Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CROWN/KhZ1ShhthG_0bEaDumP2LNhW8wA.roa
File: KhZ1ShhthG_0bEaDumP2LNhW8wA.roa (raw, json)
Hash identifier: egSsMWDF2/HGAELgLeTsi5d+AOKMp62G7N1xaAR7CNw=
Subject key identifier: 2A:16:75:4A:18:6D:84:6F:F4:6C:46:83:BA:63:F6:2C:D8:56:F3:00
Certificate issuer: /CN=4A7B5FFF97B89C87BDBFD46164EE924A87D696E9
Certificate serial: 03
Authority key identifier: 4A:7B:5F:FF:97:B8:9C:87:BD:BF:D4:61:64:EE:92:4A:87:D6:96:E9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Sntf_5e4nIe9v9RhZO6SSofWluk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CROWN/KhZ1ShhthG_0bEaDumP2LNhW8wA.roa
Signing time: Wed 23 Aug 2023 16:38:37 +0000
ROA not before: Wed 23 Aug 2023 16:38:37 +0000
ROA not after: Thu 22 Aug 2024 01:11:24 +0000
asID: 131642
IP address blocks: 103.255.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 01:11:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4A7B5FFF97B89C87BDBFD46164EE924A87D696E9
Validity
Not Before: Aug 23 16:38:37 2023 GMT
Not After : Aug 22 01:11:24 2024 GMT
Subject: CN=2A16754A186D846FF46C4683BA63F62CD856F300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:79:37:99:2a:0a:96:2d:75:de:a6:ad:68:f8:
00:88:8b:d7:16:b5:0b:aa:fc:37:d9:5a:e9:d3:9e:
34:9a:ab:8a:2a:77:e4:27:45:e3:9e:2d:03:0b:62:
30:59:a3:b2:8d:2b:d2:7a:8c:00:a2:48:4c:b4:07:
64:14:c4:02:6a:ec:d1:e7:f3:d2:27:d7:aa:94:7c:
a9:5a:c4:7c:df:4b:b2:ec:aa:02:ff:ec:83:2e:75:
27:41:e6:22:51:e0:08:d9:80:d9:6c:16:98:38:58:
f8:88:c8:4f:08:c8:48:db:20:24:8c:42:21:d0:1a:
f7:0d:b8:c3:db:5c:48:23:68:70:69:0b:d1:61:a8:
19:a5:15:35:d2:29:70:e1:1e:cf:cb:43:a4:87:df:
3d:b2:dc:87:ce:1b:58:2b:29:d3:b7:5f:59:0d:9b:
c5:56:66:69:fe:4c:91:d0:65:37:fc:b6:98:13:d2:
24:b7:ca:90:6a:70:7f:96:c6:1e:c0:c1:90:5c:62:
c8:ff:ce:4e:d7:28:f5:07:87:1b:22:ca:28:c0:77:
db:d3:21:e6:e0:f4:f5:85:97:b1:70:bb:77:bd:e7:
06:b6:23:f2:23:ab:30:fb:d9:1f:93:1c:a8:00:8b:
fd:2f:53:53:8b:a2:1c:12:0c:5c:78:c4:d3:85:cc:
37:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:16:75:4A:18:6D:84:6F:F4:6C:46:83:BA:63:F6:2C:D8:56:F3:00
X509v3 Authority Key Identifier:
keyid:4A:7B:5F:FF:97:B8:9C:87:BD:BF:D4:61:64:EE:92:4A:87:D6:96:E9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CROWN/Sntf_5e4nIe9v9RhZO6SSofWluk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Sntf_5e4nIe9v9RhZO6SSofWluk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CROWN/KhZ1ShhthG_0bEaDumP2LNhW8wA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.210.0/23
