ac:42:de:49:14:0b:65:f6:0e:c0:a3:c3:35:
53:aa:d6:f5:e5:67:87:f1:77:fe:1b:6e:df:82:f4:ba:b3:30:
2d:9d:cc:95:14:05:1a:6b:49:23:40:e6:44:4a:71:c2:9f:6b:
4c:40:39:58:49:65:7a:0f:75:f6:c4:af:b6:97:ef:92:d4:17:
ef:78:7f:98:02:99:5d:92:81:ab:1f:0b:5f:bf:7c:a7:18:af:
0d:03:52:87:18:ee:59:93:5b:03:a2:0d:64:65:b0:42:04:6e:
61:0d:4f:cb:32:4b:19:51:c4:50:f0:d5:87:25:21:3b:e4:aa:
6e:92:4b:54:22:0b:74:79:5e:30:ba:0f:9b:9a:dd:e9:ec:4b:
fa:48:f9:4a:c4:0a:e9:c3:32:5e:92:e8:76:99:c4:69:cf:7e:
56:06:40:1b:a2:42:db:4d:7a:e6:2c:a5:74:74:1d:b4:b5:a4:
a2:35:5b:13:e9:97:77:c2:f9:08:d4:e1:4f:0c:65:d8:21:0f:
12:94:46:08
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ0NTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg0MDZGOTBGNzA3OEZF
OEE1NEFENEY5NUFBRkY5OTk4ODdDRUYxMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/hMhi8SlywvC67QYpkbBE2Vr4Hc/MRhoFqDbiP5TauwnsnDMi
M9aS5VulskCjyvWfiMBFdlLb+sAyXiGpQJIFvp5AdDUsrFGiUhqxl+Ze8owTwZ3L
P/nLAz9DpX1muEr8C/pwfIwiOBLWBeBJhJ158FUOku9wuUgWAfBtmWF7EY7hriwi
w+StCuASudrbjBQ0hLViXeyhK61yPB8pYO98usWmbzTRsiufPUna/py5RXRnL1kJ
/9tRlY9v0/3+EKxCN6vvRRZ0pTdo180ZN4JeD4XLcJYKvG/FRBD3EJ7aNpcxpleA
YdFbgB2v3psrvOEOtQ426/h5cHn6HftmMvhHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhAb5D3B4/opUrU+Vqv+ZmIfO8Q8wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9oQWI1RDNCNF9vcFVyVS1WcXYt
Wm1JZk84UTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCG5MI
MA0GCSqGSIb3DQEBCwUAA4IBAQCiPlWvcWjuBogmh5KTYF3glaaLm6Z4+MEk4iUW
jNnuz1p5+sSF5Dv/D4VGFG0/avnOtIAppyJX3ZXaIaxC3kkUC2X2DsCjwzVTqtb1
5WeH8Xf+G27fgvS6szAtncyVFAUaa0kjQOZESnHCn2tMQDlYSWV6D3X2xK+2l++S
1BfveH+YApldkoGrHwtfv3ynGK8NA1KHGO5Zk1sDog1kZbBCBG5hDU/LMksZUcRQ
8NWHJSE75KpukktUIgt0eV4wug+bmt3p7Ev6SPlKxArpwzJekuh2mcRpz35WBkAb
okLbTXrmLKV0dB20taSiNVsT6Zd3wvkI1OFPDGXYIQ8SlEYI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org