Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/PX84zUmeIaWPwVxwCSsDHgNp24s.roa
File: PX84zUmeIaWPwVxwCSsDHgNp24s.roa (raw, json)
Hash identifier: EpWcgkjLEVArkxvE27dwIj81sPF7azX0FUqIX/auSZ4=
Subject key identifier: 3D:7F:38:CD:49:9E:21:A5:8F:C1:5C:70:09:2B:03:1E:03:69:DB:8B
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CF5
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PX84zUmeIaWPwVxwCSsDHgNp24s.roa
Signing time: Wed 26 Apr 2023 10:31:23 +0000
ROA not before: Wed 26 Apr 2023 10:31:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 27.96.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3317 (0xcf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:23 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3D7F38CD499E21A58FC15C70092B031E0369DB8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:83:7e:be:97:e7:a7:03:69:de:ca:e3:9f:6a:
c4:60:71:a9:c2:be:1c:21:88:d8:24:49:aa:c3:31:
0e:d9:f9:ca:2a:a9:4d:1c:df:7f:81:ff:77:6d:67:
3f:5a:f7:de:e1:0c:20:9f:73:dd:c5:60:f8:58:13:
b0:a4:89:84:23:27:32:71:59:e8:97:da:61:97:2f:
ba:c4:57:b9:11:8d:52:95:3f:48:c2:1e:ce:88:52:
3c:7d:64:79:84:49:c3:0d:02:be:1a:f4:e5:66:b6:
b8:ce:4e:ab:56:f7:55:b2:fd:50:91:4e:f0:51:bd:
17:55:26:9d:98:4a:50:86:b7:0b:3c:01:21:a1:45:
cd:7f:74:a7:34:6f:86:cf:6f:86:07:1d:c5:5f:95:
14:16:ed:a6:68:87:0a:57:a0:06:c2:70:2a:0d:9a:
e5:fa:0f:cd:91:f4:2d:a3:10:5c:a8:a5:44:85:67:
58:f8:c7:29:d5:57:15:52:46:4b:29:fd:a8:b1:d3:
4b:fb:95:72:a5:2e:03:b2:8b:26:2d:58:f9:77:1a:
5f:bd:04:3f:7d:63:4d:44:4b:c0:18:66:d2:d6:58:
03:a6:04:f6:7c:ba:59:ac:f3:fb:73:72:97:a5:1a:
68:b2:33:51:c3:55:ec:00:c7:ff:99:2f:7a:95:2f:
bf:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7F:38:CD:49:9E:21:A5:8F:C1:5C:70:09:2B:03:1E:03:69:DB:8B
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PX84zUmeIaWPwVxwCSsDHgNp24s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.252.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:f7:d6:72:7a:47:76:3e:c9:96:87:24:6b:e4:7a:e5:e8:45:
f4:b0:4c:77:8e:cd:92:ba:62:d9:6b:75:36:a9:5d:0b:94:92:
56:49:d7:63:aa:70:dd:e6:0d:b8:1a:dc:72:c0:cb:3a:27:0d:
f6:26:0b:fa:47:72:92:96:5b:09:c1:33:96:46:50:c9:a8:64:
ae:77:17:6d:cc:bc:d3:b6:49:5f:1b:9c:f3:fa:86:56:87:24:
58:b6:76:4c:2e:0c:58:ae:8e:1f:c4:ef:20:ad:df:99:5d:62:
df:4b:ed:e2:54:4d:20:f3:4e:97:06:ba:25:a4:aa:4e:d4:b6:
4a:1c:b6:3f:80:23:84:7a:78:cc:c6:2b:7f:57:3f:12:32:d6:
5b:48:78:35:67:cb:16:d9:41:54:e0:98:b4:05:31:9d:0c:27:
05:76:08:e0:2a:2c:57:c8:96:ee:e3:40:55:7d:6f:5b:18:79:
95:7b:16:dd:47:53:8e:94:4e:cb:f0:fa:b3:b4:77:2a:be:f2:
1f:10:fc:98:dc:29:ef:d0:5b:f0:81:0f:fd:9d:54:f3:3a:77:
8d:82:ae:48:47:02:3b:40:60:53:ab:31:9c:66:75:c8:7c:c0:
9f:e0:71:2c:a4:8d:52:bd:c2:90:89:04:39:21:f7:bc:b7:40:
2f:6c:88:32
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNEN0YzOENENDk5RTIx
QTU4RkMxNUM3MDA5MkIwMzFFMDM2OURCOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbg36+l+enA2neyuOfasRgcanCvhwhiNgkSarDMQ7Z+coqqU0c
33+B/3dtZz9a997hDCCfc93FYPhYE7CkiYQjJzJxWeiX2mGXL7rEV7kRjVKVP0jC
Hs6IUjx9ZHmEScMNAr4a9OVmtrjOTqtW91Wy/VCRTvBRvRdVJp2YSlCGtws8ASGh
Rc1/dKc0b4bPb4YHHcVflRQW7aZohwpXoAbCcCoNmuX6D82R9C2jEFyopUSFZ1j4
xynVVxVSRksp/aix00v7lXKlLgOyiyYtWPl3Gl+9BD99Y01ES8AYZtLWWAOmBPZ8
ulms8/tzcpelGmiyM1HDVewAx/+ZL3qVL79DAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPX84zUmeIaWPwVxwCSsDHgNp24swHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvUFg4NHpVbWVJYVdQd1Z4d0NTc0RI
Z05wMjRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg/DAN
BgkqhkiG9w0BAQsFAAOCAQEAbvfWcnpHdj7Jlocka+R65ehF9LBMd47Nkrpi2Wt1
NqldC5SSVknXY6pw3eYNuBrccsDLOicN9iYL+kdykpZbCcEzlkZQyahkrncXbcy8
07ZJXxuc8/qGVockWLZ2TC4MWK6OH8TvIK3fmV1i30vt4lRNIPNOlwa6JaSqTtS2
Shy2P4AjhHp4zMYrf1c/EjLWW0h4NWfLFtlBVOCYtAUxnQwnBXYI4CosV8iW7uNA
VX1vWxh5lXsW3UdTjpROy/D6s7R3Kr7yHxD8mNwp79Bb8IEP/Z1U8zp3jYKuSEcC
O0BgU6sxnGZ1yHzAn+BxLKSNUr3CkIkEOSH3vLdAL2yIMg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:28:13 2023 by rpki-client on console-fra.rpki-client.org