Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/TDtlgGyo2KmaI2tDn8SGNN07N5k.roa
File: TDtlgGyo2KmaI2tDn8SGNN07N5k.roa (raw, json)
Hash identifier: Lfk2QKVXs5o2M55vxn/Vv20pHo2XxtQrVxzWQWyUphc=
Subject key identifier: 4C:3B:65:80:6C:A8:D8:A9:9A:23:6B:43:9F:C4:86:34:DD:3B:37:99
Certificate issuer: /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial: 0336
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/TDtlgGyo2KmaI2tDn8SGNN07N5k.roa
Signing time: Thu 15 Sep 2022 02:34:47 +0000
ROA not before: Thu 15 Sep 2022 02:34:47 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 60614
IP address blocks: 103.156.185.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 822 (0x336)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
Validity
Not Before: Sep 15 02:34:47 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=4C3B65806CA8D8A99A236B439FC48634DD3B3799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:77:24:e7:e3:0e:f4:12:14:c9:46:4a:21:
1f:ae:a1:75:99:e7:f9:68:0b:50:87:de:3f:c0:ad:
95:04:5d:27:b9:19:51:c9:25:7e:d8:12:28:b6:7b:
35:60:f4:33:a1:64:7d:21:45:c9:cc:de:28:ba:f0:
25:62:50:de:af:e2:08:b6:e9:87:32:0a:24:0f:36:
ee:b2:43:07:54:de:45:ee:7c:fb:64:86:e4:7e:d4:
96:1d:b3:d0:85:2e:c1:2d:a9:73:ff:82:a1:83:5a:
91:7f:84:c1:ba:71:32:44:6e:2d:ca:32:ab:85:5c:
13:20:eb:69:28:96:d1:5d:8c:33:55:25:d4:68:12:
a3:e1:f5:02:af:2c:30:0b:f1:76:fe:d1:82:44:4c:
40:a5:57:36:e4:ef:16:7a:ef:2c:98:d0:eb:f8:dc:
68:fb:6b:7f:9a:24:60:d4:56:30:1f:8d:2e:62:80:
01:a4:d9:20:4d:7a:46:0f:65:b1:14:f1:5e:35:42:
29:a6:d0:6c:91:f5:be:f5:33:5f:8a:27:26:43:93:
28:e1:4d:61:e3:6d:1c:c7:6c:2e:79:07:6d:e2:f4:
47:07:3c:38:fb:a5:c2:6d:de:74:9c:41:04:a9:b6:
63:03:c5:5a:eb:6e:37:a6:4c:0a:9f:6a:77:58:a5:
b4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3B:65:80:6C:A8:D8:A9:9A:23:6B:43:9F:C4:86:34:DD:3B:37:99
X509v3 Authority Key Identifier:
keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/TDtlgGyo2KmaI2tDn8SGNN07N5k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.185.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:27:5f:23:99:5a:11:b2:60:30:82:82:d3:54:c1:20:82:83:
d2:4e:9b:2e:da:87:98:86:b5:61:41:2d:66:41:68:55:61:25:
73:2b:c9:82:bc:3f:72:40:b1:ca:73:2f:0b:41:32:a5:a6:36:
b5:45:41:4d:65:1c:0c:bb:aa:1d:88:f1:0a:3b:17:ae:97:27:
97:0b:43:54:c6:5c:e6:f6:53:d2:e1:ec:6a:f3:ea:6b:b6:9d:
c5:d7:47:c8:97:75:df:09:95:f7:de:f3:de:6c:7b:20:8b:a2:
e6:fc:f7:e5:94:4a:ec:b0:03:b6:90:c0:36:08:70:55:26:4e:
a7:4d:59:5f:9f:7a:76:c8:ad:a8:28:b9:21:17:b1:31:b4:27:
81:7e:16:5d:a0:df:02:ee:82:c5:57:0d:a6:a1:3b:fe:c5:a7:
77:7a:8a:ef:d4:84:fc:5e:fc:ca:24:92:a9:03:df:34:79:f6:
b0:cb:ad:7f:a5:4e:27:0b:32:ca:22:3a:cf:e2:6e:02:85:6f:
f4:34:86:66:63:f8:c6:9d:8f:dd:df:86:1b:f4:85:92:3b:b4:
5b:41:1e:c2:af:eb:e6:de:14:f5:12:d5:cd:5e:84:c7:c8:82:
da:0d:0c:86:9f:cc:6b:37:7a:52:ba:a5:8c:4a:00:12:ee:33:
ee:0e:69:c4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yMjA5MTUw
MjM0NDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRDM0I2NTgwNkNBOEQ4
QTk5QTIzNkI0MzlGQzQ4NjM0REQzQjM3OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtS3ck5+MO9BIUyUZKIR+uoXWZ5/loC1CH3j/ArZUEXSe5GVHJ
JX7YEii2ezVg9DOhZH0hRcnM3ii68CViUN6v4gi26YcyCiQPNu6yQwdU3kXufPtk
huR+1JYds9CFLsEtqXP/gqGDWpF/hMG6cTJEbi3KMquFXBMg62koltFdjDNVJdRo
EqPh9QKvLDAL8Xb+0YJETEClVzbk7xZ67yyY0Ov43Gj7a3+aJGDUVjAfjS5igAGk
2SBNekYPZbEU8V41Qimm0GyR9b71M1+KJyZDkyjhTWHjbRzHbC55B23i9EcHPDj7
pcJt3nScQQSptmMDxVrrbjemTAqfandYpbRVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTDtlgGyo2KmaI2tDn8SGNN07N5kwHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MvVER0bGdHeW8yS21hSTJ0
RG44U0dOTjA3TjVrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGecuTANBgkqhkiG9w0BAQsFAAOCAQEAxCdfI5laEbJgMIKC01TBIIKD0k6bLtqH
mIa1YUEtZkFoVWElcyvJgrw/ckCxynMvC0EypaY2tUVBTWUcDLuqHYjxCjsXrpcn
lwtDVMZc5vZT0uHsavPqa7adxddHyJd13wmV997z3mx7IIui5vz35ZRK7LADtpDA
NghwVSZOp01ZX596dsitqCi5IRexMbQngX4WXaDfAu6CxVcNpqE7/sWnd3qK79SE
/F78yiSSqQPfNHn2sMutf6VOJwsyyiI6z+JuAoVv9DSGZmP4xp2P3d+GG/SFkju0
W0Eewq/r5t4U9RLVzV6Ex8iC2g0Mhp/Mazd6UrqljEoAEu4z7g5pxA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:37:44 2023 by rpki-client on console-fra.rpki-client.org