Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/pbXPYDiSzfBgJmsX_B7xk2qx2OQ.roa
File: pbXPYDiSzfBgJmsX_B7xk2qx2OQ.roa (raw, json)
Hash identifier: W/a4W/br9UYzjb7+uh7PvrM/FE97AVMprFP2n9BFUbs=
Subject key identifier: A5:B5:CF:60:38:92:CD:F0:60:26:6B:17:FC:1E:F1:93:6A:B1:D8:E4
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0796
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/pbXPYDiSzfBgJmsX_B7xk2qx2OQ.roa
Signing time: Tue 29 Sep 2020 09:59:30 +0000
ROA not before: Tue 29 Sep 2020 09:59:30 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18429
IP address blocks: 123.50.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1942 (0x796)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 09:59:30 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A5B5CF603892CDF060266B17FC1EF1936AB1D8E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:03:9f:f3:15:54:b6:a0:0e:51:21:44:35:ed:
0f:7e:d3:c5:57:87:ab:75:d5:68:fe:cc:d1:81:64:
55:8c:11:c0:67:fa:3b:9a:94:01:0e:da:8c:3c:0b:
26:14:a0:7a:f5:aa:d3:89:51:45:cf:e2:76:54:5e:
05:6b:c5:80:dd:e9:58:63:18:92:b7:4d:ae:0d:c8:
07:ca:44:b9:21:34:f7:a4:2f:43:d1:01:45:bd:b2:
a2:38:d9:dc:3e:af:e2:75:33:e6:cd:9e:12:14:13:
fa:99:a8:b6:51:f8:f8:3a:e0:81:3c:ca:86:ec:d5:
7b:47:2d:b2:00:dd:ed:82:91:7e:5e:5d:0b:38:24:
b8:cc:87:27:5a:cd:6b:05:25:5b:32:98:7b:f8:65:
c7:6f:0e:f0:c3:de:53:22:be:23:38:12:d7:b2:d4:
cb:af:85:65:04:2d:88:93:e4:b9:88:fc:80:f5:6c:
b5:81:ee:4e:1c:aa:3b:e3:da:3a:31:5f:fe:0f:a6:
b6:97:92:ac:a8:86:5a:3d:42:04:67:fe:c5:6f:25:
00:79:b7:16:2d:49:72:c8:e2:b0:0d:2f:af:01:19:
d6:3a:44:f4:92:24:48:07:e2:a0:c0:9c:bf:ee:81:
41:43:7f:a2:6f:3a:54:5c:5d:6a:7e:3b:c8:f8:d2:
fd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B5:CF:60:38:92:CD:F0:60:26:6B:17:FC:1E:F1:93:6A:B1:D8:E4
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/pbXPYDiSzfBgJmsX_B7xk2qx2OQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.50.56.0/21
Signature Algorithm: sha256WithRSAEncryption
10:e2:ec:f4:96:01:bc:0c:b6:51:57:8c:81:32:66:3e:23:1b:
1e:60:ab:e7:5f:6a:fe:f9:5c:ef:7f:53:90:1a:ea:2e:44:46:
f0:57:27:58:29:85:5c:c8:23:cb:bf:92:8b:35:4f:8a:8a:63:
e4:13:8f:e6:fc:71:73:ec:ed:57:2b:96:b6:d2:82:0a:49:72:
71:f0:4b:f1:b8:fd:29:43:98:46:5a:97:be:58:e0:46:6e:38:
8c:cc:23:77:3d:ce:31:18:90:10:67:87:47:0a:da:c4:93:68:
a2:35:aa:ac:42:00:04:ac:63:9d:20:70:2a:4d:e4:64:6a:37:
27:de:03:06:12:9f:82:38:42:0d:ab:d7:85:c5:7e:26:c9:f4:
4b:24:ad:1a:76:96:98:fc:25:ee:42:d2:e1:03:cf:3f:dd:f5:
5d:75:99:92:bc:0d:6c:d5:55:4c:54:11:65:72:14:ab:6a:5e:
81:60:fb:41:e0:9c:f3:c8:f0:fa:16:ea:9a:86:6f:37:55:06:
fc:8f:f3:ca:a0:f5:32:fe:f1:97:5c:6e:82:1d:2c:9b:f6:54:
e3:11:50:a9:57:56:ce:2d:36:00:d3:75:1e:d7:89:37:ce:ef:
93:79:64:f2:5a:0f:59:75:81:68:08:05:00:02:da:2d:f4:87:
7d:2d:3e:fa
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMDA5Mjkw
OTU5MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEE1QjVDRjYwMzg5MkNE
RjA2MDI2NkIxN0ZDMUVGMTkzNkFCMUQ4RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChA5/zFVS2oA5RIUQ17Q9+08VXh6t11Wj+zNGBZFWMEcBn+jua
lAEO2ow8CyYUoHr1qtOJUUXP4nZUXgVrxYDd6VhjGJK3Ta4NyAfKRLkhNPekL0PR
AUW9sqI42dw+r+J1M+bNnhIUE/qZqLZR+Pg64IE8yobs1XtHLbIA3e2CkX5eXQs4
JLjMhydazWsFJVsymHv4ZcdvDvDD3lMiviM4Etey1MuvhWUELYiT5LmI/ID1bLWB
7k4cqjvj2joxX/4PpraXkqyohlo9QgRn/sVvJQB5txYtSXLI4rANL68BGdY6RPSS
JEgH4qDAnL/ugUFDf6JvOlRcXWp+O8j40v0TAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUpbXPYDiSzfBgJmsX/B7xk2qx2OQwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9wYlhQWURpU3pmQmdKbXNYX0I3
eGsycXgyT1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDezI4
MA0GCSqGSIb3DQEBCwUAA4IBAQAQ4uz0lgG8DLZRV4yBMmY+IxseYKvnX2r++Vzv
f1OQGuouREbwVydYKYVcyCPLv5KLNU+KimPkE4/m/HFz7O1XK5a20oIKSXJx8Evx
uP0pQ5hGWpe+WOBGbjiMzCN3Pc4xGJAQZ4dHCtrEk2iiNaqsQgAErGOdIHAqTeRk
ajcn3gMGEp+COEINq9eFxX4myfRLJK0adpaY/CXuQtLhA88/3fVddZmSvA1s1VVM
VBFlchSral6BYPtB4JzzyPD6Fuqahm83VQb8j/PKoPUy/vGXXG6CHSyb9lTjEVCp
V1bOLTYA03Ue14k3zu+TeWTyWg9ZdYFoCAUAAtot9Id9LT76
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org