Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/vcDBpLkbK8-l9pxSe_dH5a-Afas.roa
File: vcDBpLkbK8-l9pxSe_dH5a-Afas.roa (raw, json)
Hash identifier: kPhRAEH8Na3687m+uJZHiAnBjfhjctH6bbhThRIfK1M=
Subject key identifier: BD:C0:C1:A4:B9:1B:2B:CF:A5:F6:9C:52:7B:F7:47:E5:AF:80:7D:AB
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D38
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/vcDBpLkbK8-l9pxSe_dH5a-Afas.roa
Signing time: Wed 26 Apr 2023 10:31:40 +0000
ROA not before: Wed 26 Apr 2023 10:31:40 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 203.222.0.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3384 (0xd38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:40 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=BDC0C1A4B91B2BCFA5F69C527BF747E5AF807DAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:94:5c:ab:80:aa:78:67:87:4b:0b:e0:39:57:
06:1e:99:80:92:b7:d2:87:9c:9d:cf:69:98:e8:e3:
1a:26:6c:7b:52:87:4d:43:d5:20:8b:f9:18:da:91:
8a:01:e7:3a:86:58:0f:3d:2f:46:be:65:fd:f2:94:
63:9f:0c:ce:c3:92:0e:d3:e4:62:9c:88:c1:fb:e4:
c7:43:0d:43:9b:bc:c0:ff:ed:7d:f3:a9:43:9f:19:
e3:5f:9c:27:88:55:79:ef:27:af:d2:b5:99:aa:3c:
be:dc:6f:64:11:f2:b3:7a:5c:8c:17:ff:e9:35:94:
f7:cd:b6:d8:43:dd:cc:81:52:2f:cd:08:5b:d3:77:
1e:0b:c4:f1:87:26:7f:4b:59:6a:4b:ea:58:e6:c2:
49:1f:e1:2f:ca:53:98:93:46:a5:69:92:f6:6b:63:
e3:e1:23:c2:5d:89:0b:91:58:28:fe:e1:fd:97:6d:
2f:a5:f3:2f:3e:ec:5e:74:c1:5a:3f:87:7b:0f:40:
54:f1:5a:d5:95:ba:93:12:55:48:cd:e9:3c:23:79:
cd:fd:0a:3f:e1:02:bd:c7:0c:7e:8a:01:a8:bd:ac:
7e:91:8d:35:d1:f1:13:13:18:bf:b3:1a:e4:9a:5b:
7b:1a:51:81:06:21:45:71:b8:46:1f:cf:f9:e7:e1:
da:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C0:C1:A4:B9:1B:2B:CF:A5:F6:9C:52:7B:F7:47:E5:AF:80:7D:AB
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/vcDBpLkbK8-l9pxSe_dH5a-Afas.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.0.0/21
Signature Algorithm: sha256WithRSAEncryption
95:f8:2a:0b:51:88:54:37:8f:b5:22:fd:e6:34:3b:11:fc:7f:
ee:26:e0:ba:cc:62:95:f6:6e:c0:64:4a:ac:3d:2b:66:ec:b8:
41:b2:d6:b1:3d:40:f6:11:87:c1:cd:03:5a:73:ff:d9:26:94:
5d:04:a5:c7:5f:15:be:27:36:b0:bc:7d:af:df:41:af:36:ff:
d8:eb:76:d7:7d:a0:ee:23:26:00:67:ec:0a:41:85:0b:b7:b4:
7a:ad:bb:3a:17:bc:e7:42:c3:ba:d8:be:f4:be:71:f2:fb:34:
31:1a:ce:c2:0d:aa:c7:14:6c:95:ee:51:8b:57:d9:3b:89:18:
dc:52:72:2a:78:39:3b:ce:8e:3f:b1:a1:79:e8:53:ac:1e:76:
97:83:02:a7:21:30:7f:f0:12:92:78:3c:4b:43:18:5e:a8:dd:
53:3c:92:db:f8:1c:29:04:41:da:c3:79:d6:69:14:d2:4c:57:
25:4f:af:87:6c:db:31:70:c2:8c:ac:cf:15:5a:48:c4:a0:7c:
19:a8:da:b1:bb:43:9e:57:e9:1f:eb:46:85:b2:ea:d0:15:c0:
1d:19:ca:30:64:f4:62:8f:a9:e3:3c:bd:05:bc:f0:25:92:78:
e1:f5:29:a8:9e:b7:a7:b3:5f:33:de:72:af:06:58:c7:64:9a:
06:75:00:0a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxNDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJEQzBDMUE0QjkxQjJC
Q0ZBNUY2OUM1MjdCRjc0N0U1QUY4MDdEQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSlFyrgKp4Z4dLC+A5VwYemYCSt9KHnJ3PaZjo4xombHtSh01D
1SCL+RjakYoB5zqGWA89L0a+Zf3ylGOfDM7Dkg7T5GKciMH75MdDDUObvMD/7X3z
qUOfGeNfnCeIVXnvJ6/StZmqPL7cb2QR8rN6XIwX/+k1lPfNtthD3cyBUi/NCFvT
dx4LxPGHJn9LWWpL6ljmwkkf4S/KU5iTRqVpkvZrY+PhI8JdiQuRWCj+4f2XbS+l
8y8+7F50wVo/h3sPQFTxWtWVupMSVUjN6Twjec39Cj/hAr3HDH6KAai9rH6RjTXR
8RMTGL+zGuSaW3saUYEGIUVxuEYfz/nn4dqDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUvcDBpLkbK8+l9pxSe/dH5a+AfaswHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdmNEQnBMa2JLOC1sOXB4U2VfZEg1
YS1BZmFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veADAN
BgkqhkiG9w0BAQsFAAOCAQEAlfgqC1GIVDePtSL95jQ7Efx/7ibgusxilfZuwGRK
rD0rZuy4QbLWsT1A9hGHwc0DWnP/2SaUXQSlx18Vvic2sLx9r99Brzb/2Ot2132g
7iMmAGfsCkGFC7e0eq27Ohe850LDuti+9L5x8vs0MRrOwg2qxxRsle5Ri1fZO4kY
3FJyKng5O86OP7GheehTrB52l4MCpyEwf/ASkng8S0MYXqjdUzyS2/gcKQRB2sN5
1mkU0kxXJU+vh2zbMXDCjKzPFVpIxKB8GajasbtDnlfpH+tGhbLq0BXAHRnKMGT0
Yo+p4zy9BbzwJZJ44fUpqJ63p7NfM95yrwZYx2SaBnUACg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:23:39 2023 by rpki-client on console-ams.rpki-client.org