Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CROWN/iJ7zemCW3lsmzuS2pOPWTggb7tU.roa
File: iJ7zemCW3lsmzuS2pOPWTggb7tU.roa (raw, json)
Hash identifier: S5E09I3dyGZyc95Z+TiIoC4Rqw6dLWb5Zt27sYdpNbg=
Subject key identifier: 88:9E:F3:7A:60:96:DE:5B:26:CE:E4:B6:A4:E3:D6:4E:08:1B:EE:D5
Certificate issuer: /CN=4A7B5FFF97B89C87BDBFD46164EE924A87D696E9
Certificate serial: 0103
Authority key identifier: 4A:7B:5F:FF:97:B8:9C:87:BD:BF:D4:61:64:EE:92:4A:87:D6:96:E9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Sntf_5e4nIe9v9RhZO6SSofWluk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CROWN/iJ7zemCW3lsmzuS2pOPWTggb7tU.roa
Signing time: Mon 26 Aug 2024 05:11:48 +0000
ROA not before: Mon 26 Aug 2024 05:11:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 103.255.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 18:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 259 (0x103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4A7B5FFF97B89C87BDBFD46164EE924A87D696E9
Validity
Not Before: Aug 26 05:11:48 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=889EF37A6096DE5B26CEE4B6A4E3D64E081BEED5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9b:ca:70:6e:0d:08:0a:e1:29:2c:77:c8:e4:
58:95:64:a3:ca:d6:e4:05:5b:23:42:5b:91:d0:88:
12:eb:d7:dc:b7:b0:29:5a:7e:6f:57:cb:5f:84:04:
df:14:38:2f:22:7c:0b:c3:7f:4b:31:9f:78:6c:73:
0f:c3:a4:a7:0e:3c:1c:bc:ba:ce:02:b7:3f:ff:86:
50:cd:3d:6a:28:b3:0a:7f:01:77:fb:35:5b:37:0e:
7a:f0:11:0e:e2:21:c6:01:81:f2:fb:05:84:79:95:
d5:1a:65:bd:c6:2c:95:5e:1b:17:78:7f:da:74:4b:
12:d7:2f:28:1b:48:2d:fe:09:f4:08:39:69:a6:e0:
9f:a5:f2:b8:ed:2a:a4:48:11:22:1d:34:2b:67:6d:
ef:88:c3:a4:9c:cd:9c:e1:e9:14:8b:d4:0a:3a:69:
b8:b8:db:d3:48:47:bd:9f:3a:1c:d3:6e:cf:0f:9b:
49:71:c2:02:48:ab:6d:ac:c6:2e:6f:98:2f:20:29:
21:a9:d9:74:6d:f2:13:62:84:a4:f8:2c:94:cd:0f:
a2:7b:c6:48:4f:98:64:2c:f2:40:d3:46:7c:ad:3c:
a7:d3:de:a6:a4:b6:56:ee:5a:d8:4b:20:33:27:b0:
22:de:8e:5b:fb:65:b4:4f:d5:ad:c6:d9:e2:e5:bd:
5d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9E:F3:7A:60:96:DE:5B:26:CE:E4:B6:A4:E3:D6:4E:08:1B:EE:D5
X509v3 Authority Key Identifier:
keyid:4A:7B:5F:FF:97:B8:9C:87:BD:BF:D4:61:64:EE:92:4A:87:D6:96:E9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CROWN/Sntf_5e4nIe9v9RhZO6SSofWluk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Sntf_5e4nIe9v9RhZO6SSofWluk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CROWN/iJ7zemCW3lsmzuS2pOPWTggb7tU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.210.0/23
