Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/kffo8uyBJxiAcwfapT3vmGerQnE.roa
File: kffo8uyBJxiAcwfapT3vmGerQnE.roa (raw, json)
Hash identifier: BNeVCQ4AbqkP/YGa8jp1ThCDYlN5F3b1fK8JFK6mpPw=
Subject key identifier: 91:F7:E8:F2:EC:81:27:18:80:73:07:DA:A5:3D:EF:98:67:AB:42:71
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0DB4
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/kffo8uyBJxiAcwfapT3vmGerQnE.roa
Signing time: Mon 26 Aug 2024 05:10:21 +0000
ROA not before: Mon 26 Aug 2024 05:10:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 61.57.152.0/21 maxlen: 21
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3508 (0xdb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Aug 26 05:10:21 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=91F7E8F2EC812718807307DAA53DEF9867AB4271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:84:72:3f:1f:e4:c9:c4:7d:0c:df:6d:ea:db:
50:be:3d:09:51:11:2f:0b:9b:99:0f:04:62:6e:79:
96:89:34:a3:07:f6:2d:77:0e:f1:04:32:00:d1:45:
f6:b5:67:8c:33:af:9b:b9:34:73:25:b2:95:11:8f:
3d:d7:73:4c:e4:8c:62:6f:61:fe:dc:44:70:c5:11:
69:55:38:e2:55:f0:5e:ca:24:3d:03:a5:59:d4:1b:
6b:34:de:bd:dd:39:06:af:b8:50:73:45:66:6e:0b:
e7:59:de:77:95:b0:1e:2c:4a:f0:30:35:c8:16:0b:
1f:5c:41:e4:26:10:dd:c4:29:0e:a7:f9:d4:93:5c:
4d:9d:20:0c:63:a2:dd:a7:04:a9:67:9a:27:20:25:
5f:e9:84:43:f3:2a:05:12:9d:be:36:82:9e:fe:51:
93:2b:95:d7:8d:75:72:38:42:6f:3d:c4:53:62:1d:
33:49:07:c3:53:df:f0:ce:d4:8c:29:b6:27:d1:7b:
d0:e3:6f:15:d0:f7:79:c4:2d:f8:63:14:c4:bb:99:
97:a5:45:3d:50:6f:b4:dc:60:9f:29:b8:84:dc:0e:
da:3b:59:95:ea:aa:94:e2:a1:ed:34:09:e9:3b:95:
34:f1:8b:63:40:90:15:82:42:29:29:30:8a:de:08:
cc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F7:E8:F2:EC:81:27:18:80:73:07:DA:A5:3D:EF:98:67:AB:42:71
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/kffo8uyBJxiAcwfapT3vmGerQnE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.152.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:7e:96:a8:42:96:bf:df:10:8a:8a:f2:9e:e3:5b:84:cc:b0:
aa:0b:29:30:9c:6b:77:7f:68:94:d7:11:77:4f:4d:17:11:23:
ea:e9:6b:fc:b4:c4:e6:83:29:3c:06:b0:89:cb:de:6d:2f:06:
d4:f8:de:91:c2:18:96:e5:64:53:e4:98:e7:31:b3:29:40:ff:
32:68:8d:22:bb:b5:80:52:1e:5b:1e:2c:c1:d0:f3:29:c3:b6:
ea:4d:bd:c8:ee:09:30:09:5a:81:40:4d:a2:9c:b6:a4:d8:6a:
94:7b:62:84:7f:43:a3:3c:76:ba:96:31:86:4e:47:a3:f0:1e:
8c:58:d9:f4:37:37:ad:5e:c7:88:d0:9e:ff:68:01:16:28:08:
67:4b:df:4b:85:3e:c9:fc:47:66:ce:b0:1c:0c:db:95:97:ce:
d7:b5:bc:f4:45:71:4d:bc:e3:9d:91:dd:36:13:07:38:13:e6:
6c:20:ab:c9:ad:22:c3:cf:2e:81:eb:9c:40:2c:46:26:3d:38:
7f:c4:ca:0e:a1:42:7e:ff:99:93:5b:63:07:99:6f:ac:94:50:
16:f1:94:d8:cb:2d:c5:19:ae:b0:19:4f:59:45:bb:c6:cb:bf:
34:77:d8:d3:e7:a4:5e:45:a5:bf:38:fe:34:63:7e:dd:4d:c2:
5e:39:c9:2d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw
NTEwMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkxRjdFOEYyRUM4MTI3
MTg4MDczMDdEQUE1M0RFRjk4NjdBQjQyNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDghHI/H+TJxH0M323q21C+PQlRES8Lm5kPBGJueZaJNKMH9i13
DvEEMgDRRfa1Z4wzr5u5NHMlspURjz3Xc0zkjGJvYf7cRHDFEWlVOOJV8F7KJD0D
pVnUG2s03r3dOQavuFBzRWZuC+dZ3neVsB4sSvAwNcgWCx9cQeQmEN3EKQ6n+dST
XE2dIAxjot2nBKlnmicgJV/phEPzKgUSnb42gp7+UZMrldeNdXI4Qm89xFNiHTNJ
B8NT3/DO1IwptifRe9DjbxXQ93nELfhjFMS7mZelRT1Qb7TcYJ8puITcDto7WZXq
qpTioe00Cek7lTTxi2NAkBWCQikpMIreCMyXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUkffo8uyBJxiAcwfapT3vmGerQnEwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9rZmZvOHV5Qkp4aUFjd2ZhcFQz
dm1HZXJRbkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmY
MA0GCSqGSIb3DQEBCwUAA4IBAQAvfpaoQpa/3xCKivKe41uEzLCqCykwnGt3f2iU
1xF3T00XESPq6Wv8tMTmgyk8BrCJy95tLwbU+N6RwhiW5WRT5JjnMbMpQP8yaI0i
u7WAUh5bHizB0PMpw7bqTb3I7gkwCVqBQE2inLak2GqUe2KEf0OjPHa6ljGGTkej
8B6MWNn0NzetXseI0J7/aAEWKAhnS99LhT7J/EdmzrAcDNuVl87Xtbz0RXFNvOOd
kd02Ewc4E+ZsIKvJrSLDzy6B65xALEYmPTh/xMoOoUJ+/5mTW2MHmW+slFAW8ZTY
yy3FGa6wGU9ZRbvGy780d9jT56ReRaW/OP40Y37dTcJeOckt
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:39 2025 by rpki-client