Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/4SnFr22Cr5aCGfPEhF0dYGL4314.roa
File: 4SnFr22Cr5aCGfPEhF0dYGL4314.roa (raw, json)
Hash identifier: EnwP/6aWhaBYD6cdi6EAFVjlBjDIQzmUpXx5t1yvw3g=
Subject key identifier: E1:29:C5:AF:6D:82:AF:96:82:19:F3:C4:84:5D:1D:60:62:F8:DF:5E
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CE8
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/4SnFr22Cr5aCGfPEhF0dYGL4314.roa
Signing time: Wed 26 Apr 2023 10:31:20 +0000
ROA not before: Wed 26 Apr 2023 10:31:20 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.96.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3304 (0xce8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:20 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E129C5AF6D82AF968219F3C4845D1D6062F8DF5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:60:bd:f0:29:47:d6:e4:37:82:a7:fa:7f:84:
f2:54:49:32:13:3d:73:a9:52:c0:96:8c:98:5a:0a:
05:63:b1:5c:59:b4:7b:41:f4:c9:13:42:1c:02:4d:
80:04:5b:4b:78:f4:85:2d:a0:19:25:cd:49:2d:2c:
fb:64:bc:f7:9b:69:11:2b:f1:5f:68:0e:b0:8c:0f:
10:7c:5f:5f:ae:e8:96:41:62:01:c9:69:87:d5:0a:
d8:15:f7:0f:8e:36:76:9b:50:6d:28:5f:bb:29:64:
22:16:7f:53:25:8b:3f:d8:66:5e:8b:a1:bf:eb:0e:
34:98:4c:a4:09:70:d1:15:8e:90:81:9e:38:83:38:
a5:06:a2:ec:fa:6b:c9:21:db:f8:95:9f:6a:9c:22:
d1:21:48:8c:06:43:b7:df:a0:8c:00:75:f1:d5:7c:
03:0f:a9:75:6e:2d:cb:4d:52:e8:e7:90:fe:ff:35:
cb:c1:5e:a2:a5:de:10:da:94:97:79:d3:0b:35:56:
3f:9b:7b:67:54:69:96:a1:28:cd:49:19:97:29:ab:
55:27:6f:2a:d4:15:a8:8e:20:ab:69:10:a9:be:43:
1a:69:99:b7:72:a2:54:51:0a:9a:cd:b4:e4:21:a1:
21:1f:fb:df:be:2c:eb:be:2b:df:77:e3:9c:ca:e8:
46:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:29:C5:AF:6D:82:AF:96:82:19:F3:C4:84:5D:1D:60:62:F8:DF:5E
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/4SnFr22Cr5aCGfPEhF0dYGL4314.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.96.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:8c:b1:d3:c8:9a:6b:5e:b9:64:99:4f:fa:c0:9c:2a:6e:0d:
fb:a0:5e:d1:33:63:80:fa:f0:ee:a0:e1:04:03:c7:1b:07:f3:
f2:08:85:d8:bd:88:3e:a2:d0:fd:d3:44:2b:fe:58:4d:15:c6:
1f:03:64:8b:8a:26:0f:c0:c2:66:4e:ff:49:8c:07:48:f4:ea:
fd:be:51:f3:7f:2a:12:40:42:9d:47:eb:57:aa:01:22:e8:46:
59:86:d1:f5:02:e3:4e:40:8d:3e:dc:ee:96:31:08:e3:80:f2:
c2:79:7a:66:ae:22:81:d2:be:48:36:88:7d:84:b3:98:7f:63:
82:7c:11:2c:22:56:bc:8b:54:36:9a:45:2b:5a:84:98:1a:c7:
1b:93:54:29:0d:d6:92:3d:ac:08:cc:13:e4:32:8c:28:97:ee:
cd:62:c8:6e:61:1f:e2:f7:57:2c:c5:f5:26:5a:e6:f8:22:79:
96:1d:48:41:52:c9:8c:a3:a3:e6:23:7f:ba:06:e3:63:b6:19:
59:6e:89:06:00:7a:50:c4:f5:f5:74:af:9e:70:2c:23:c3:68:
36:40:8b:cd:d7:a8:bf:f3:5c:c6:aa:65:7c:ea:d6:8d:4c:91:
ef:1a:78:d6:b7:ba:f0:b0:a0:bb:8b:ee:ee:d0:5b:f9:7e:b0:
16:f1:aa:21
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUxMjlDNUFGNkQ4MkFG
OTY4MjE5RjNDNDg0NUQxRDYwNjJGOERGNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHYL3wKUfW5DeCp/p/hPJUSTITPXOpUsCWjJhaCgVjsVxZtHtB
9MkTQhwCTYAEW0t49IUtoBklzUktLPtkvPebaREr8V9oDrCMDxB8X1+u6JZBYgHJ
aYfVCtgV9w+ONnabUG0oX7spZCIWf1Mliz/YZl6Lob/rDjSYTKQJcNEVjpCBnjiD
OKUGouz6a8kh2/iVn2qcItEhSIwGQ7ffoIwAdfHVfAMPqXVuLctNUujnkP7/NcvB
XqKl3hDalJd50ws1Vj+be2dUaZahKM1JGZcpq1UnbyrUFaiOIKtpEKm+Qxppmbdy
olRRCprNtOQhoSEf+9++LOu+K99345zK6EarAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU4SnFr22Cr5aCGfPEhF0dYGL4314wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvNFNuRnIyMkNyNWFDR2ZQRWhGMGRZ
R0w0MzE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHn+YDAN
BgkqhkiG9w0BAQsFAAOCAQEAjYyx08iaa165ZJlP+sCcKm4N+6Be0TNjgPrw7qDh
BAPHGwfz8giF2L2IPqLQ/dNEK/5YTRXGHwNki4omD8DCZk7/SYwHSPTq/b5R838q
EkBCnUfrV6oBIuhGWYbR9QLjTkCNPtzuljEI44Dywnl6Zq4igdK+SDaIfYSzmH9j
gnwRLCJWvItUNppFK1qEmBrHG5NUKQ3Wkj2sCMwT5DKMKJfuzWLIbmEf4vdXLMX1
Jlrm+CJ5lh1IQVLJjKOj5iN/ugbjY7YZWW6JBgB6UMT19XSvnnAsI8NoNkCLzdeo
v/NcxqplfOrWjUyR7xp41re68LCgu4vu7tBb+X6wFvGqIQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:23:39 2023 by rpki-client on console-ams.rpki-client.org