Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/6kwgnHYq-pVCTlE0mrlFsKtHyDk.roa
File: 6kwgnHYq-pVCTlE0mrlFsKtHyDk.roa (raw, json)
Hash identifier: 14UWp3SJVA1ZuObNJhdB69qkU+GJkXRAKejBWC6QmzE=
Subject key identifier: EA:4C:20:9C:76:2A:FA:95:42:4E:51:34:9A:B9:45:B0:AB:47:C8:39
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D09
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/6kwgnHYq-pVCTlE0mrlFsKtHyDk.roa
Signing time: Wed 26 Apr 2023 10:31:28 +0000
ROA not before: Wed 26 Apr 2023 10:31:28 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.120.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3337 (0xd09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:28 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=EA4C209C762AFA95424E51349AB945B0AB47C839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:76:7c:61:41:bf:61:56:30:13:46:88:a4:
6c:c1:89:80:08:21:a1:b3:38:66:b7:8f:57:72:50:
84:6d:74:b6:7e:ec:30:7f:6f:8d:b3:20:79:24:3e:
b5:14:1f:89:93:b1:f6:65:d8:ee:39:fd:ed:d0:0c:
4f:b5:6d:e7:44:b6:f4:67:93:91:32:a7:b7:e5:36:
ec:4c:3e:0b:64:8f:57:95:57:ec:76:0c:54:23:8a:
af:57:72:8d:39:dd:e5:e2:a4:7c:f3:b6:5c:62:52:
2b:28:f8:d5:52:5b:24:cd:93:27:a4:7b:f5:3d:e3:
f2:8f:d9:aa:97:f4:e7:58:eb:77:31:1d:a9:6c:a5:
ad:3e:98:62:28:c8:04:0c:9f:60:de:a5:27:32:8b:
43:97:7d:5c:be:94:65:fa:1c:81:d1:17:3d:f0:23:
64:c6:4a:33:4e:ec:db:eb:74:98:55:6f:6c:41:eb:
8f:a5:cb:63:fd:0a:a7:d3:36:3f:71:99:47:3e:81:
e5:d0:81:85:6d:a1:88:69:76:33:e0:c2:7f:89:c0:
dc:ee:84:94:97:1b:50:3f:48:22:65:63:5e:fb:5c:
a6:e6:69:eb:93:41:cf:cc:2a:51:eb:bb:0a:8a:b3:
59:7d:18:69:15:9b:87:69:27:ce:d5:26:99:3c:f2:
77:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:4C:20:9C:76:2A:FA:95:42:4E:51:34:9A:B9:45:B0:AB:47:C8:39
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/6kwgnHYq-pVCTlE0mrlFsKtHyDk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.120.0/21
Signature Algorithm: sha256WithRSAEncryption
09:00:58:09:4e:e7:15:59:79:61:ee:e5:1c:7e:02:d6:2b:55:
61:43:d0:52:7b:83:e9:d6:c2:d4:af:75:bf:dc:40:cd:a2:ef:
5d:eb:95:0a:77:a1:ae:f0:b4:7d:7d:d6:2c:2d:d4:6a:be:59:
c3:75:c5:44:45:f3:a4:a4:3a:1e:91:10:8e:a9:cc:39:95:4a:
96:d3:f9:33:4e:25:59:42:89:39:15:9d:35:5a:3b:ca:37:7a:
55:19:40:33:02:2a:66:e6:95:2e:f7:f9:a7:48:ff:ab:8f:8c:
72:bc:0f:23:e2:3c:3f:7a:fb:13:15:cd:df:e0:12:46:18:e9:
af:f1:b5:fc:26:65:fa:8f:bd:c4:41:e6:96:6a:e5:17:7d:69:
52:f5:63:27:11:1a:e2:6d:95:f0:95:b7:9e:fc:3c:b7:48:f0:
63:b1:73:7b:16:cb:50:0d:26:f6:82:04:38:21:59:6f:ff:fc:
d2:10:6f:51:33:7e:d2:38:62:77:c7:2d:a1:7a:2e:9c:85:2d:
69:0c:58:34:87:19:89:c6:f9:54:ab:6e:60:f1:3a:c9:c4:29:
79:5c:f4:c6:f6:e4:46:4c:49:a4:a7:4a:91:a5:9c:ea:8b:c1:
0d:65:52:d2:25:56:08:6b:d7:46:0f:70:64:b8:30:51:db:5e:
97:1e:32:ff
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEVBNEMyMDlDNzYyQUZB
OTU0MjRFNTEzNDlBQjk0NUIwQUI0N0M4MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/Z3Z8YUG/YVYwE0aIpGzBiYAIIaGzOGa3j1dyUIRtdLZ+7DB/
b42zIHkkPrUUH4mTsfZl2O45/e3QDE+1bedEtvRnk5Eyp7flNuxMPgtkj1eVV+x2
DFQjiq9Xco053eXipHzztlxiUiso+NVSWyTNkyeke/U94/KP2aqX9OdY63cxHals
pa0+mGIoyAQMn2DepScyi0OXfVy+lGX6HIHRFz3wI2TGSjNO7NvrdJhVb2xB64+l
y2P9CqfTNj9xmUc+geXQgYVtoYhpdjPgwn+JwNzuhJSXG1A/SCJlY177XKbmaeuT
Qc/MKlHruwqKs1l9GGkVm4dpJ87VJpk88nf5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU6kwgnHYq+pVCTlE0mrlFsKtHyDkwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvNmt3Z25IWXEtcFZDVGxFMG1ybEZz
S3RIeURrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8vZeDAN
BgkqhkiG9w0BAQsFAAOCAQEACQBYCU7nFVl5Ye7lHH4C1itVYUPQUnuD6dbC1K91
v9xAzaLvXeuVCnehrvC0fX3WLC3Uar5Zw3XFREXzpKQ6HpEQjqnMOZVKltP5M04l
WUKJORWdNVo7yjd6VRlAMwIqZuaVLvf5p0j/q4+McrwPI+I8P3r7ExXN3+ASRhjp
r/G1/CZl+o+9xEHmlmrlF31pUvVjJxEa4m2V8JW3nvw8t0jwY7FzexbLUA0m9oIE
OCFZb//80hBvUTN+0jhid8ctoXounIUtaQxYNIcZicb5VKtuYPE6ycQpeVz0xvbk
RkxJpKdKkaWc6ovBDWVS0iVWCGvXRg9wZLgwUdtelx4y/w==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:28:13 2023 by rpki-client on console-fra.rpki-client.org