Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/oNdnZmgZY66TscmIwbmtr5pTh1k.roa
File: oNdnZmgZY66TscmIwbmtr5pTh1k.roa (raw, json)
Hash identifier: 8iKP2OKpfXplsqqq9zFTjC7KkAGxzQGefF6uMGZhV9E=
Subject key identifier: A0:D7:67:66:68:19:63:AE:93:B1:C9:88:C1:B9:AD:AF:9A:53:87:59
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0923
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/oNdnZmgZY66TscmIwbmtr5pTh1k.roa
Signing time: Sun 07 Feb 2021 12:45:30 +0000
ROA not before: Sun 07 Feb 2021 12:45:30 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 124.155.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2339 (0x923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 7 12:45:30 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A0D76766681963AE93B1C988C1B9ADAF9A538759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c9:15:93:b4:a9:b7:25:b3:a3:71:b4:ee:12:
36:bd:e4:02:ba:4e:4a:f0:58:c6:c2:f2:26:35:98:
7f:78:d0:16:1b:4e:bd:bd:1f:ee:2d:cf:89:fa:a7:
df:23:77:fc:de:ed:05:53:50:48:bb:86:f2:f9:68:
73:48:96:3d:ee:94:ca:b6:6b:9a:ea:67:73:3a:2b:
42:b4:2a:bc:da:ef:40:a5:d7:7b:8d:1d:e9:97:11:
e0:3a:52:de:8e:8b:d6:36:a5:f8:b5:f3:4c:c5:4b:
b5:51:48:03:5d:d4:28:ac:47:cd:cd:03:22:9a:99:
c1:21:30:d9:93:df:9d:9b:29:aa:66:f4:68:2e:28:
69:8a:e4:10:7d:e0:7b:14:d0:f2:8c:56:e8:b3:a4:
87:a7:16:a2:09:81:14:5e:c3:d4:ae:b3:9c:4c:1a:
61:bf:43:22:ed:52:1b:3f:2a:de:fc:2f:79:7a:b0:
7c:db:bc:bc:91:80:b7:1e:e6:5b:1d:0f:16:0e:34:
1e:a6:15:4a:72:b9:c5:27:90:58:91:c9:61:10:8f:
50:b7:01:64:0e:8a:1f:0a:bf:61:d7:a3:85:c6:17:
94:90:e0:26:f1:f6:f0:94:94:46:91:55:e4:37:8f:
96:e3:46:b8:2c:fe:43:84:70:43:1a:7a:be:18:08:
04:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D7:67:66:68:19:63:AE:93:B1:C9:88:C1:B9:AD:AF:9A:53:87:59
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/oNdnZmgZY66TscmIwbmtr5pTh1k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.176.0/21
Signature Algorithm: sha256WithRSAEncryption
73:b7:d6:e5:1c:0d:55:2b:03:9a:ab:5c:03:aa:4a:77:84:8e:
e9:da:d2:2f:e2:d3:d5:2f:f4:de:a0:d0:97:a9:f6:4f:6f:e7:
a6:88:d7:2c:04:2d:ef:4d:90:dc:3e:09:0d:18:ac:dc:72:0d:
c8:4c:8a:ea:f1:49:01:da:76:39:12:f8:2e:f8:54:37:9c:f7:
32:79:39:c5:75:33:1a:63:a1:8d:da:51:e2:a1:9f:54:c9:79:
3e:93:24:8b:58:b0:5d:a3:50:9e:d6:79:29:aa:c6:40:46:38:
a5:2f:fa:56:35:96:db:a2:ee:23:da:96:ee:e4:31:9f:a9:12:
b5:c2:c9:83:a5:54:3b:35:e4:cd:94:82:ec:78:15:23:f8:e3:
3c:fd:7e:27:fa:0e:09:53:73:c0:45:82:cf:61:6c:67:1a:78:
c1:b7:89:bb:dc:bf:7b:2c:8f:d1:a0:35:85:b6:86:8d:9d:fc:
4c:63:b1:3b:85:5a:9b:aa:4a:35:9f:9c:e8:57:71:e6:3a:19:
3a:f1:c1:ad:a1:28:05:e3:30:73:a6:bf:36:b1:a3:ad:e3:d5:
7a:6e:c7:89:46:9f:de:e2:fc:f1:b3:fb:2e:c2:44:77:ee:2c:
f0:3c:fd:3f:b3:10:52:f2:f4:fb:a0:78:ae:f7:1b:65:d5:53:
6e:72:5a:92
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCSMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ1MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEEwRDc2NzY2NjgxOTYz
QUU5M0IxQzk4OEMxQjlBREFGOUE1Mzg3NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyyRWTtKm3JbOjcbTuEja95AK6TkrwWMbC8iY1mH940BYbTr29
H+4tz4n6p98jd/ze7QVTUEi7hvL5aHNIlj3ulMq2a5rqZ3M6K0K0Krza70Cl13uN
HemXEeA6Ut6Oi9Y2pfi180zFS7VRSANd1CisR83NAyKamcEhMNmT352bKapm9Ggu
KGmK5BB94HsU0PKMVuizpIenFqIJgRRew9Sus5xMGmG/QyLtUhs/Kt78L3l6sHzb
vLyRgLce5lsdDxYONB6mFUpyucUnkFiRyWEQj1C3AWQOih8Kv2HXo4XGF5SQ4Cbx
9vCUlEaRVeQ3j5bjRrgs/kOEcEMaer4YCARDAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUoNdnZmgZY66TscmIwbmtr5pTh1kwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9vTmRuWm1nWlk2NlRzY21Jd2Jt
dHI1cFRoMWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJuw
MA0GCSqGSIb3DQEBCwUAA4IBAQBzt9blHA1VKwOaq1wDqkp3hI7p2tIv4tPVL/Te
oNCXqfZPb+emiNcsBC3vTZDcPgkNGKzccg3ITIrq8UkB2nY5Evgu+FQ3nPcyeTnF
dTMaY6GN2lHioZ9UyXk+kySLWLBdo1Ce1nkpqsZARjilL/pWNZbbou4j2pbu5DGf
qRK1wsmDpVQ7NeTNlILseBUj+OM8/X4n+g4JU3PARYLPYWxnGnjBt4m73L97LI/R
oDWFtoaNnfxMY7E7hVqbqko1n5zoV3HmOhk68cGtoSgF4zBzpr82saOt49V6bseJ
Rp/e4vzxs/suwkR37izwPP0/sxBS8vT7oHiu9xtl1VNuclqS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org