Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/hdaG4Fj52L0sbqJY-OLugm9wb-4.roa
File: hdaG4Fj52L0sbqJY-OLugm9wb-4.roa (raw, json)
Hash identifier: IPVSXzJxM6BbA7RJBnYWefiuGXLR9SEQXxkPwDOnvks=
Subject key identifier: 85:D6:86:E0:58:F9:D8:BD:2C:6E:A2:58:F8:E2:EE:82:6F:70:6F:EE
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09CF
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/hdaG4Fj52L0sbqJY-OLugm9wb-4.roa
Signing time: Wed 29 Sep 2021 02:52:01 +0000
ROA not before: Wed 29 Sep 2021 02:52:01 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 27.147.32.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2511 (0x9cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:01 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=85D686E058F9D8BD2C6EA258F8E2EE826F706FEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4f:8a:6d:7f:6a:31:3a:0c:66:15:11:41:1d:
fa:41:23:08:4e:3c:4e:e5:d0:df:da:ce:ed:52:a7:
e3:87:26:64:cc:b4:ab:7a:2b:cb:cb:ad:c0:cf:14:
8c:e7:fd:cc:24:15:61:c1:f7:6f:f9:ff:95:b3:ac:
e1:6a:91:bf:ba:bd:d8:7a:b6:7f:1e:fd:f5:f3:86:
37:ea:2d:ad:37:3e:7e:68:fd:e6:04:e6:62:af:44:
bd:45:25:c9:83:e8:d1:9e:0e:b1:f6:12:bc:f8:03:
fc:84:05:11:ef:5f:b1:66:4f:f7:0d:d8:a3:2a:1d:
46:8c:8f:55:b3:b8:7c:cc:af:47:e3:07:dc:d1:47:
7f:05:ac:4b:e9:93:aa:a4:96:c9:6b:4a:ac:a7:ca:
8d:23:1d:7f:fa:4a:65:14:74:da:1a:bf:aa:65:83:
02:44:c7:32:23:35:87:6d:9f:aa:d0:f5:a7:0a:91:
d2:60:eb:2d:a9:80:2e:04:58:51:d4:49:6d:68:90:
eb:cb:b6:0c:ab:d0:71:77:2b:d7:51:5e:e7:e7:ee:
d5:ab:c3:be:98:02:46:87:7a:a0:57:41:ed:cf:ea:
0b:66:08:d3:2f:66:78:79:64:12:58:01:3a:b9:62:
45:ec:42:89:e4:30:6f:bc:14:4a:d8:72:28:fe:2f:
73:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D6:86:E0:58:F9:D8:BD:2C:6E:A2:58:F8:E2:EE:82:6F:70:6F:EE
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/hdaG4Fj52L0sbqJY-OLugm9wb-4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.32.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:6e:b5:53:29:db:36:a2:9f:2e:3b:36:dc:4e:1d:27:ff:57:
44:b4:2a:a8:7e:fa:29:58:36:38:1c:35:be:17:82:fd:6a:90:
02:56:91:42:00:ce:fb:1e:6e:c0:76:a5:bf:9a:a5:f5:3a:5f:
4f:bd:24:b9:df:50:c5:f9:56:aa:d6:35:fe:c9:be:cc:25:f5:
22:25:84:49:1a:0c:25:29:4d:2c:82:57:26:89:ee:02:b5:c6:
88:12:f9:1f:d9:d3:fa:df:14:65:ff:54:22:7d:40:28:52:57:
77:39:49:98:ef:ef:00:f6:15:3f:e1:a8:8e:49:d9:61:f4:c9:
e0:d5:6f:6c:f3:1f:f6:cf:55:7f:a8:eb:95:32:ec:07:9d:e4:
61:27:8f:d9:08:b7:64:9b:02:f5:51:aa:73:93:b6:a8:89:bf:
1c:34:9d:77:be:6b:cf:c2:d8:7b:03:54:a3:5f:60:a0:e9:15:
14:9e:cb:79:0b:91:99:96:b3:e4:32:3b:84:b9:f6:f6:09:d5:
0b:13:e0:ea:88:ec:a4:70:b7:63:ed:2a:6d:d0:8c:b2:55:ed:
a5:fb:c8:24:30:de:5e:94:a2:65:86:42:93:da:53:02:78:6d:
34:ab:1f:29:ce:ef:47:44:38:00:10:85:99:2d:d6:17:f6:a1:
5e:ed:bb:67
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCc8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg1RDY4NkUwNThGOUQ4
QkQyQzZFQTI1OEY4RTJFRTgyNkY3MDZGRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjT4ptf2oxOgxmFRFBHfpBIwhOPE7l0N/azu1Sp+OHJmTMtKt6
K8vLrcDPFIzn/cwkFWHB92/5/5WzrOFqkb+6vdh6tn8e/fXzhjfqLa03Pn5o/eYE
5mKvRL1FJcmD6NGeDrH2Erz4A/yEBRHvX7FmT/cN2KMqHUaMj1WzuHzMr0fjB9zR
R38FrEvpk6qklslrSqynyo0jHX/6SmUUdNoav6plgwJExzIjNYdtn6rQ9acKkdJg
6y2pgC4EWFHUSW1okOvLtgyr0HF3K9dRXufn7tWrw76YAkaHeqBXQe3P6gtmCNMv
Znh5ZBJYATq5YkXsQonkMG+8FErYcij+L3NBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhdaG4Fj52L0sbqJY+OLugm9wb+4wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9oZGFHNEZqNTJMMHNicUpZLU9M
dWdtOXdiLTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQAfbrVTKds2op8uOzbcTh0n/1dEtCqofvopWDY4
HDW+F4L9apACVpFCAM77Hm7AdqW/mqX1Ol9PvSS531DF+Vaq1jX+yb7MJfUiJYRJ
GgwlKU0sglcmie4CtcaIEvkf2dP63xRl/1QifUAoUld3OUmY7+8A9hU/4aiOSdlh
9Mng1W9s8x/2z1V/qOuVMuwHneRhJ4/ZCLdkmwL1Uapzk7aoib8cNJ13vmvPwth7
A1SjX2Cg6RUUnst5C5GZlrPkMjuEufb2CdULE+DqiOykcLdj7Spt0IyyVe2l+8gk
MN5elKJlhkKT2lMCeG00qx8pzu9HRDgAEIWZLdYX9qFe7btn
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:57 2023 by rpki-client on console-fra.rpki-client.org