Signature Algorithm: sha256WithRSAEncryption
71:91:0e:35:2d:f9:68:4d:73:7a:91:5c:03:2d:e2:40:5b:9f:
cf:1c:eb:3b:ca:94:d3:8c:23:2d:66:79:d7:a0:9e:69:e9:6d:
31:2b:65:2e:94:36:c2:fb:e9:03:07:d1:cb:46:ff:0f:36:38:
89:a1:9e:fe:7c:32:81:36:fe:a7:ea:ff:9d:df:cb:81:3f:9e:
59:41:b1:2a:65:19:89:cf:c0:63:55:87:4e:f4:5f:7e:f9:3f:
30:99:ba:38:60:c8:60:7e:e3:3f:62:82:6c:17:6f:67:0f:48:
47:21:bc:35:53:e0:99:92:cb:90:9d:31:e6:d3:13:82:cc:8b:
11:c2:c5:cb:56:58:58:fc:4e:22:f4:b8:ce:1e:50:41:30:c7:
ff:c9:da:2a:91:fc:8a:6a:30:75:e0:c0:ed:d6:d9:f0:73:95:
aa:38:eb:94:23:34:58:0c:23:c4:3b:51:23:d0:9b:ab:a8:42:
22:53:50:66:b8:1d:6f:58:1f:b3:61:ac:05:8a:8b:6f:e4:91:
32:07:fb:7e:f2:e2:9f:9e:65:93:a2:97:21:c4:26:fd:a4:e2:
a5:11:6d:27:cb:c6:e1:3f:f2:c3:0a:38:1b:f0:19:8e:c2:5e:
3d:3d:67:ce:d4:28:e7:17:26:fd:db:36:33:a2:78:df:43:12:
b9:5d:fd:4d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICAQMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEE3
QjVGRkY5N0I4OUM4N0JEQkZENDYxNjRFRTkyNEE4N0Q2OTZFOTAeFw0yNDA4MjYw
NTExNDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg4OUVGMzdBNjA5NkRF
NUIyNkNFRTRCNkE0RTNENjRFMDgxQkVFRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQm8pwbg0ICuEpLHfI5FiVZKPK1uQFWyNCW5HQiBLr19y3sCla
fm9Xy1+EBN8UOC8ifAvDf0sxn3hscw/DpKcOPBy8us4Ctz//hlDNPWooswp/AXf7
NVs3DnrwEQ7iIcYBgfL7BYR5ldUaZb3GLJVeGxd4f9p0SxLXLygbSC3+CfQIOWmm
4J+l8rjtKqRIESIdNCtnbe+Iw6SczZzh6RSL1Ao6abi429NIR72fOhzTbs8Pm0lx
wgJIq22sxi5vmC8gKSGp2XRt8hNihKT4LJTND6J7xkhPmGQs8kDTRnytPKfT3qak
tlbuWthLIDMnsCLejlv7ZbRP1a3G2eLlvV13AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUiJ7zemCW3lsmzuS2pOPWTggb7tUwHwYDVR0jBBgwFoAUSntf/5e4nIe9v9Rh
ZO6SSofWlukwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1JPV04v
U250Zl81ZTRuSWU5djlSaFpPNlNTb2ZXbHVrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9TbnRmXzVlNG5JZTl2OVJoWk82U1NvZldsdWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DUk9XTi9pSjd6ZW1DVzNsc216dVMycE9Q
V1RnZ2I3dFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ//S
MA0GCSqGSIb3DQEBCwUAA4IBAQBxkQ41LfloTXN6kVwDLeJAW5/PHOs7ypTTjCMt
ZnnXoJ5p6W0xK2UulDbC++kDB9HLRv8PNjiJoZ7+fDKBNv6n6v+d38uBP55ZQbEq
ZRmJz8BjVYdO9F9++T8wmbo4YMhgfuM/YoJsF29nD0hHIbw1U+CZksuQnTHm0xOC
zIsRwsXLVlhY/E4i9LjOHlBBMMf/ydoqkfyKajB14MDt1tnwc5WqOOuUIzRYDCPE
O1Ej0JurqEIiU1BmuB1vWB+zYawFiotv5JEyB/t+8uKfnmWTopchxCb9pOKlEW0n
y8bhP/LDCjgb8BmOwl49PWfO1CjnFyb92zYzonjfQxK5Xf1N
-----END CERTIFICATE-----
Generated at Sun Sep 22 21:24:35 2024 by rpki-client on console-ams.rpki-client.org