Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AMZN/2TZimnl17xu_Gj5x2zzKYvsGSA0.roa
File: 2TZimnl17xu_Gj5x2zzKYvsGSA0.roa (raw, json)
Hash identifier: yEWnQWOj0pvHQsoekvV5P6VQgXmlNIzyZ5OdG1x96so=
Subject key identifier: D9:36:62:9A:79:75:EF:1B:BF:1A:3E:71:DB:3C:CA:62:FB:06:48:0D
Certificate issuer: /CN=655679B564FF9DD15745A99C75189C02FC81258E
Certificate serial: 04
Authority key identifier: 65:56:79:B5:64:FF:9D:D1:57:45:A9:9C:75:18:9C:02:FC:81:25:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ZVZ5tWT_ndFXRamcdRicAvyBJY4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AMZN/2TZimnl17xu_Gj5x2zzKYvsGSA0.roa
Signing time: Thu 20 Jul 2023 09:47:14 +0000
ROA not before: Thu 20 Jul 2023 09:47:14 +0000
ROA not after: Thu 18 Jul 2024 15:30:18 +0000
asID: 7538
IP address blocks: 103.149.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 15:34:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=655679B564FF9DD15745A99C75189C02FC81258E
Validity
Not Before: Jul 20 09:47:14 2023 GMT
Not After : Jul 18 15:30:18 2024 GMT
Subject: CN=D936629A7975EF1BBF1A3E71DB3CCA62FB06480D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:43:ee:93:10:aa:8b:fd:b9:09:c6:0f:ad:
00:19:4d:47:d2:6a:99:f0:2d:96:03:cb:36:98:11:
02:8a:12:07:fd:78:b5:90:88:e6:7d:9b:d8:b3:f2:
6d:bc:b4:3c:38:55:5e:72:58:d6:91:45:1e:65:7f:
a3:98:f3:7a:79:0e:e3:52:63:bf:5b:80:2a:03:51:
07:cc:23:ed:ed:09:9d:30:2b:7e:7e:35:8e:08:ef:
ee:fd:68:57:a5:43:48:68:ec:38:31:86:9e:09:50:
14:e4:60:cc:7a:5a:cb:9e:c2:9d:46:44:4b:ac:42:
3c:dd:cb:e5:33:a1:b3:00:0f:73:89:9e:4b:a0:8d:
41:b0:e6:44:fe:31:11:d8:4c:f0:ca:13:c2:3e:ad:
84:eb:33:1b:10:1e:a4:e3:60:04:c6:14:7f:65:24:
ec:81:57:1b:2d:a6:cb:de:6c:7c:3c:85:d1:35:33:
b2:ee:a5:92:74:d4:9c:ff:10:b2:13:b3:88:37:05:
72:bb:1b:3d:5b:18:36:cc:00:e9:4f:e7:94:24:7e:
92:87:57:a4:bc:03:ec:98:1d:24:bd:fc:fc:1a:82:
8c:77:c6:90:89:67:9d:b7:46:05:c1:3c:4d:0a:d1:
47:52:ae:7e:52:80:55:37:de:0a:26:cd:34:8d:73:
6d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:36:62:9A:79:75:EF:1B:BF:1A:3E:71:DB:3C:CA:62:FB:06:48:0D
X509v3 Authority Key Identifier:
keyid:65:56:79:B5:64:FF:9D:D1:57:45:A9:9C:75:18:9C:02:FC:81:25:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AMZN/ZVZ5tWT_ndFXRamcdRicAvyBJY4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZVZ5tWT_ndFXRamcdRicAvyBJY4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AMZN/2TZimnl17xu_Gj5x2zzKYvsGSA0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.150.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:56:b1:17:9d:a5:d8:61:70:5e:99:6a:78:38:cc:5f:71:a3:
