Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/jBfYhwpX_b8rzttSWccXHCWCsuI.roa
File: jBfYhwpX_b8rzttSWccXHCWCsuI.roa (raw, json)
Hash identifier: RXDva9tVzx7pq+8UlIBvAGrmegk05kbjZlXIH7os0Xs=
Subject key identifier: 8C:17:D8:87:0A:57:FD:BF:2B:CE:DB:52:59:C7:17:1C:25:82:B2:E2
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C72
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/jBfYhwpX_b8rzttSWccXHCWCsuI.roa
Signing time: Fri 01 Sep 2023 08:26:35 +0000
ROA not before: Fri 01 Sep 2023 08:26:35 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 27.147.24.0/21 maxlen: 21
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3186 (0xc72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:35 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8C17D8870A57FDBF2BCEDB5259C7171C2582B2E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:bc:78:54:e6:2b:47:b1:a1:6b:a0:75:d2:
87:34:4d:30:5b:00:b6:d2:23:1f:aa:97:86:2e:0b:
45:13:ab:d9:ec:e2:ab:76:82:d8:94:03:b1:94:32:
bb:8d:d9:6b:fd:73:a4:6f:f0:ef:21:4d:f7:05:f6:
cf:27:86:10:b3:19:94:fc:f8:a1:f7:d6:8e:5a:bd:
fa:dc:8d:54:ac:42:08:9e:00:f9:f4:27:8f:4d:4c:
85:23:e9:80:f6:01:e1:72:b4:59:e6:db:70:13:6d:
21:ee:7d:f7:c3:ea:12:b2:d3:52:b2:42:11:b1:b6:
a6:97:71:2a:4c:59:aa:94:70:d6:c4:df:29:c3:33:
d7:2f:1c:21:ca:77:9e:3f:34:53:00:a8:35:ec:da:
07:e3:7f:96:66:6d:74:d3:28:2b:7c:ab:33:4c:94:
0d:e6:b7:1f:e7:6d:48:b2:14:44:fd:02:5b:15:d2:
a0:2a:6a:45:fd:c8:57:0c:4f:3b:c9:c3:c6:fa:b4:
1c:20:8a:e6:4e:c0:0a:2a:75:72:86:66:8e:30:1c:
61:21:60:d4:24:12:70:85:1e:2d:3b:61:d4:65:78:
28:30:a6:ec:57:94:1c:1d:5a:b8:d3:a4:ea:68:1d:
8a:72:86:9e:da:de:f9:5b:ff:62:56:77:5d:8d:44:
82:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:17:D8:87:0A:57:FD:BF:2B:CE:DB:52:59:C7:17:1C:25:82:B2:E2
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/jBfYhwpX_b8rzttSWccXHCWCsuI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.24.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:c5:d6:9d:50:48:cc:8c:64:4c:15:79:36:c3:6d:49:f0:b3:
11:26:0d:a0:66:7d:12:89:b8:29:bf:01:f0:2a:3b:90:8b:3f:
e0:53:1e:e9:d4:ae:fd:9f:8e:a8:05:19:ad:77:29:41:94:5b:
62:5b:7a:18:8a:98:8b:73:29:9d:3a:6d:e6:d4:9a:87:da:5a:
bb:64:25:ed:8c:bb:0b:2f:e1:0f:33:df:2b:aa:98:17:72:8c:
12:ed:79:ad:11:a4:c3:c2:ba:00:31:46:de:45:fd:2d:f7:69:
95:f4:e4:f6:3a:5e:71:05:87:27:8c:75:03:95:2f:32:c2:24:
a7:c1:77:d6:04:fd:ea:7c:30:cb:fe:52:95:3a:46:cb:7f:d0:
82:6a:38:bd:0c:f9:90:98:af:4e:43:2c:2e:a3:b6:a0:fa:89:
d9:55:af:d9:1e:c5:ee:52:2f:5b:66:b5:7b:dc:27:3b:8b:ee:
e2:d2:f7:ab:21:f8:62:2b:89:c4:03:c8:0b:a8:be:8f:88:99:
b8:fe:f6:11:5a:4d:00:1a:5a:2d:ef:f8:21:b7:83:0c:20:db:
9c:94:fc:0e:5e:0c:55:54:35:37:97:08:50:19:63:d1:96:2f:
91:71:bf:e7:78:b3:48:dc:09:28:2a:3d:7a:e1:22:78:e2:a8:
7b:56:a2:99
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MzVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDhDMTdEODg3MEE1N0ZE
QkYyQkNFREI1MjU5QzcxNzFDMjU4MkIyRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC55rx4VOYrR7Gha6B10oc0TTBbALbSIx+ql4YuC0UTq9ns4qt2
gtiUA7GUMruN2Wv9c6Rv8O8hTfcF9s8nhhCzGZT8+KH31o5avfrcjVSsQgieAPn0
J49NTIUj6YD2AeFytFnm23ATbSHufffD6hKy01KyQhGxtqaXcSpMWaqUcNbE3ynD
M9cvHCHKd54/NFMAqDXs2gfjf5ZmbXTTKCt8qzNMlA3mtx/nbUiyFET9AlsV0qAq
akX9yFcMTzvJw8b6tBwgiuZOwAoqdXKGZo4wHGEhYNQkEnCFHi07YdRleCgwpuxX
lBwdWrjTpOpoHYpyhp7a3vlb/2JWd12NRIL5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUjBfYhwpX/b8rzttSWccXHCWCsuIwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9qQmZZaHdwWF9iOHJ6dHRTV2Nj
WEhDV0NzdUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MY
MA0GCSqGSIb3DQEBCwUAA4IBAQBvxdadUEjMjGRMFXk2w21J8LMRJg2gZn0Sibgp
vwHwKjuQiz/gUx7p1K79n46oBRmtdylBlFtiW3oYipiLcymdOm3m1JqH2lq7ZCXt
jLsLL+EPM98rqpgXcowS7XmtEaTDwroAMUbeRf0t92mV9OT2Ol5xBYcnjHUDlS8y
wiSnwXfWBP3qfDDL/lKVOkbLf9CCaji9DPmQmK9OQywuo7ag+onZVa/ZHsXuUi9b
ZrV73Cc7i+7i0verIfhiK4nEA8gLqL6PiJm4/vYRWk0AGlot7/ght4MMINuclPwO
XgxVVDU3lwhQGWPRli+Rcb/neLNI3AkoKj164SJ44qh7VqKZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:42 2025 by rpki-client