Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/xi2zJznJD1JX0mL2NvWdJc5NFY8.roa
File: xi2zJznJD1JX0mL2NvWdJc5NFY8.roa (raw, json)
Hash identifier: rdxypAIjxlU3pE9Z8u5X4wgsQQy7151DhP/wopxfiVI=
Subject key identifier: C6:2D:B3:27:39:C9:0F:52:57:D2:62:F6:36:F5:9D:25:CE:4D:15:8F
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0A7E
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/xi2zJznJD1JX0mL2NvWdJc5NFY8.roa
Signing time: Wed 04 May 2022 03:09:39 +0000
ROA not before: Wed 04 May 2022 03:09:39 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 27.147.0.0/21 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2686 (0xa7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: May 4 03:09:39 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=C62DB32739C90F5257D262F636F59D25CE4D158F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ea:d5:38:99:75:ed:02:4b:c1:ad:96:39:82:
16:5c:98:db:1f:c4:04:e2:9d:30:97:e0:64:6e:5f:
c6:ae:e4:f2:a8:08:e9:e9:5c:e5:84:26:71:ad:7b:
16:e4:9e:eb:00:2a:33:8a:f7:2a:63:7c:80:a1:69:
08:15:80:b0:c2:6a:7b:ff:01:93:ec:bf:a3:5a:b0:
17:22:02:7e:e3:95:cb:4b:91:2a:e7:5c:c8:f5:94:
84:31:1b:a6:a7:ec:23:80:e5:3b:76:9f:0b:25:ff:
80:7c:27:f7:a9:40:49:c1:a8:39:9d:05:74:49:3f:
87:02:c5:39:b8:52:f4:bc:31:62:f7:c7:5a:30:9f:
df:97:e2:44:f8:69:b9:fa:5e:3a:d3:32:f0:bf:87:
c2:de:6e:2b:f4:b7:3c:b6:d7:c2:8e:89:38:1f:bc:
5e:8f:fd:09:0a:7e:e9:a2:f6:e8:00:2a:7f:05:24:
a5:96:61:f9:da:a1:61:d5:10:6f:da:9f:69:90:18:
36:63:9a:a7:6d:11:4f:d5:86:3d:b3:14:64:ed:77:
b7:f0:65:61:ae:ac:8c:16:28:67:48:21:df:b4:19:
8e:a9:e0:e2:7b:1d:ea:6c:94:80:61:c4:04:c1:7e:
a4:6b:3a:99:3f:12:54:89:75:00:56:35:10:d7:ea:
4f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2D:B3:27:39:C9:0F:52:57:D2:62:F6:36:F5:9D:25:CE:4D:15:8F
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/xi2zJznJD1JX0mL2NvWdJc5NFY8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.0.0/21
Signature Algorithm: sha256WithRSAEncryption
69:4e:8f:9b:3a:fa:28:08:37:08:00:98:c8:7b:96:53:b7:4b:
66:bd:40:8d:bb:4c:b2:d9:68:18:6d:e5:14:6f:35:0b:42:43:
61:a2:52:14:80:60:e6:92:4e:a1:9e:03:e9:a5:72:fc:b4:4f:
79:20:6c:ff:f8:15:1f:81:8c:d9:d7:6f:6c:21:7a:24:14:44:
bf:37:59:f7:07:4a:ea:41:78:ef:b9:82:17:fd:55:89:e9:86:
2d:16:bc:14:32:db:87:5c:4c:79:31:bb:db:59:5f:6c:30:2f:
33:6b:5b:fc:87:3e:1f:8d:07:c2:7b:1e:27:e7:41:f1:16:a0:
95:f9:54:3e:22:f6:f7:50:ce:1c:25:7a:81:cd:fb:5d:8b:6e:
0b:98:d2:33:2c:04:1d:bf:70:ce:d4:57:a3:c7:df:4a:2a:13:
7b:1d:21:8f:b3:04:14:55:73:d5:71:ee:7c:12:9a:28:f6:8e:
83:58:e7:6a:c0:d6:fc:17:a4:11:47:26:44:07:78:49:c8:61:
78:eb:08:a7:eb:51:39:bd:3f:27:88:3b:6b:82:d5:eb:cf:c3:
6c:f8:eb:90:e5:3e:3e:ed:3c:41:fa:21:5b:fd:eb:7b:96:b9:
4f:b8:5d:ec:9e:67:55:1f:6e:dd:74:5f:c9:11:70:db:64:b0:
fe:0e:cb:63
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA1MDQw
MzA5MzlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEM2MkRCMzI3MzlDOTBG
NTI1N0QyNjJGNjM2RjU5RDI1Q0U0RDE1OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDm6tU4mXXtAkvBrZY5ghZcmNsfxATinTCX4GRuX8au5PKoCOnp
XOWEJnGtexbknusAKjOK9ypjfIChaQgVgLDCanv/AZPsv6NasBciAn7jlctLkSrn
XMj1lIQxG6an7COA5Tt2nwsl/4B8J/epQEnBqDmdBXRJP4cCxTm4UvS8MWL3x1ow
n9+X4kT4abn6XjrTMvC/h8Lebiv0tzy218KOiTgfvF6P/QkKfumi9ugAKn8FJKWW
YfnaoWHVEG/an2mQGDZjmqdtEU/Vhj2zFGTtd7fwZWGurIwWKGdIId+0GY6p4OJ7
HepslIBhxATBfqRrOpk/ElSJdQBWNRDX6k/JAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUxi2zJznJD1JX0mL2NvWdJc5NFY8wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC94aTJ6SnpuSkQxSlgwbUwyTnZX
ZEpjNU5GWTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MA
MA0GCSqGSIb3DQEBCwUAA4IBAQBpTo+bOvooCDcIAJjIe5ZTt0tmvUCNu0yy2WgY
beUUbzULQkNholIUgGDmkk6hngPppXL8tE95IGz/+BUfgYzZ129sIXokFES/N1n3
B0rqQXjvuYIX/VWJ6YYtFrwUMtuHXEx5MbvbWV9sMC8za1v8hz4fjQfCex4n50Hx
FqCV+VQ+Ivb3UM4cJXqBzftdi24LmNIzLAQdv3DO1Fejx99KKhN7HSGPswQUVXPV
ce58Epoo9o6DWOdqwNb8F6QRRyZEB3hJyGF46win61E5vT8niDtrgtXrz8Ns+OuQ
5T4+7TxB+iFb/et7lrlPuF3snmdVH27ddF/JEXDbZLD+Dstj
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org