71:86:54:5f:5a:28:f3:ee:c8:dc:0b:cd:2f:92:62:20:72:08:
df:44:71:5c:72:7d:94:84:43:6d:08:2e:f4:da:b7:b0:7d:d6:
59:3c:36:34:fa:0a:c8:fa:0a:9f:91:c0:3d:1c:a5:42:69:d2:
05:2f:73:84:9d:97:4d:da:b3:d1:7c:b6:1a:93:ce:6d:09:ac:
ac:e5:06:10:f0:08:d4:eb:c2:20:e7:da:6f:64:74:64:3c:55:
2d:cb:75:cf:7e:39:f0:a5:d2:d2:2e:aa:f3:46:7b:6b:5b:fa:
15:4f:ee:5f:c4:ad:0e:13:9d:3b:6d:32:62:51:6d:7d:ff:db:
87:51:3a:51:92:d3:9a:a8:2d:36:93:a7:72:6d:7b:dd:ed:d2:
28:7b:cf:c7:34:45:19:cb:70:8d:fa:4a:dd:8e:35:7f:27:bc:
19:16:84:0d:1f:a1:8d:90:26:a3:c5:23:b0:64:1e:3c:c3:43:
51:13:de:3f:d9:d7:43:3f:51:09:92:b4:ea:67:f2:1b:5b:74:
7e:05:9b:c7:e0:24:27:1f:6e:11:78:2c:79:77:e8:49:a1:66:
91:58:f1:75:19:b4:95:9a:25:04:9e:ca:bd:46:20:25:8d:74:
98:6e:d8:ab
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2NTU2
NzlCNTY0RkY5REQxNTc0NUE5OUM3NTE4OUMwMkZDODEyNThFMB4XDTIzMDcyMDA5
NDcxNFoXDTI0MDcxODE1MzAxOFowMzExMC8GA1UEAxMoRDkzNjYyOUE3OTc1RUYx
QkJGMUEzRTcxREIzQ0NBNjJGQjA2NDgwRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALVlQ+6TEKqL/bkJxg+tABlNR9JqmfAtlgPLNpgRAooSB/14tZCI
5n2b2LPybby0PDhVXnJY1pFFHmV/o5jzenkO41Jjv1uAKgNRB8wj7e0JnTArfn41
jgjv7v1oV6VDSGjsODGGnglQFORgzHpay57CnUZES6xCPN3L5TOhswAPc4meS6CN
QbDmRP4xEdhM8MoTwj6thOszGxAepONgBMYUf2Uk7IFXGy2my95sfDyF0TUzsu6l
knTUnP8QshOziDcFcrsbPVsYNswA6U/nlCR+kodXpLwD7JgdJL38/BqCjHfGkIln
nbdGBcE8TQrRR1KuflKAVTfeCibNNI1zbW8CAwEAAaOCAeowggHmMB0GA1UdDgQW
BBTZNmKaeXXvG78aPnHbPMpi+wZIDTAfBgNVHSMEGDAWgBRlVnm1ZP+d0VdFqZx1
GJwC/IEljjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BTVpOL1pW
WjV0V1RfbmRGWFJhbWNkUmljQXZ5QkpZNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
WlZaNXRXVF9uZEZYUmFtY2RSaWNBdnlCSlk0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvQU1aTi8yVFppbW5sMTd4dV9HajV4Mnp6S1l2
c0dTQTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ5WWMA0G
CSqGSIb3DQEBCwUAA4IBAQBaVrEXnaXYYXBemWp4OMxfcaNxhlRfWijz7sjcC80v
kmIgcgjfRHFccn2UhENtCC702rewfdZZPDY0+grI+gqfkcA9HKVCadIFL3OEnZdN
2rPRfLYak85tCays5QYQ8AjU68Ig59pvZHRkPFUty3XPfjnwpdLSLqrzRntrW/oV
T+5fxK0OE507bTJiUW19/9uHUTpRktOaqC02k6dybXvd7dIoe8/HNEUZy3CN+krd
jjV/J7wZFoQNH6GNkCajxSOwZB48w0NRE94/2ddDP1EJkrTqZ/IbW3R+BZvH4CQn
H24ReCx5d+hJoWaRWPF1GbSVmiUEnsq9RiAljXSYbtir
-----END CERTIFICATE-----
Generated at Thu Jul 4 17:37:27 2024 by rpki-client on console-ams.rpki-client.org