Signature Algorithm: sha256WithRSAEncryption
53:42:25:d6:bc:a4:77:5b:02:02:84:0e:f3:03:c0:ff:81:d8:
1b:cb:b4:f8:58:2d:a4:b1:aa:6e:16:a7:17:d1:05:71:0b:13:
2f:9d:ec:3b:59:ae:a1:af:7a:97:f1:a6:56:c8:ce:eb:cc:68:
a3:ea:f6:df:f6:f5:4c:92:3f:c9:a1:81:84:b7:a5:68:76:3f:
2a:83:98:db:68:87:ad:39:ce:fe:8f:7b:ce:22:2f:91:d8:38:
5a:2d:de:61:50:c6:0c:e2:90:b3:1c:3d:53:c4:c1:49:05:cd:
d1:72:ad:46:4b:01:8e:a4:bf:00:d3:30:87:56:33:b8:86:d3:
52:9c:da:64:f8:9d:03:79:8c:b5:21:f1:9b:11:9f:a3:6f:f0:
8f:7b:f4:6f:aa:2a:00:85:ed:54:ff:be:12:9c:38:0f:36:05:
ae:50:d4:2d:bd:fd:a6:3b:95:c9:1d:62:f9:30:7f:7e:a0:88:
71:9d:69:e9:20:3b:76:44:85:cd:a6:c2:a4:91:41:ae:df:dd:
af:cd:1a:d5:04:99:44:e8:53:d4:cc:c8:3d:49:7c:28:d6:d3:
58:39:b9:b5:b6:c4:26:d2:3f:ce:18:4e:bf:4f:13:4c:8a:71:
60:ac:e5:42:0a:54:1d:de:84:2e:23:93:9c:8a:0a:67:0c:01:
2f:f9:dc:46
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0QTdC
NUZGRjk3Qjg5Qzg3QkRCRkQ0NjE2NEVFOTI0QTg3RDY5NkU5MB4XDTIzMDgyMzE2
MzgzN1oXDTI0MDgyMjAxMTEyNFowMzExMC8GA1UEAxMoMkExNjc1NEExODZEODQ2
RkY0NkM0NjgzQkE2M0Y2MkNEODU2RjMwMDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKl5N5kqCpYtdd6mrWj4AIiL1xa1C6r8N9la6dOeNJqriip35CdF
454tAwtiMFmjso0r0nqMAKJITLQHZBTEAmrs0efz0ifXqpR8qVrEfN9LsuyqAv/s
gy51J0HmIlHgCNmA2WwWmDhY+IjITwjISNsgJIxCIdAa9w24w9tcSCNocGkL0WGo
GaUVNdIpcOEez8tDpIffPbLch84bWCsp07dfWQ2bxVZmaf5MkdBlN/y2mBPSJLfK
kGpwf5bGHsDBkFxiyP/OTtco9QeHGyLKKMB329Mh5uD09YWXsXC7d73nBrYj8iOr
MPvZH5McqACL/S9TU4uiHBIMXHjE04XMNx0CAwEAAaOCAewwggHoMB0GA1UdDgQW
BBQqFnVKGG2Eb/RsRoO6Y/Ys2FbzADAfBgNVHSMEGDAWgBRKe1//l7ich72/1GFk
7pJKh9aW6TAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DUk9XTi9T
bnRmXzVlNG5JZTl2OVJoWk82U1NvZldsdWsuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1NudGZfNWU0bkllOXY5UmhaTzZTU29mV2x1ay5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0NST1dOL0toWjFTaGh0aEdfMGJFYUR1bVAy
TE5oVzh3QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn/9Iw
DQYJKoZIhvcNAQELBQADggEBAFNCJda8pHdbAgKEDvMDwP+B2BvLtPhYLaSxqm4W
pxfRBXELEy+d7DtZrqGvepfxplbIzuvMaKPq9t/29UySP8mhgYS3pWh2PyqDmNto
h605zv6Pe84iL5HYOFot3mFQxgzikLMcPVPEwUkFzdFyrUZLAY6kvwDTMIdWM7iG
01Kc2mT4nQN5jLUh8ZsRn6Nv8I979G+qKgCF7VT/vhKcOA82Ba5Q1C29/aY7lckd
Yvkwf36giHGdaekgO3ZEhc2mwqSRQa7f3a/NGtUEmUToU9TMyD1JfCjW01g5ubW2
xCbSP84YTr9PE0yKcWCs5UIKVB3ehC4jk5yKCmcMAS/53EY=
-----END CERTIFICATE-----
Generated at Thu Aug 8 04:08:14 2024 by rpki-client on console-ams.rpki-client.org