Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ypg2C1ucN4OxzHXYjB3QyH0ZGao.roa
File: ypg2C1ucN4OxzHXYjB3QyH0ZGao.roa (raw, json)
Hash identifier: +/axXsIWvrbK7zFliybU6a3RhJeHh425azSzhysb9m8=
Subject key identifier: CA:98:36:0B:5B:9C:37:83:B1:CC:75:D8:8C:1D:D0:C8:7D:19:19:AA
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0D2B
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ypg2C1ucN4OxzHXYjB3QyH0ZGao.roa
Signing time: Wed 26 Apr 2023 10:31:37 +0000
ROA not before: Wed 26 Apr 2023 10:31:37 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17809
IP address blocks: 27.96.236.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3371 (0xd2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Apr 26 10:31:37 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=CA98360B5B9C3783B1CC75D88C1DD0C87D1919AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:67:aa:46:22:97:2b:0f:ee:9c:e9:09:8e:
3e:d3:47:86:44:50:44:a7:b2:e6:32:ff:dd:13:80:
ae:0d:59:60:8d:8d:f5:e2:d9:a5:c1:be:db:f6:12:
bb:f1:77:b4:ca:86:5e:b4:69:d4:11:ec:5f:6b:49:
45:fc:b9:0d:5e:01:2b:f5:1b:29:d6:7c:18:eb:ab:
79:f1:78:2a:fa:42:8f:29:1d:87:03:db:ed:24:26:
dd:46:5a:7a:62:05:1b:c2:27:24:73:6e:01:7c:3c:
7e:b4:bf:7e:e8:f5:08:1b:66:7f:4f:35:c2:24:e5:
2c:93:17:bb:28:db:8a:6d:b8:64:71:52:59:a9:8e:
aa:f9:2c:f1:cd:af:26:f0:fb:d4:93:a0:f8:64:42:
c6:89:04:04:f3:4b:46:04:a3:ab:93:bd:7e:9d:b6:
15:2d:be:45:12:05:f6:0f:62:b2:e8:68:c1:45:5d:
f7:bc:1e:66:b3:9c:d7:ec:f2:26:dd:65:fd:79:00:
57:11:92:78:d6:b9:7d:4c:d5:54:b9:9e:92:20:ff:
29:26:6e:ec:9a:3d:d9:0d:60:a4:d3:dd:10:35:09:
60:21:c9:81:0d:d1:71:33:fc:75:42:b5:09:7c:64:
09:c4:b3:f9:8d:3b:25:5b:7e:03:2c:71:59:f2:99:
22:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:98:36:0B:5B:9C:37:83:B1:CC:75:D8:8C:1D:D0:C8:7D:19:19:AA
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ypg2C1ucN4OxzHXYjB3QyH0ZGao.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.236.0/22
Signature Algorithm: sha256WithRSAEncryption
22:d3:2a:ad:ee:0c:cb:28:41:af:6f:b5:a1:f8:05:f4:ce:24:
55:47:fa:66:6c:70:57:68:88:0d:67:0c:0b:09:24:37:e5:e4:
85:e4:a7:07:cc:24:75:2c:e9:18:85:38:a0:cb:69:a4:43:3b:
13:24:1e:22:ee:ca:75:d5:04:d8:4b:47:36:eb:28:ae:7f:c6:
62:63:a6:04:2b:e5:7a:b8:a2:f8:1d:96:85:fb:1f:90:14:75:
fa:f2:bf:97:f3:61:15:8c:14:1f:97:3b:ca:9d:f4:60:a0:f9:
72:48:a0:39:e4:a3:43:5e:28:5d:65:90:e1:88:6c:0a:8e:03:
ea:80:25:af:14:0f:3a:2f:26:d3:04:8c:46:d9:a8:ae:1b:bc:
df:84:19:19:fd:db:29:71:92:b7:1d:b9:20:95:86:06:de:8c:
6a:5a:f8:67:35:2a:a4:23:0b:29:46:dd:04:bd:f1:4a:1b:44:
17:5a:12:13:25:57:17:28:f7:fa:07:57:7a:a4:85:31:55:16:
55:b0:6d:b9:28:8b:ca:b4:ff:c3:02:62:20:8f:ff:74:e1:58:
5a:c4:7c:2a:88:f5:bc:f4:04:3c:1d:aa:d3:f2:d3:98:d4:f2:
d7:6d:b8:f1:3e:db:66:54:de:82:69:97:36:f4:83:05:1d:e2:
aa:e7:96:e8
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDSswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMzdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENBOTgzNjBCNUI5QzM3
ODNCMUNDNzVEODhDMUREMEM4N0QxOTE5QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcgmeqRiKXKw/unOkJjj7TR4ZEUESnsuYy/90TgK4NWWCNjfXi
2aXBvtv2Ervxd7TKhl60adQR7F9rSUX8uQ1eASv1GynWfBjrq3nxeCr6Qo8pHYcD
2+0kJt1GWnpiBRvCJyRzbgF8PH60v37o9QgbZn9PNcIk5SyTF7so24ptuGRxUlmp
jqr5LPHNrybw+9SToPhkQsaJBATzS0YEo6uTvX6dthUtvkUSBfYPYrLoaMFFXfe8
HmaznNfs8ibdZf15AFcRknjWuX1M1VS5npIg/ykmbuyaPdkNYKTT3RA1CWAhyYEN
0XEz/HVCtQl8ZAnEs/mNOyVbfgMscVnymSK9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUypg2C1ucN4OxzHXYjB3QyH0ZGaowHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgveXBnMkMxdWNONE94ekhYWWpCM1F5
SDBaR2FvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg7DAN
BgkqhkiG9w0BAQsFAAOCAQEAItMqre4MyyhBr2+1ofgF9M4kVUf6ZmxwV2iIDWcM
CwkkN+XkheSnB8wkdSzpGIU4oMtppEM7EyQeIu7KddUE2EtHNusorn/GYmOmBCvl
erii+B2WhfsfkBR1+vK/l/NhFYwUH5c7yp30YKD5ckigOeSjQ14oXWWQ4YhsCo4D
6oAlrxQPOi8m0wSMRtmorhu834QZGf3bKXGStx25IJWGBt6Malr4ZzUqpCMLKUbd
BL3xShtEF1oSEyVXFyj3+gdXeqSFMVUWVbBtuSiLyrT/wwJiII//dOFYWsR8Koj1
vPQEPB2q0/LTmNTy12248T7bZlTegmmXNvSDBR3iqueW6A==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:28:14 2023 by rpki-client on console-fra.rpki-client.org