Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/kXAbYTf0z3m6HvIsBEhvRnqvc0g.roa
File: kXAbYTf0z3m6HvIsBEhvRnqvc0g.roa (raw, json)
Hash identifier: iBith1Rg9p3EAnMUd79t9fL6TUDdJbSf9c2PdiQcvVQ=
Subject key identifier: 91:70:1B:61:37:F4:CF:79:BA:1E:F2:2C:04:48:6F:46:7A:AF:73:48
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09DD
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/kXAbYTf0z3m6HvIsBEhvRnqvc0g.roa
Signing time: Wed 29 Sep 2021 02:52:04 +0000
ROA not before: Wed 29 Sep 2021 02:52:04 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 123.50.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2525 (0x9dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:04 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=91701B6137F4CF79BA1EF22C04486F467AAF7348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f6:e0:a2:5d:eb:9b:db:92:27:b2:25:1b:a4:
9b:38:89:53:63:0b:99:c7:06:eb:a8:d4:c4:87:b1:
47:ec:ad:ef:4d:dd:7c:0c:d2:82:1f:1e:1f:46:91:
8d:c3:a6:e1:47:1a:9f:17:96:1e:d3:a1:43:ad:8c:
ae:c3:f0:80:72:57:6d:c9:23:dc:c3:f1:6f:fa:5e:
0d:ad:24:48:aa:d4:d9:c6:8b:52:74:d9:3b:5e:7d:
fd:20:07:3d:62:b3:64:d4:af:e7:ff:7f:72:e8:a1:
8c:85:a1:7e:69:46:53:ec:db:1f:e8:5e:5c:f7:ac:
74:84:49:45:13:84:14:50:a1:6f:a1:51:44:97:b3:
20:06:a9:3a:26:bf:ef:fa:d3:64:8a:eb:f9:ef:0b:
b6:e6:64:7d:66:4c:7f:5a:7a:01:28:a4:26:8d:d0:
5b:38:c9:73:83:bf:d6:19:4e:3a:c5:4f:ab:dd:ac:
0d:37:02:8a:35:36:49:e3:d8:11:8f:29:3e:17:8a:
e5:62:c0:54:35:4e:89:e9:bf:ae:9a:ec:e2:ab:00:
d3:31:97:9a:56:d5:d0:6c:1a:d6:b0:96:ec:3e:8f:
69:6f:40:b4:23:ce:1e:fe:9b:60:8d:fb:96:d3:03:
f9:7f:39:93:06:14:81:81:4b:e4:d8:01:05:b1:24:
88:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:70:1B:61:37:F4:CF:79:BA:1E:F2:2C:04:48:6F:46:7A:AF:73:48
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/kXAbYTf0z3m6HvIsBEhvRnqvc0g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.50.40.0/21
Signature Algorithm: sha256WithRSAEncryption
34:91:7b:0e:d3:7d:94:60:5a:df:7d:ec:d6:76:92:43:92:85:
d1:81:ca:c5:d0:13:39:f7:5c:65:ca:96:ce:f8:02:3c:8f:3f:
b2:b1:cc:61:97:e3:bf:20:58:fc:25:de:11:5e:84:1d:0d:45:
24:85:43:26:55:58:5b:28:d4:f1:32:cc:4e:de:b1:c2:77:63:
29:22:83:b6:3f:9f:8d:77:e9:1e:f9:28:25:1f:1f:b8:b2:37:
80:52:92:28:7f:d0:72:fb:62:ea:7b:cd:45:45:af:42:65:e9:
3c:a2:4a:84:d9:23:93:00:4e:79:66:4e:19:cb:da:a3:5a:4c:
d9:37:f7:35:87:0e:bf:fe:1d:34:0b:0f:39:9e:9f:0a:1a:b7:
b0:c6:79:6b:60:98:b4:b4:ab:36:2e:d9:a8:e1:d5:2b:36:10:
6c:a3:99:78:2c:b9:ce:69:af:f5:45:70:9b:91:ff:41:8e:a0:
e7:10:14:df:4e:d9:61:e8:a6:87:d3:bb:61:64:e0:33:eb:c0:
7f:6d:60:d4:9b:dd:0e:74:bf:ea:25:db:a0:77:61:b0:34:24:
00:9b:9b:b0:54:f7:85:9a:b4:bc:6f:1e:51:62:85:3f:16:0e:
9a:dd:22:05:7a:a5:de:3e:c0:93:ad:33:ac:9a:cd:60:b8:0d:
2c:39:7e:eb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDkxNzAxQjYxMzdGNENG
NzlCQTFFRjIyQzA0NDg2RjQ2N0FBRjczNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/9uCiXeub25InsiUbpJs4iVNjC5nHBuuo1MSHsUfsre9N3XwM
0oIfHh9GkY3DpuFHGp8Xlh7ToUOtjK7D8IByV23JI9zD8W/6Xg2tJEiq1NnGi1J0
2Tteff0gBz1is2TUr+f/f3LooYyFoX5pRlPs2x/oXlz3rHSESUUThBRQoW+hUUSX
syAGqTomv+/602SK6/nvC7bmZH1mTH9aegEopCaN0Fs4yXODv9YZTjrFT6vdrA03
Aoo1Nknj2BGPKT4XiuViwFQ1Tonpv66a7OKrANMxl5pW1dBsGtawluw+j2lvQLQj
zh7+m2CN+5bTA/l/OZMGFIGBS+TYAQWxJIh3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUkXAbYTf0z3m6HvIsBEhvRnqvc0gwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9rWEFiWVRmMHozbTZIdklzQkVo
dlJucXZjMGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDezIo
MA0GCSqGSIb3DQEBCwUAA4IBAQA0kXsO032UYFrffezWdpJDkoXRgcrF0BM591xl
ypbO+AI8jz+yscxhl+O/IFj8Jd4RXoQdDUUkhUMmVVhbKNTxMsxO3rHCd2MpIoO2
P5+Nd+ke+SglHx+4sjeAUpIof9By+2Lqe81FRa9CZek8okqE2SOTAE55Zk4Zy9qj
WkzZN/c1hw6//h00Cw85np8KGrewxnlrYJi0tKs2Ltmo4dUrNhBso5l4LLnOaa/1
RXCbkf9BjqDnEBTfTtlh6KaH07thZOAz68B/bWDUm90OdL/qJdugd2GwNCQAm5uw
VPeFmrS8bx5RYoU/Fg6a3SIFeqXePsCTrTOsms1guA0sOX7r
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org