Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/CTC90EN7XvYJJcokBTgzHkeF7Aw.roa
File: CTC90EN7XvYJJcokBTgzHkeF7Aw.roa (raw, json)
Hash identifier: XvTvLe76OuYddN9wPgN3GxFlZ33+hVkl3TmH3bAs69c=
Subject key identifier: 09:30:BD:D0:43:7B:5E:F6:09:25:CA:24:05:38:33:1E:47:85:EC:0C
Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2
Certificate serial: 08
Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/CTC90EN7XvYJJcokBTgzHkeF7Aw.roa
Signing time: Tue 16 May 2023 00:45:54 +0000
ROA not before: Tue 16 May 2023 00:45:53 +0000
ROA not after: Tue 07 Nov 2023 11:29:29 +0000
asID: 38842
IP address blocks: 103.160.226.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2
Validity
Not Before: May 16 00:45:53 2023 GMT
Not After : Nov 7 11:29:29 2023 GMT
Subject: CN=0930BDD0437B5EF60925CA240538331E4785EC0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:76:05:9c:f8:fc:8a:f4:e6:43:7a:f8:5c:37:
25:85:ac:e8:fb:7e:3e:98:4d:07:48:7a:ae:33:07:
ef:1c:16:fe:42:6f:2b:56:8f:8e:cf:d4:f8:ca:c0:
e7:f7:cf:e4:50:dd:71:fa:62:ef:c9:78:0a:5b:da:
f1:39:02:cf:7a:ff:2d:4f:f7:b1:27:91:b9:4a:60:
4e:ee:ea:e3:80:c5:4a:83:be:a8:d0:b8:65:77:af:
17:48:34:9a:fb:c1:a8:ce:84:d8:ac:bd:38:79:f7:
a3:41:de:79:60:de:a1:60:d5:b5:ac:b8:7b:a8:1b:
d5:d1:ca:80:cb:1e:65:a8:80:9f:cb:89:cb:9c:0d:
fa:05:88:70:38:f9:8d:a1:1b:c4:a5:1b:84:6a:62:
42:90:5e:bb:83:1b:72:6a:81:42:e4:a4:de:ed:51:
16:bc:75:6f:3a:74:46:68:5a:0d:7b:79:9d:29:df:
c9:6e:a7:60:64:30:30:53:5c:56:9b:a7:bc:1d:18:
9a:93:32:0d:55:4a:5d:cc:d5:87:15:36:76:e6:82:
25:90:65:c8:a0:55:fd:8b:bc:13:93:22:95:15:5a:
4b:64:1a:0f:1a:82:87:b1:dd:d8:6f:1f:3e:71:fc:
c0:43:c0:e5:22:1f:87:eb:44:98:8c:bf:ef:17:6f:
ca:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:30:BD:D0:43:7B:5E:F6:09:25:CA:24:05:38:33:1E:47:85:EC:0C
X509v3 Authority Key Identifier:
keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/CTC90EN7XvYJJcokBTgzHkeF7Aw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.226.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:36:7f:a6:36:ab:f3:e8:f2:02:6b:91:a8:d6:c8:ee:7f:8f:
ce:73:2c:fa:cf:fd:73:25:e6:42:c2:20:a7:ff:66:f0:83:8d:
7c:b8:fc:c4:64:1a:58:82:0e:23:dc:38:29:ab:92:f3:ef:e4:
b4:e4:19:fe:de:21:d9:72:9c:9f:fe:a8:1f:56:c8:c2:2e:cd:
3c:aa:b3:36:68:da:3e:8d:40:b6:5c:76:c9:a4:b9:3a:9d:fa:
01:66:96:7c:65:5d:af:b3:c0:02:f6:cc:26:65:53:b8:88:b8:
8e:ee:88:e5:1c:20:a2:4b:98:7e:3c:4f:dd:72:55:57:74:8f:
9b:f7:ea:ef:ad:79:66:64:23:2a:0f:a4:ad:eb:67:b5:5c:55:
d4:6d:2b:09:d5:f0:60:50:a1:f4:95:8a:db:25:ba:92:3b:21:
03:62:2d:d4:05:a4:8c:8b:7f:3e:0e:8b:94:5f:8f:85:94:5d:
07:ae:27:2e:47:02:4d:b1:23:50:b0:77:26:88:06:ea:1d:38:
f6:eb:11:59:10:e9:81:48:49:52:b7:c0:8d:e1:7d:20:b2:f6:
29:77:7b:39:86:29:11:40:b5:3b:7c:fc:a0:cb:5f:a8:7a:75:
a6:3b:b9:f1:65:fd:33:71:61:06:21:d0:f9:40:11:2d:c9:48:
b1:45:05:64
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIBCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyNzc4
OTVFNjRCRTQxQjcxODI2NjRFMTM0NUNENTdFNUQzNkExQUYyMB4XDTIzMDUxNjAw
NDU1M1oXDTIzMTEwNzExMjkyOVowMzExMC8GA1UEAxMoMDkzMEJERDA0MzdCNUVG
NjA5MjVDQTI0MDUzODMzMUU0Nzg1RUMwQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL52BZz4/Ir05kN6+Fw3JYWs6Pt+PphNB0h6rjMH7xwW/kJvK1aP
js/U+MrA5/fP5FDdcfpi78l4Clva8TkCz3r/LU/3sSeRuUpgTu7q44DFSoO+qNC4
ZXevF0g0mvvBqM6E2Ky9OHn3o0HeeWDeoWDVtay4e6gb1dHKgMseZaiAn8uJy5wN
+gWIcDj5jaEbxKUbhGpiQpBeu4MbcmqBQuSk3u1RFrx1bzp0RmhaDXt5nSnfyW6n
YGQwMFNcVpunvB0YmpMyDVVKXczVhxU2duaCJZBlyKBV/Yu8E5MilRVaS2QaDxqC
h7Hd2G8fPnH8wEPA5SIfh+tEmIy/7xdvyt8CAwEAAaOCAe4wggHqMB0GA1UdDgQW
BBQJML3QQ3te9gklyiQFODMeR4XsDDAfBgNVHSMEGDAWgBQneJXmS+QbcYJmThNF
zVfl02oa8jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ETlNORVQv
SjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9KM2lWNWt2a0czR0NaazRUUmMxWDVkTnFHdkkuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ETlNORVQvQ1RDOTBFTjdYdllKSmNva0JU
Z3pIa2VGN0F3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeg
4jANBgkqhkiG9w0BAQsFAAOCAQEApjZ/pjar8+jyAmuRqNbI7n+PznMs+s/9cyXm
QsIgp/9m8IONfLj8xGQaWIIOI9w4KauS8+/ktOQZ/t4h2XKcn/6oH1bIwi7NPKqz
NmjaPo1Atlx2yaS5Op36AWaWfGVdr7PAAvbMJmVTuIi4ju6I5RwgokuYfjxP3XJV
V3SPm/fq7615ZmQjKg+kretntVxV1G0rCdXwYFCh9JWK2yW6kjshA2It1AWkjIt/
Pg6LlF+PhZRdB64nLkcCTbEjULB3JogG6h049usRWRDpgUhJUrfAjeF9ILL2KXd7
OYYpEUC1O3z8oMtfqHp1pju58WX9M3FhBiHQ+UARLclIsUUFZA==
-----END CERTIFICATE-----
Generated at Tue Oct 24 12:09:36 2023 by rpki-client on console-fra.rpki-client.org