Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/jjMXmlIyiSuCcCbAW9XN45V5C6c.roa
File: jjMXmlIyiSuCcCbAW9XN45V5C6c.roa (raw, json)
Hash identifier: jHHVLFUf9Dnw3oTuE6o+lT2sRBdpJA5skH2r2UWlMVU=
Subject key identifier: 8E:33:17:9A:52:32:89:2B:82:70:26:C0:5B:D5:CD:E3:95:79:0B:A7
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09E2
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/jjMXmlIyiSuCcCbAW9XN45V5C6c.roa
Signing time: Wed 29 Sep 2021 02:52:06 +0000
ROA not before: Wed 29 Sep 2021 02:52:06 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 124.155.168.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2530 (0x9e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:06 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=8E33179A5232892B827026C05BD5CDE395790BA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ef:74:90:80:8f:6d:8f:8a:7f:82:a6:75:56:
47:3f:6a:f6:36:24:ef:12:1b:fc:0c:68:95:d9:3d:
ec:5d:0a:3a:a6:57:76:fb:62:7b:a7:99:2f:42:0e:
19:7e:f6:6f:49:fe:6e:4d:25:78:6f:0f:29:0a:da:
00:a4:41:60:8d:83:47:bb:42:d7:59:c3:97:b6:92:
4f:a9:cf:03:f6:c5:2e:81:21:1d:1c:22:c9:c4:44:
96:f2:67:f0:53:65:c8:08:04:16:d3:b9:00:e0:86:
06:3f:be:54:3a:4b:6b:b1:c8:7a:15:97:50:35:54:
04:34:d4:3c:f9:cd:ba:63:52:db:bf:8f:11:c5:12:
e4:09:86:16:e9:4a:6d:3d:b4:62:52:89:99:c7:13:
35:c2:bb:20:b8:1b:4a:32:f0:19:b6:0c:2a:29:12:
d4:c5:53:41:6a:09:99:86:53:7b:6f:ba:9b:a0:52:
d6:36:9d:af:80:f7:c2:02:9e:b5:2b:ac:64:6b:d1:
76:e5:4d:8b:96:d4:91:05:c3:8f:05:af:4c:c3:ca:
ad:d5:2e:d1:c5:5e:76:0d:b5:07:a6:96:35:4e:52:
be:d0:a7:35:ec:26:7d:a6:80:fd:e9:8e:58:40:5f:
ea:58:42:4e:6c:29:2b:ec:48:77:e7:be:30:f0:6b:
23:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:33:17:9A:52:32:89:2B:82:70:26:C0:5B:D5:CD:E3:95:79:0B:A7
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/jjMXmlIyiSuCcCbAW9XN45V5C6c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.168.0/21
Signature Algorithm: sha256WithRSAEncryption
54:c1:ee:e0:9f:db:5d:8d:a0:73:7b:d2:20:1b:da:a0:28:7d:
6c:ab:a5:09:c6:90:c8:c4:b6:17:7f:70:d7:44:cf:ad:75:3e:
7a:6b:fc:a0:19:32:cc:bc:55:c6:53:75:93:e1:b5:39:f3:87:
e7:7a:9d:f7:d0:4c:b7:4e:c8:ef:b3:c0:7c:9d:7f:da:40:6e:
d9:fc:a7:57:05:88:43:f8:eb:af:92:a0:99:4d:49:0b:14:10:
a4:9e:c0:70:80:97:1f:7b:0f:76:c9:82:cc:cd:bb:ae:5a:d1:
e5:23:ec:96:85:05:ae:81:69:a8:57:d5:21:69:8e:7c:4b:34:
1f:c7:d7:e3:ce:67:24:31:cf:17:21:dc:3f:ca:c5:15:99:d0:
10:aa:b3:5f:7f:76:36:35:55:ca:d6:a2:97:8a:9d:d0:2a:92:
3f:05:c7:0b:4a:57:7f:33:02:c4:0f:fa:0a:c9:5b:03:8b:ed:
d8:37:98:82:c1:17:16:96:41:9e:2e:b1:0a:8b:f2:cd:a2:2f:
82:48:0a:13:5a:f9:fb:9e:00:11:00:ea:6e:7f:38:d1:12:00:
3a:7a:b4:e8:d4:04:80:6b:63:2e:44:89:9b:da:37:74:26:69:
ed:00:ae:0d:d8:8b:82:30:f4:4e:b3:0f:18:a2:27:8a:b8:85:
d0:d2:36:4e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDhFMzMxNzlBNTIzMjg5
MkI4MjcwMjZDMDVCRDVDREUzOTU3OTBCQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn73SQgI9tj4p/gqZ1Vkc/avY2JO8SG/wMaJXZPexdCjqmV3b7
YnunmS9CDhl+9m9J/m5NJXhvDykK2gCkQWCNg0e7QtdZw5e2kk+pzwP2xS6BIR0c
IsnERJbyZ/BTZcgIBBbTuQDghgY/vlQ6S2uxyHoVl1A1VAQ01Dz5zbpjUtu/jxHF
EuQJhhbpSm09tGJSiZnHEzXCuyC4G0oy8Bm2DCopEtTFU0FqCZmGU3tvupugUtY2
na+A98ICnrUrrGRr0XblTYuW1JEFw48Fr0zDyq3VLtHFXnYNtQemljVOUr7QpzXs
Jn2mgP3pjlhAX+pYQk5sKSvsSHfnvjDwayN/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUjjMXmlIyiSuCcCbAW9XN45V5C6cwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9qak1YbWxJeWlTdUNjQ2JBVzlY
TjQ1VjVDNmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJuo
MA0GCSqGSIb3DQEBCwUAA4IBAQBUwe7gn9tdjaBze9IgG9qgKH1sq6UJxpDIxLYX
f3DXRM+tdT56a/ygGTLMvFXGU3WT4bU584fnep330Ey3Tsjvs8B8nX/aQG7Z/KdX
BYhD+OuvkqCZTUkLFBCknsBwgJcfew92yYLMzbuuWtHlI+yWhQWugWmoV9UhaY58
SzQfx9fjzmckMc8XIdw/ysUVmdAQqrNff3Y2NVXK1qKXip3QKpI/BccLSld/MwLE
D/oKyVsDi+3YN5iCwRcWlkGeLrEKi/LNoi+CSAoTWvn7ngARAOpufzjREgA6erTo
1ASAa2MuRImb2jd0JmntAK4N2IuCMPROsw8YoieKuIXQ0jZO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:47 2023 by rpki-client on console-ams.rpki-client.org