Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/wu8hBJAZyxsa6vv9r3DI8FOcjE4.roa
File: wu8hBJAZyxsa6vv9r3DI8FOcjE4.roa (raw, json)
Hash identifier: TJnlfNZ9zYN4AagyOyWAiAj81AWaCRS8ceDrOEBt/Bk=
Subject key identifier: C2:EF:21:04:90:19:CB:1B:1A:EA:FB:FD:AF:70:C8:F0:53:9C:8C:4E
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B57
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/wu8hBJAZyxsa6vv9r3DI8FOcjE4.roa
Signing time: Thu 15 Dec 2022 02:57:01 +0000
ROA not before: Thu 15 Dec 2022 02:57:01 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 61.57.136.0/21 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2903 (0xb57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:57:01 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=C2EF21049019CB1B1AEAFBFDAF70C8F0539C8C4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:44:8d:87:f0:d0:70:19:f9:66:3b:84:7b:74:
5c:12:25:a9:6e:73:f2:c8:8b:53:a1:db:f1:ac:a8:
0d:b9:45:ff:8c:b9:35:ad:fa:27:f5:42:57:be:e8:
f7:31:22:03:8e:97:e4:fc:66:ae:22:8d:fe:12:3a:
d0:50:eb:a8:e4:21:fd:45:e2:67:e1:20:04:18:78:
fd:71:63:da:4b:78:68:53:22:75:4b:57:33:e3:03:
0d:ea:df:14:c6:33:41:4f:2d:a4:24:ba:66:5d:6b:
a5:f3:8b:a5:aa:7e:fd:6b:ca:22:5b:43:e7:b4:30:
33:a1:2b:5c:a3:14:ea:a1:83:80:ee:b8:0a:1e:f8:
0f:9a:41:4d:f7:be:9f:61:e2:c0:d9:09:8a:12:a7:
18:2b:42:33:2f:c7:b0:2e:f8:42:33:78:b5:f9:8c:
3a:3b:7d:61:19:61:6a:d9:27:61:0d:2c:62:e8:d0:
ed:aa:2b:4a:e2:cf:56:d3:0b:36:8c:ea:10:30:a2:
ff:f5:f1:16:a7:95:73:e6:21:27:29:8a:5b:1d:b0:
31:cf:b3:0d:43:7a:97:fc:40:30:33:17:01:f2:6e:
f1:ae:4f:68:9f:48:b5:04:1f:b6:8b:77:58:58:a0:
30:8b:42:91:fa:01:ca:e6:0a:97:c7:be:19:d6:28:
f4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:EF:21:04:90:19:CB:1B:1A:EA:FB:FD:AF:70:C8:F0:53:9C:8C:4E
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/wu8hBJAZyxsa6vv9r3DI8FOcjE4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.136.0/21
Signature Algorithm: sha256WithRSAEncryption
25:65:aa:e6:1b:a4:d0:66:71:87:8b:cd:7e:77:d0:2a:b9:95:
b8:43:02:09:7f:9b:79:27:26:90:12:3e:1e:f7:c9:97:7e:30:
95:3e:1e:b8:ec:9f:8c:b7:61:45:7f:56:ab:45:78:51:78:2c:
ea:3f:7d:d3:8f:f9:c5:55:c5:3f:21:85:46:d6:59:01:c3:12:
29:43:4d:60:f5:63:04:2e:4f:f7:6a:b9:98:6e:cf:47:1d:6d:
47:f4:35:d3:ff:76:5a:64:70:3f:3e:1c:61:fa:6c:57:5c:6e:
37:be:d6:de:88:f0:ea:7f:f9:c9:d2:27:7b:47:ef:a1:36:ab:
f0:f2:f7:1a:84:06:11:48:6c:1e:a3:97:61:71:0a:28:4d:67:
5c:9c:8b:6d:19:f3:0d:04:91:44:10:64:44:70:46:59:b2:e1:
06:66:08:a5:94:c8:8e:61:bb:92:71:c0:d6:4d:bb:6b:7d:6f:
7c:b0:07:82:c1:2c:7b:c8:fe:d1:2f:d2:b4:c5:73:c0:de:a9:
71:eb:26:1f:f0:b1:f0:f1:25:08:b5:97:16:74:6e:ad:8c:33:
6d:79:a6:f4:3d:17:76:fe:ac:ba:85:7b:79:aa:66:23:53:38:
e9:41:db:de:1c:9d:5f:48:75:19:9c:59:bb:4d:aa:7f:34:77:
5d:d5:6b:1e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU3MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEMyRUYyMTA0OTAxOUNC
MUIxQUVBRkJGREFGNzBDOEYwNTM5QzhDNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoRI2H8NBwGflmO4R7dFwSJaluc/LIi1Oh2/GsqA25Rf+MuTWt
+if1Qle+6PcxIgOOl+T8Zq4ijf4SOtBQ66jkIf1F4mfhIAQYeP1xY9pLeGhTInVL
VzPjAw3q3xTGM0FPLaQkumZda6Xzi6Wqfv1ryiJbQ+e0MDOhK1yjFOqhg4DuuAoe
+A+aQU33vp9h4sDZCYoSpxgrQjMvx7Au+EIzeLX5jDo7fWEZYWrZJ2ENLGLo0O2q
K0riz1bTCzaM6hAwov/18RanlXPmIScpilsdsDHPsw1Depf8QDAzFwHybvGuT2if
SLUEH7aLd1hYoDCLQpH6AcrmCpfHvhnWKPQbAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUwu8hBJAZyxsa6vv9r3DI8FOcjE4wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC93dThoQkpBWnl4c2E2dnY5cjNE
SThGT2NqRTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmI
MA0GCSqGSIb3DQEBCwUAA4IBAQAlZarmG6TQZnGHi81+d9AquZW4QwIJf5t5JyaQ
Ej4e98mXfjCVPh647J+Mt2FFf1arRXhReCzqP33Tj/nFVcU/IYVG1lkBwxIpQ01g
9WMELk/3armYbs9HHW1H9DXT/3ZaZHA/Phxh+mxXXG43vtbeiPDqf/nJ0id7R++h
Nqvw8vcahAYRSGweo5dhcQooTWdcnIttGfMNBJFEEGREcEZZsuEGZgillMiOYbuS
ccDWTbtrfW98sAeCwSx7yP7RL9K0xXPA3qlx6yYf8LHw8SUItZcWdG6tjDNteab0
PRd2/qy6hXt5qmYjUzjpQdveHJ1fSHUZnFm7Tap/NHdd1Wse
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org