Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/oSG-mFpW0SCqvqkaRBokFcifAHU.roa
File: oSG-mFpW0SCqvqkaRBokFcifAHU.roa (raw, json)
Hash identifier: XaSBunFbGDKKODF02iYQMkUMQUVMtTRntSXFjBdTNsE=
Subject key identifier: A1:21:BE:98:5A:56:D1:20:AA:BE:A9:1A:44:1A:24:15:C8:9F:00:75
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C64
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/oSG-mFpW0SCqvqkaRBokFcifAHU.roa
Signing time: Fri 01 Sep 2023 08:26:31 +0000
ROA not before: Fri 01 Sep 2023 08:26:31 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 27.147.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3172 (0xc64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:31 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A121BE985A56D120AABEA91A441A2415C89F0075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:96:b5:a0:8d:21:be:3b:da:cf:04:07:28:b3:
b8:0f:23:81:79:1c:a2:24:79:08:16:55:80:d5:ff:
9a:43:46:e9:bf:6c:5d:df:aa:a8:0d:31:25:d1:e2:
2c:f6:41:a3:a5:4d:8b:ba:96:9d:20:12:17:f5:a5:
a1:c3:29:84:f6:ed:ff:97:0f:c2:57:fc:e8:28:a0:
56:e8:54:89:c1:ea:af:23:24:fb:ec:95:8a:e8:0a:
41:d4:f2:ed:5c:d4:39:89:bf:f9:10:d9:2b:21:01:
70:d1:d5:5c:11:b8:a9:55:3c:a2:fd:b4:05:d3:d2:
87:b3:f0:5d:a0:17:e4:51:e0:92:d1:6c:70:70:47:
2f:9e:ab:e0:0a:d1:46:8f:95:39:39:f7:f7:4b:6c:
57:3c:2b:a7:9c:ac:0a:ea:f3:08:bf:4f:11:89:15:
ed:6e:8a:9d:1f:ba:0d:ea:f9:66:62:3d:c4:95:86:
3e:44:7b:dd:6a:64:7e:a0:79:86:ea:19:2c:de:63:
37:e1:74:51:a2:eb:f5:07:1e:e3:2e:77:d1:12:21:
5a:d3:af:e0:00:2d:23:a3:f0:81:35:2e:4e:8e:0d:
66:43:b3:0f:ab:20:d0:1b:8e:6f:c6:20:86:17:fd:
46:cb:d1:e2:27:65:89:8e:bb:0c:43:93:01:bc:2d:
6a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:21:BE:98:5A:56:D1:20:AA:BE:A9:1A:44:1A:24:15:C8:9F:00:75
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/oSG-mFpW0SCqvqkaRBokFcifAHU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.56.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:a6:b8:10:26:f1:5e:85:18:14:0d:3e:86:74:b9:d5:14:a2:
a4:2c:2b:1b:bf:f0:02:a6:dd:4f:57:83:e6:0f:17:66:2b:a4:
99:da:14:de:25:77:6b:fe:83:16:19:c7:bc:b3:d2:6c:8b:f5:
25:42:fa:ba:e1:dd:21:d9:5e:ad:f5:6b:b5:d2:84:d1:db:06:
f2:34:0e:c9:1a:5c:98:43:26:2e:e3:45:86:9b:41:1d:b1:d4:
7f:16:75:25:35:0c:c0:a8:d4:94:77:5b:b3:87:de:b2:c3:7c:
54:2d:5b:33:1c:fd:d5:7b:75:d8:28:97:c2:98:4c:c2:22:f5:
ef:ab:35:d1:56:69:0f:33:a4:ed:1c:c3:95:f8:f3:d6:3c:33:
4d:20:a6:fb:4e:99:02:38:3e:83:66:62:85:28:f8:52:48:18:
b2:88:b8:df:b6:94:b7:a5:86:79:f6:27:1f:a3:2d:1e:ce:67:
e4:68:89:f7:22:7c:02:33:df:a7:09:ee:60:1e:5e:47:b7:d7:
69:7b:9a:c7:39:d4:9f:bb:23:f9:67:33:28:84:92:f5:f7:c3:
25:46:0c:b0:2e:66:ba:ca:1c:cb:e7:11:05:bf:fc:7b:c1:b9:
d4:09:0e:38:16:6d:92:2b:1c:fe:d0:53:db:d6:41:09:ee:49:
d4:5d:fe:c2
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDGQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEExMjFCRTk4NUE1NkQx
MjBBQUJFQTkxQTQ0MUEyNDE1Qzg5RjAwNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnlrWgjSG+O9rPBAcos7gPI4F5HKIkeQgWVYDV/5pDRum/bF3f
qqgNMSXR4iz2QaOlTYu6lp0gEhf1paHDKYT27f+XD8JX/OgooFboVInB6q8jJPvs
lYroCkHU8u1c1DmJv/kQ2SshAXDR1VwRuKlVPKL9tAXT0oez8F2gF+RR4JLRbHBw
Ry+eq+AK0UaPlTk59/dLbFc8K6ecrArq8wi/TxGJFe1uip0fug3q+WZiPcSVhj5E
e91qZH6geYbqGSzeYzfhdFGi6/UHHuMud9ESIVrTr+AALSOj8IE1Lk6ODWZDsw+r
INAbjm/GIIYX/UbL0eInZYmOuwxDkwG8LWrTAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUoSG+mFpW0SCqvqkaRBokFcifAHUwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9vU0ctbUZwVzBTQ3F2cWthUkJv
a0ZjaWZBSFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5M4
MA0GCSqGSIb3DQEBCwUAA4IBAQB8prgQJvFehRgUDT6GdLnVFKKkLCsbv/ACpt1P
V4PmDxdmK6SZ2hTeJXdr/oMWGce8s9Jsi/UlQvq64d0h2V6t9Wu10oTR2wbyNA7J
GlyYQyYu40WGm0EdsdR/FnUlNQzAqNSUd1uzh96yw3xULVszHP3Ve3XYKJfCmEzC
IvXvqzXRVmkPM6TtHMOV+PPWPDNNIKb7TpkCOD6DZmKFKPhSSBiyiLjftpS3pYZ5
9icfoy0ezmfkaIn3InwCM9+nCe5gHl5Ht9dpe5rHOdSfuyP5ZzMohJL198MlRgyw
Lma6yhzL5xEFv/x7wbnUCQ44Fm2SKxz+0FPb1kEJ7knUXf7C
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:51 2025 by rpki-client