Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/UGOXP7x3wsGNj1KNvXzSy1f6aTk.roa
File: UGOXP7x3wsGNj1KNvXzSy1f6aTk.roa (raw, json)
Hash identifier: uWGw8UGrIg4FyHso7ZQWcR3+VjCa8CA61FVklfMaaWg=
Subject key identifier: 50:63:97:3F:BC:77:C2:C1:8D:8F:52:8D:BD:7C:D2:CB:57:FA:69:39
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0CC5
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/UGOXP7x3wsGNj1KNvXzSy1f6aTk.roa
Signing time: Wed 26 Apr 2023 06:26:09 +0000
ROA not before: Wed 26 Apr 2023 06:26:09 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.217.112.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3269 (0xcc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 06:26:09 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5063973FBC77C2C18D8F528DBD7CD2CB57FA6939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:92:54:03:7a:f9:9a:43:2c:aa:60:cb:25:b0:
7b:75:74:be:4d:21:46:a2:51:c3:11:9f:85:2c:f8:
04:8e:d8:40:5c:30:c1:4e:05:a9:ce:a7:59:09:62:
4c:31:b0:8f:f7:0f:5e:5e:9d:37:5b:f7:fa:bd:fa:
33:18:f7:f4:46:5e:76:33:25:f7:b1:a9:32:12:34:
d8:70:04:72:31:81:ae:46:6d:42:b5:50:dc:c0:f9:
c2:c4:b1:00:f5:1e:73:ff:0d:3d:e8:a7:ca:97:f7:
9a:c5:a0:6b:09:b5:09:5e:a1:d8:1d:72:93:c5:c8:
ef:f4:93:03:60:d3:e0:17:91:69:45:01:22:e2:8d:
55:82:a9:64:3f:aa:05:ba:36:ef:55:52:10:ae:0c:
20:48:46:cb:0f:f6:71:c6:bf:9e:e1:db:7c:b0:77:
ed:0d:79:5b:ef:b7:8d:50:47:75:0c:14:b1:3d:f8:
96:95:b0:b2:38:7c:7d:b9:2c:d8:a1:3a:25:ce:f8:
d1:b4:c7:4a:fd:c7:f8:f0:62:4a:ce:63:7e:8d:34:
a8:99:0b:09:ae:ac:3f:e5:02:79:a8:24:09:f9:1b:
11:b1:7d:9c:12:5b:d8:25:6d:6a:80:8f:1d:ef:42:
5a:b5:4a:05:43:96:b2:6e:c8:c3:7c:58:ab:ac:a6:
21:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:63:97:3F:BC:77:C2:C1:8D:8F:52:8D:BD:7C:D2:CB:57:FA:69:39
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/UGOXP7x3wsGNj1KNvXzSy1f6aTk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.112.0/20
Signature Algorithm: sha256WithRSAEncryption
97:d4:a5:f3:09:c5:77:de:78:03:a2:96:e8:06:c1:48:eb:0b:
73:08:4d:83:3e:54:8a:9c:c3:20:78:a1:67:d4:80:a8:fa:e3:
c9:b8:54:91:5b:6e:2a:03:6d:3e:ee:b8:d2:15:18:ab:f9:63:
26:d4:60:44:c0:52:3c:23:85:39:8e:66:d9:5b:f7:55:ff:1c:
14:8a:fc:03:65:af:22:3e:07:95:a2:54:ce:99:4c:cd:b7:91:
10:14:2a:93:de:b7:03:a6:67:b4:cf:61:0e:9e:cc:46:35:97:
dd:ee:60:a1:27:24:d2:92:08:f3:a3:63:68:5d:d6:41:bd:8a:
e1:99:cf:8d:f3:4f:11:64:9e:a5:85:d9:d4:60:ab:ae:b5:f3:
81:7d:94:7d:d1:f4:0d:7d:5d:6c:e1:96:e6:63:2b:39:d4:68:
27:09:10:d4:17:f8:6d:7c:8b:bc:f0:f8:d9:48:c3:eb:ee:39:
2e:47:fc:58:9b:9d:a4:4e:b5:67:5e:75:be:7f:ec:c1:b9:81:
da:e2:f0:80:43:c8:23:da:ad:1c:c8:76:91:1d:8f:65:b6:a3:
a6:92:2d:10:98:b8:04:05:f5:8f:a8:f1:de:1e:40:7b:0b:f0:
70:e5:15:3b:79:75:fa:78:62:e9:98:cb:1d:67:af:71:15:9f:
81:cd:36:38
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjI2MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDUwNjM5NzNGQkM3N0My
QzE4RDhGNTI4REJEN0NEMkNCNTdGQTY5MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzklQDevmaQyyqYMslsHt1dL5NIUaiUcMRn4Us+ASO2EBcMMFO
BanOp1kJYkwxsI/3D15enTdb9/q9+jMY9/RGXnYzJfexqTISNNhwBHIxga5GbUK1
UNzA+cLEsQD1HnP/DT3op8qX95rFoGsJtQleodgdcpPFyO/0kwNg0+AXkWlFASLi
jVWCqWQ/qgW6Nu9VUhCuDCBIRssP9nHGv57h23ywd+0NeVvvt41QR3UMFLE9+JaV
sLI4fH25LNihOiXO+NG0x0r9x/jwYkrOY36NNKiZCwmurD/lAnmoJAn5GxGxfZwS
W9glbWqAjx3vQlq1SgVDlrJuyMN8WKuspiETAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUUGOXP7x3wsGNj1KNvXzSy1f6aTkwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvVUdPWFA3eDN3c0dOajFLTnZYelN5
MWY2YVRrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMvZcDAN
BgkqhkiG9w0BAQsFAAOCAQEAl9Sl8wnFd954A6KW6AbBSOsLcwhNgz5UipzDIHih
Z9SAqPrjybhUkVtuKgNtPu640hUYq/ljJtRgRMBSPCOFOY5m2Vv3Vf8cFIr8A2Wv
Ij4HlaJUzplMzbeREBQqk963A6ZntM9hDp7MRjWX3e5goSck0pII86NjaF3WQb2K
4ZnPjfNPEWSepYXZ1GCrrrXzgX2UfdH0DX1dbOGW5mMrOdRoJwkQ1Bf4bXyLvPD4
2UjD6+45Lkf8WJudpE61Z151vn/swbmB2uLwgEPII9qtHMh2kR2PZbajppItEJi4
BAX1j6jx3h5AewvwcOUVO3l1+nhi6ZjLHWevcRWfgc02OA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:53 2023 by rpki-client on console-ams.rpki-client.org