Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/manXVwVQRQMXYXFEpbjt_ZXEVds.roa
File: manXVwVQRQMXYXFEpbjt_ZXEVds.roa (raw, json)
Hash identifier: Ny6J2Rb3FNXtTXz4bMuVLBTY7rLYpCI/IXW80JOBjcI=
Subject key identifier: 99:A9:D7:57:05:50:45:03:17:61:71:44:A5:B8:ED:FD:95:C4:55:DB
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D13
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/manXVwVQRQMXYXFEpbjt_ZXEVds.roa
Signing time: Wed 26 Apr 2023 10:31:31 +0000
ROA not before: Wed 26 Apr 2023 10:31:31 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 121.254.80.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3347 (0xd13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:31 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=99A9D7570550450317617144A5B8EDFD95C455DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:47:a2:93:f9:c5:7d:f6:aa:ce:35:35:d8:bc:
02:7e:54:dc:bd:3b:3c:68:19:86:d2:8d:30:e7:14:
da:f2:20:ce:9c:20:2a:73:15:ba:00:b6:67:10:f7:
91:36:cb:94:ed:70:c2:0a:02:bd:98:f2:1a:ae:12:
be:41:87:41:27:86:72:50:a4:04:c7:6a:bb:cf:9b:
88:71:a0:35:ff:d4:3a:ff:78:5b:72:cc:f7:0e:38:
da:7c:07:3c:87:9f:71:47:13:dd:08:32:7b:9f:2c:
81:f1:94:7b:85:3c:02:5c:cf:c9:eb:23:58:f6:c8:
f2:2e:dd:04:23:2d:22:4a:d5:ef:ce:d1:4f:61:65:
6f:0f:c4:c5:01:07:c2:c5:66:21:6c:6b:ab:84:7a:
c8:c1:96:34:11:5a:e9:6e:57:d8:92:6e:60:60:b9:
c2:d2:17:6d:8c:5a:76:d4:f2:93:ba:66:02:78:41:
bd:90:b8:d7:f6:5f:35:f1:43:dd:7a:38:37:a2:f3:
07:1d:61:48:a2:cf:b1:87:1a:f8:7d:55:d9:5a:ea:
c7:da:e4:b1:4e:88:8e:c4:d2:02:94:d1:6d:0f:a2:
98:be:08:85:aa:fd:16:b1:c3:fc:cf:ec:a6:79:42:
57:cb:de:81:46:67:69:9d:83:61:a4:8c:41:cd:cc:
db:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A9:D7:57:05:50:45:03:17:61:71:44:A5:B8:ED:FD:95:C4:55:DB
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/manXVwVQRQMXYXFEpbjt_ZXEVds.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.80.0/21
Signature Algorithm: sha256WithRSAEncryption
13:93:45:db:4e:10:a4:a8:c4:2b:a9:27:91:22:85:f6:45:d8:
ec:14:30:ce:4d:5d:35:0f:fc:e4:29:05:b7:40:23:1a:44:fe:
89:a1:54:b5:68:f4:87:7d:83:e0:14:64:24:14:31:3d:bd:79:
95:08:97:4c:e8:16:04:22:ee:ef:0b:8e:f3:04:99:8d:13:18:
0a:37:49:e7:14:62:d5:c6:24:66:c6:0d:8b:d7:19:15:b8:f5:
b0:b8:58:60:88:48:5f:8c:52:53:f6:69:e7:9a:3c:53:ec:ad:
54:1f:da:9d:18:54:20:71:69:bb:c2:38:a0:59:60:46:72:33:
f6:b8:fb:ef:e2:ba:47:61:7d:40:ea:7a:aa:0a:c7:37:e3:75:
9c:0b:62:65:b7:4c:19:2f:b3:88:8f:df:4d:db:1a:34:59:6f:
64:13:28:5d:46:ba:b7:e4:ab:ca:80:a7:a2:93:56:9c:ca:33:
fc:6c:8e:bd:c9:8a:f7:3f:1f:e0:b5:3a:69:12:e8:55:10:f9:
8d:51:63:82:af:0e:e5:06:ef:06:17:ba:32:29:ef:b7:be:52:
06:80:55:f8:b5:17:6d:42:c7:d1:87:fe:34:e1:ae:28:48:11:
4e:bb:4d:58:9b:f1:5c:11:10:1b:0c:b1:40:1f:59:de:74:e4:
cd:91:79:94
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDRMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMzFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk5QTlENzU3MDU1MDQ1
MDMxNzYxNzE0NEE1QjhFREZEOTVDNDU1REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwR6KT+cV99qrONTXYvAJ+VNy9OzxoGYbSjTDnFNryIM6cICpz
FboAtmcQ95E2y5TtcMIKAr2Y8hquEr5Bh0EnhnJQpATHarvPm4hxoDX/1Dr/eFty
zPcOONp8BzyHn3FHE90IMnufLIHxlHuFPAJcz8nrI1j2yPIu3QQjLSJK1e/O0U9h
ZW8PxMUBB8LFZiFsa6uEesjBljQRWuluV9iSbmBgucLSF22MWnbU8pO6ZgJ4Qb2Q
uNf2XzXxQ916ODei8wcdYUiiz7GHGvh9Vdla6sfa5LFOiI7E0gKU0W0Popi+CIWq
/Raxw/zP7KZ5QlfL3oFGZ2mdg2GkjEHNzNtxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUmanXVwVQRQMXYXFEpbjt/ZXEVdswHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvbWFuWFZ3VlFSUU1YWVhGRXBianRf
WlhFVmRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+UDAN
BgkqhkiG9w0BAQsFAAOCAQEAE5NF204QpKjEK6knkSKF9kXY7BQwzk1dNQ/85CkF
t0AjGkT+iaFUtWj0h32D4BRkJBQxPb15lQiXTOgWBCLu7wuO8wSZjRMYCjdJ5xRi
1cYkZsYNi9cZFbj1sLhYYIhIX4xSU/Zp55o8U+ytVB/anRhUIHFpu8I4oFlgRnIz
9rj77+K6R2F9QOp6qgrHN+N1nAtiZbdMGS+ziI/fTdsaNFlvZBMoXUa6t+SryoCn
opNWnMoz/GyOvcmK9z8f4LU6aRLoVRD5jVFjgq8O5QbvBhe6Minvt75SBoBV+LUX
bULH0Yf+NOGuKEgRTrtNWJvxXBEQGwyxQB9Z3nTkzZF5lA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:28:14 2023 by rpki-client on console-fra.rpki-client.org