Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/jE9JARQ0GUTPnahMDXZU0cvfGX8.roa
File: jE9JARQ0GUTPnahMDXZU0cvfGX8.roa (raw, json)
Hash identifier: 7IbfCXQLhltseADBTT9WdQkAWPrUAcMg98sZo+AEpK8=
Subject key identifier: 8C:4F:49:01:14:34:19:44:CF:9D:A8:4C:0D:76:54:D1:CB:DF:19:7F
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B78
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/jE9JARQ0GUTPnahMDXZU0cvfGX8.roa
Signing time: Mon 19 Dec 2022 08:47:44 +0000
ROA not before: Mon 19 Dec 2022 08:47:44 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 124.155.170.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2936 (0xb78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 19 08:47:44 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=8C4F490114341944CF9DA84C0D7654D1CBDF197F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dd:bb:b5:0f:b3:9b:32:91:94:9b:cb:8b:5a:
4e:1e:ff:b2:00:7e:04:5a:82:80:7b:ad:41:dc:fa:
ec:58:1c:22:64:81:72:be:23:db:ba:d5:4b:4b:25:
fc:b8:ed:46:9e:4f:40:5f:7b:71:41:3b:b8:b0:07:
14:83:16:f6:e2:59:0c:97:85:5f:7d:ea:98:a8:03:
54:ec:9f:ea:6f:93:e7:29:ff:5b:0d:06:8a:25:e6:
ae:8c:96:42:b6:4e:e2:5a:60:fb:48:75:82:6a:31:
6e:b7:ee:c8:9b:30:9a:cc:49:21:8d:78:00:7f:8b:
cc:de:a6:fa:a3:99:a5:fd:a9:16:56:b5:8d:e5:94:
98:b5:bd:9e:24:2d:da:96:58:92:07:9a:a5:0d:cb:
d6:89:4e:18:9d:9b:f6:82:39:de:5c:b7:05:cb:dd:
15:05:62:1a:25:b4:7d:97:8e:b7:0d:92:66:cf:84:
30:94:c1:c8:cc:9c:cb:6f:c9:39:15:0c:f6:0f:f3:
c2:13:f1:f4:35:42:9d:37:75:fd:30:49:85:2b:81:
30:02:64:cc:48:2f:c5:4b:09:f4:59:a4:82:93:bb:
35:a9:26:07:ac:69:60:f0:ac:e0:be:fd:59:3c:0e:
d6:34:4a:a0:1b:ac:7d:f2:fd:10:4a:0e:5d:d7:ee:
44:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4F:49:01:14:34:19:44:CF:9D:A8:4C:0D:76:54:D1:CB:DF:19:7F
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/jE9JARQ0GUTPnahMDXZU0cvfGX8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.170.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:fa:54:dc:0d:c9:f9:b5:9d:3d:95:fe:19:df:84:2c:23:10:
56:3f:fc:62:9b:9d:4b:f1:d0:9d:9a:68:55:8f:54:98:2e:e2:
e6:e1:07:f6:f4:a5:b5:f2:95:da:7c:63:bd:56:65:40:b4:ba:
0a:bc:e6:c6:f5:6d:1c:e3:64:fe:15:d6:d8:3f:76:87:75:35:
61:5a:6f:28:81:63:af:5a:6e:75:58:f4:ee:1c:2f:91:06:62:
e3:fa:37:c9:87:35:65:92:63:34:e1:df:ef:0f:8e:ff:88:7d:
05:8a:52:97:2d:42:12:01:5c:51:4b:af:77:e1:d0:fd:6a:73:
a1:72:e0:a9:46:b9:9d:c8:b8:ca:ad:0e:f4:9f:da:7b:2d:c3:
d2:be:0b:d0:95:7e:b0:ac:f3:b6:28:3e:ad:2c:48:24:c7:b5:
8f:2e:66:94:b7:dd:33:d5:5b:71:23:cb:81:5f:33:e0:c9:62:
2a:23:05:2a:31:87:1d:f4:48:09:eb:6a:f2:ea:76:7a:94:f7:
3c:32:10:0a:7d:9d:ca:79:eb:4f:e4:20:c4:7a:25:dd:36:ac:
52:16:92:6b:43:26:fa:6c:f6:08:a3:bf:8a:f1:3f:8a:af:c8:
92:55:db:36:e0:0e:90:3b:2b:c9:b7:8b:f1:5b:7a:4d:95:72:
fb:f8:b3:4a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC3gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTkw
ODQ3NDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDhDNEY0OTAxMTQzNDE5
NDRDRjlEQTg0QzBENzY1NEQxQ0JERjE5N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt3bu1D7ObMpGUm8uLWk4e/7IAfgRagoB7rUHc+uxYHCJkgXK+
I9u61UtLJfy47UaeT0Bfe3FBO7iwBxSDFvbiWQyXhV996pioA1Tsn+pvk+cp/1sN
Bool5q6MlkK2TuJaYPtIdYJqMW637sibMJrMSSGNeAB/i8zepvqjmaX9qRZWtY3l
lJi1vZ4kLdqWWJIHmqUNy9aJThidm/aCOd5ctwXL3RUFYholtH2XjrcNkmbPhDCU
wcjMnMtvyTkVDPYP88IT8fQ1Qp03df0wSYUrgTACZMxIL8VLCfRZpIKTuzWpJges
aWDwrOC+/Vk8DtY0SqAbrH3y/RBKDl3X7kSfAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUjE9JARQ0GUTPnahMDXZU0cvfGX8wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9qRTlKQVJRMEdVVFBuYWhNRFha
VTBjdmZHWDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBfJuq
MA0GCSqGSIb3DQEBCwUAA4IBAQBP+lTcDcn5tZ09lf4Z34QsIxBWP/xim51L8dCd
mmhVj1SYLuLm4Qf29KW18pXafGO9VmVAtLoKvObG9W0c42T+FdbYP3aHdTVhWm8o
gWOvWm51WPTuHC+RBmLj+jfJhzVlkmM04d/vD47/iH0FilKXLUISAVxRS6934dD9
anOhcuCpRrmdyLjKrQ70n9p7LcPSvgvQlX6wrPO2KD6tLEgkx7WPLmaUt90z1Vtx
I8uBXzPgyWIqIwUqMYcd9EgJ62ry6nZ6lPc8MhAKfZ3KeetP5CDEeiXdNqxSFpJr
Qyb6bPYIo7+K8T+Kr8iSVds24A6QOyvJt4vxW3pNlXL7+LNK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org