Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/zolICAL80pjkMrqXQ6VKnqqIX34.roa
File: zolICAL80pjkMrqXQ6VKnqqIX34.roa (raw, json)
Hash identifier: nGJ1VpEDm9yy+mUmCxdTHB43hftlPM+Uj3UmTp4JmcY=
Subject key identifier: CE:89:48:08:02:FC:D2:98:E4:32:BA:97:43:A5:4A:9E:AA:88:5F:7E
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 09DE
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/zolICAL80pjkMrqXQ6VKnqqIX34.roa
Signing time: Wed 29 Sep 2021 02:52:05 +0000
ROA not before: Wed 29 Sep 2021 02:52:05 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18429
IP address blocks: 123.50.48.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2526 (0x9de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 29 02:52:05 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=CE89480802FCD298E432BA9743A54A9EAA885F7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1a:18:9b:c4:28:88:98:79:d6:4d:92:e2:23:
48:33:27:38:e8:dc:bd:00:7b:a0:d0:59:45:41:21:
a1:05:97:06:db:50:54:65:45:a3:37:5b:68:c6:ed:
78:b7:f0:5a:12:1e:c8:80:5d:15:c4:fd:2f:09:11:
06:33:4b:cc:24:a9:93:f4:9c:bd:fb:fa:05:73:d4:
cf:65:e2:36:48:45:e9:c7:37:ac:7d:0a:63:72:24:
57:3c:b4:9e:84:c8:9a:8d:9f:db:5d:4b:3e:4b:3f:
9b:3d:31:b3:37:e6:51:70:a8:1b:a0:96:f6:29:75:
47:7e:e4:d2:74:3e:99:d2:c2:89:e8:d1:66:43:b0:
e9:41:4e:c9:a8:48:88:03:20:b1:15:07:40:6d:cc:
76:69:66:98:9f:5c:76:c1:89:42:80:05:ad:16:04:
7f:44:79:ab:52:dd:74:fa:1b:87:47:e6:fd:1d:fb:
44:7f:89:8c:9e:0c:af:99:52:2a:55:79:94:3e:70:
ce:11:55:23:38:5a:2d:c5:e0:56:67:ab:db:02:21:
b4:aa:b8:f5:1a:1f:46:69:7f:93:6f:e3:aa:d1:b5:
98:59:4d:27:5c:cb:7a:aa:76:cf:52:f3:24:37:7f:
43:8a:6d:02:f3:d1:75:1c:ca:c8:04:96:78:c7:e2:
1e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:89:48:08:02:FC:D2:98:E4:32:BA:97:43:A5:4A:9E:AA:88:5F:7E
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/zolICAL80pjkMrqXQ6VKnqqIX34.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.50.48.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:cb:b0:a3:44:1d:ab:95:2c:d0:05:f9:cc:e4:2c:c4:c3:ad:
c9:84:e8:c7:ee:35:1d:e0:a6:02:f6:00:83:ad:a2:bf:66:d6:
72:d1:61:60:2d:a1:04:43:41:ad:32:3a:e2:1d:2f:6d:e3:10:
61:64:02:24:27:50:50:2c:92:95:4d:bf:53:eb:b3:f4:a6:dc:
0b:da:69:3d:26:6a:68:89:3d:98:f2:62:58:16:35:52:94:3a:
89:9d:4e:1e:b4:1d:a3:be:a8:6b:c1:bf:1a:d2:c7:b3:13:8a:
8e:4c:99:fb:81:95:5a:01:16:8c:ea:c8:b6:f1:c1:88:ac:6d:
fb:85:0f:c8:28:cf:4d:9a:be:76:37:32:98:db:88:d9:99:b5:
a3:56:3c:47:5f:86:00:50:ef:2d:22:9a:c6:a2:eb:38:dd:2e:
03:91:1a:a2:90:d0:1c:2c:87:b3:9f:23:4f:93:35:5c:5d:87:
5a:56:a3:16:9c:d7:22:da:0f:2c:7b:7a:f6:83:f3:4e:d5:9e:
91:53:44:36:35:96:fd:10:28:b0:60:b2:34:15:9b:4d:64:bf:
2a:9e:4b:06:b5:75:a1:15:99:31:42:2f:4d:fe:57:51:c9:f3:
79:ce:18:6f:d9:56:f9:d3:a2:62:06:b6:c7:8d:09:d9:3c:4a:
3d:df:a6:fd
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENFODk0ODA4MDJGQ0Qy
OThFNDMyQkE5NzQzQTU0QTlFQUE4ODVGN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHGhibxCiImHnWTZLiI0gzJzjo3L0Ae6DQWUVBIaEFlwbbUFRl
RaM3W2jG7Xi38FoSHsiAXRXE/S8JEQYzS8wkqZP0nL37+gVz1M9l4jZIRenHN6x9
CmNyJFc8tJ6EyJqNn9tdSz5LP5s9MbM35lFwqBuglvYpdUd+5NJ0PpnSwono0WZD
sOlBTsmoSIgDILEVB0BtzHZpZpifXHbBiUKABa0WBH9EeatS3XT6G4dH5v0d+0R/
iYyeDK+ZUipVeZQ+cM4RVSM4Wi3F4FZnq9sCIbSquPUaH0Zpf5Nv46rRtZhZTSdc
y3qqds9S8yQ3f0OKbQLz0XUcysgElnjH4h4pAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUzolICAL80pjkMrqXQ6VKnqqIX34wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC96b2xJQ0FMODBwamtNcnFYUTZW
S25xcUlYMzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDezIw
MA0GCSqGSIb3DQEBCwUAA4IBAQAby7CjRB2rlSzQBfnM5CzEw63JhOjH7jUd4KYC
9gCDraK/ZtZy0WFgLaEEQ0GtMjriHS9t4xBhZAIkJ1BQLJKVTb9T67P0ptwL2mk9
JmpoiT2Y8mJYFjVSlDqJnU4etB2jvqhrwb8a0sezE4qOTJn7gZVaARaM6si28cGI
rG37hQ/IKM9Nmr52NzKY24jZmbWjVjxHX4YAUO8tIprGous43S4DkRqikNAcLIez
nyNPkzVcXYdaVqMWnNci2g8se3r2g/NO1Z6RU0Q2NZb9ECiwYLI0FZtNZL8qnksG
tXWhFZkxQi9N/ldRyfN5zhhv2Vb506JiBrbHjQnZPEo936b9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org