Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/hzUEsmFHpMOJhjHzNh78wWdcmFs.roa
File: hzUEsmFHpMOJhjHzNh78wWdcmFs.roa (raw, json)
Hash identifier: ExbuYY+fYhcQwehQlOIRQQfZP0q7jlvsz/qOj5ijMlY=
Subject key identifier: 87:35:04:B2:61:47:A4:C3:89:86:31:F3:36:1E:FC:C1:67:5C:98:5B
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09DA
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/hzUEsmFHpMOJhjHzNh78wWdcmFs.roa
Signing time: Wed 29 Sep 2021 02:52:03 +0000
ROA not before: Wed 29 Sep 2021 02:52:03 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 61.57.152.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2522 (0x9da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:03 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=873504B26147A4C3898631F3361EFCC1675C985B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d1:6b:d3:f3:d0:dc:1a:01:55:e4:87:e0:24:
b6:3e:32:95:ab:fb:fb:fb:ae:e8:10:ea:f7:89:e4:
89:bc:16:40:f1:c4:aa:80:70:e3:3b:78:2f:b2:34:
76:e9:22:54:7e:b1:d6:08:fe:1c:45:ec:8f:ed:7d:
43:f4:c4:74:3f:b2:4f:3a:a4:c8:bb:38:3b:44:1a:
a4:2f:a8:a4:29:4d:89:02:b1:22:67:48:51:09:2b:
46:71:e8:c5:d3:42:d5:65:c3:29:88:9c:cf:22:05:
89:6c:97:c5:6c:77:f4:37:63:9d:82:3f:93:d3:27:
21:62:41:87:0d:41:cc:eb:86:31:49:66:98:2f:51:
99:08:4e:3c:96:21:5c:09:d5:f8:2f:84:2c:ac:f4:
4a:38:0a:ef:a6:54:c0:5f:9d:bb:17:66:fb:e7:1c:
3f:33:13:1d:cb:cc:68:03:55:de:f9:c1:f4:91:a9:
5b:37:40:b1:1f:d5:bb:7c:45:51:41:9f:62:64:23:
d9:51:7e:4c:74:f0:c3:3a:33:4d:c6:4c:df:08:2a:
05:32:e6:57:b9:03:7b:b5:56:cb:71:1c:34:99:a6:
3b:33:88:36:cb:4f:59:02:70:c2:50:54:ff:fe:8e:
38:e6:91:eb:01:4a:bf:86:5a:87:52:a9:e5:a8:5b:
38:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:35:04:B2:61:47:A4:C3:89:86:31:F3:36:1E:FC:C1:67:5C:98:5B
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/hzUEsmFHpMOJhjHzNh78wWdcmFs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.152.0/21
Signature Algorithm: sha256WithRSAEncryption
78:d9:1f:9f:7b:b8:be:97:96:db:5d:91:4f:68:0f:5a:9d:3d:
77:a2:cb:89:38:c2:9a:f2:cc:ad:79:c3:02:17:1b:2c:66:9a:
a1:b4:58:c8:02:80:66:a6:1d:d3:80:3a:6f:34:b2:fb:62:44:
a9:33:b1:02:9d:c6:26:a5:92:29:0d:67:c0:46:61:e5:1d:83:
00:b7:87:9e:d8:a7:64:62:a3:d5:3d:0a:56:e9:86:ac:db:0c:
c5:88:9a:0c:ac:68:51:65:39:4f:0e:e1:60:69:01:2b:e2:c1:
34:23:dc:d9:b1:ed:3a:ed:c8:45:33:76:f0:5e:9f:01:3e:e1:
b0:65:5e:db:8f:10:36:79:2a:d4:fe:b0:b2:38:21:57:ff:71:
07:46:2e:0b:e8:e0:1e:a7:94:eb:1f:3c:fc:a0:6b:ae:ee:4f:
25:10:18:1c:7d:f8:d4:6b:f0:90:04:df:51:b2:3f:6a:e8:6a:
ca:d6:3c:ae:17:8a:6f:11:d2:eb:1b:9a:13:a4:dc:c1:73:26:
dd:41:c2:55:37:d3:c3:98:29:a3:cf:b6:d9:55:72:f0:bf:f1:
95:e9:a4:74:e1:28:51:92:57:db:cb:7e:2b:02:4e:f0:7e:4e:
21:b3:6c:5e:40:73:77:09:35:80:2a:f6:12:e9:e3:08:c8:b8:
77:c0:31:13
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg3MzUwNEIyNjE0N0E0
QzM4OTg2MzFGMzM2MUVGQ0MxNjc1Qzk4NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC80WvT89DcGgFV5IfgJLY+MpWr+/v7rugQ6veJ5Im8FkDxxKqA
cOM7eC+yNHbpIlR+sdYI/hxF7I/tfUP0xHQ/sk86pMi7ODtEGqQvqKQpTYkCsSJn
SFEJK0Zx6MXTQtVlwymInM8iBYlsl8Vsd/Q3Y52CP5PTJyFiQYcNQczrhjFJZpgv
UZkITjyWIVwJ1fgvhCys9Eo4Cu+mVMBfnbsXZvvnHD8zEx3LzGgDVd75wfSRqVs3
QLEf1bt8RVFBn2JkI9lRfkx08MM6M03GTN8IKgUy5le5A3u1VstxHDSZpjsziDbL
T1kCcMJQVP/+jjjmkesBSr+GWodSqeWoWzitAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhzUEsmFHpMOJhjHzNh78wWdcmFswHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9oelVFc21GSHBNT0poakh6Tmg3
OHdXZGNtRnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmY
MA0GCSqGSIb3DQEBCwUAA4IBAQB42R+fe7i+l5bbXZFPaA9anT13osuJOMKa8syt
ecMCFxssZpqhtFjIAoBmph3TgDpvNLL7YkSpM7ECncYmpZIpDWfARmHlHYMAt4ee
2KdkYqPVPQpW6Yas2wzFiJoMrGhRZTlPDuFgaQEr4sE0I9zZse067chFM3bwXp8B
PuGwZV7bjxA2eSrU/rCyOCFX/3EHRi4L6OAep5TrHzz8oGuu7k8lEBgcffjUa/CQ
BN9Rsj9q6GrK1jyuF4pvEdLrG5oTpNzBcybdQcJVN9PDmCmjz7bZVXLwv/GV6aR0
4ShRklfby34rAk7wfk4hs2xeQHN3CTWAKvYS6eMIyLh3wDET
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org