Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ERAY/cKhF8jPA3ZN_d-X14qqEN5vD_9c.roa
File: cKhF8jPA3ZN_d-X14qqEN5vD_9c.roa (raw, json)
Hash identifier: PhRPmvuVAq90yScoskJ3TOy0Dkrv72L2/poLBDW9R5I=
Subject key identifier: 70:A8:45:F2:33:C0:DD:93:7F:77:E5:F5:E2:AA:84:37:9B:C3:FF:D7
Certificate issuer: /CN=CCDB3E6EFDA9ECC679D3986A279F2B944EF74E5F
Certificate serial: 04
Authority key identifier: CC:DB:3E:6E:FD:A9:EC:C6:79:D3:98:6A:27:9F:2B:94:4E:F7:4E:5F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zNs-bv2p7MZ505hqJ58rlE73Tl8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAY/cKhF8jPA3ZN_d-X14qqEN5vD_9c.roa
Signing time: Wed 23 Aug 2023 01:52:35 +0000
ROA not before: Wed 23 Aug 2023 01:52:35 +0000
ROA not after: Thu 22 Aug 2024 01:11:34 +0000
asID: 131149
IP address blocks: 103.255.206.0/23 maxlen: 32
Validation: Failed, certificate revoked on Thu 08 Aug 2024 01:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCDB3E6EFDA9ECC679D3986A279F2B944EF74E5F
Validity
Not Before: Aug 23 01:52:35 2023 GMT
Not After : Aug 22 01:11:34 2024 GMT
Subject: CN=70A845F233C0DD937F77E5F5E2AA84379BC3FFD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3f:34:25:c7:18:46:1f:a0:94:c1:c7:41:9f:
f2:fe:cb:69:1a:65:a5:ce:3f:b4:ed:56:50:27:e2:
a6:df:cc:95:a9:42:4b:10:5c:59:72:4f:62:80:93:
a0:65:56:8e:d4:1d:77:6d:04:6d:d1:bb:00:e2:21:
a5:e7:b3:cf:5b:81:6b:65:d9:c0:d2:7b:40:31:17:
b6:ef:d7:bf:66:d6:70:e3:73:58:76:b5:61:88:43:
51:33:ff:1c:04:98:6d:1c:11:83:5c:c1:38:7b:97:
fe:0f:76:6e:c0:97:6d:b6:48:c1:fd:37:27:04:7e:
ed:92:46:34:02:0f:c4:54:98:5b:c3:01:30:49:80:
cd:c1:20:9a:8e:ec:00:5f:cc:49:c4:0b:17:53:39:
43:a8:1a:2c:fc:52:57:a5:91:dc:aa:e4:cd:15:b8:
24:e1:23:4a:66:44:04:65:dd:dc:43:f3:60:4a:8d:
19:4a:0d:27:3f:7f:4f:d7:90:a6:87:67:b9:86:5c:
07:4e:d1:2e:a1:5a:5d:41:c4:d3:bc:27:76:0e:0e:
e9:80:10:cf:1f:d7:88:73:42:68:48:00:54:4c:99:
89:ad:c2:31:51:9b:35:2e:86:58:58:e5:13:7b:bf:
2e:15:64:9d:a5:41:02:9b:e4:d0:05:59:b0:a6:82:
98:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A8:45:F2:33:C0:DD:93:7F:77:E5:F5:E2:AA:84:37:9B:C3:FF:D7
X509v3 Authority Key Identifier:
keyid:CC:DB:3E:6E:FD:A9:EC:C6:79:D3:98:6A:27:9F:2B:94:4E:F7:4E:5F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAY/zNs-bv2p7MZ505hqJ58rlE73Tl8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zNs-bv2p7MZ505hqJ58rlE73Tl8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAY/cKhF8jPA3ZN_d-X14qqEN5vD_9c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.206.0/23
Signature Algorithm: sha256WithRSAEncryption
21:e2:93:43:68:f7:d8:ea:7e:d4:75:7a:df:25:93:a7:69:c3:
03:23:83:42:07:d7:64:d9:32:9b:ea:90:a3:d7:77:72:ed:45:
95:cb:7a:c4:e5:07:eb:2d:de:f5:8c:f0:b5:ea:e3:0d:96:d2:
06:f3:7a:55:9d:fe:ea:7f:15:0a:61:a4:e0:06:7d:c0:03:91:
d7:60:e9:34:b1:37:26:87:b0:ee:77:7c:93:8e:ef:ac:32:98:
ee:55:43:d5:da:9e:8e:0a:37:5e:09:02:0f:e6:01:7c:59:14:
45:3b:6c:07:9e:ca:6e:22:e5:d5:69:b2:4c:ec:2e:80:cf:07:
98:1b:6a:f2:18:33:9a:b2:e6:25:2c:65:c2:7b:34:2a:5b:10:
8a:95:04:bb:7b:04:6e:c8:fe:7f:7c:15:05:33:02:e3:ca:fa:
0c:d8:6d:b3:0e:27:01:c9:36:ee:41:44:e1:15:bc:ba:3b:4d:
a7:f6:99:75:06:aa:74:d6:3e:05:dd:63:8f:8c:e7:b0:a1:2f:
a9:7d:63:07:c7:28:43:78:a8:a8:dc:21:cc:62:45:62:56:4a:
6d:03:61:12:12:53:16:c5:e8:13:87:19:5c:84:ad:64:99:af:
2c:5a:f4:09:3c:6f:ed:a9:57:b7:39:b7:8e:40:89:0d:f1:46:
95:6f:20:b2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDQ0RC
M0U2RUZEQTlFQ0M2NzlEMzk4NkEyNzlGMkI5NDRFRjc0RTVGMB4XDTIzMDgyMzAx
NTIzNVoXDTI0MDgyMjAxMTEzNFowMzExMC8GA1UEAxMoNzBBODQ1RjIzM0MwREQ5
MzdGNzdFNUY1RTJBQTg0Mzc5QkMzRkZENzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANA/NCXHGEYfoJTBx0Gf8v7LaRplpc4/tO1WUCfipt/MlalCSxBc
WXJPYoCToGVWjtQdd20EbdG7AOIhpeezz1uBa2XZwNJ7QDEXtu/Xv2bWcONzWHa1
YYhDUTP/HASYbRwRg1zBOHuX/g92bsCXbbZIwf03JwR+7ZJGNAIPxFSYW8MBMEmA
zcEgmo7sAF/MScQLF1M5Q6gaLPxSV6WR3KrkzRW4JOEjSmZEBGXd3EPzYEqNGUoN
Jz9/T9eQpodnuYZcB07RLqFaXUHE07wndg4O6YAQzx/XiHNCaEgAVEyZia3CMVGb
NS6GWFjlE3u/LhVknaVBApvk0AVZsKaCmIcCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBRwqEXyM8Ddk3935fXiqoQ3m8P/1zAfBgNVHSMEGDAWgBTM2z5u/ansxnnTmGon
nyuUTvdOXzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FUkFZL3pO
cy1idjJwN01aNTA1aHFKNThybEU3M1RsOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ek5zLWJ2MnA3TVo1MDVocUo1OHJsRTczVGw4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRVJBWS9jS2hGOGpQQTNaTl9kLVgxNHFxRU41
dkRfOWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ//OMA0G
CSqGSIb3DQEBCwUAA4IBAQAh4pNDaPfY6n7UdXrfJZOnacMDI4NCB9dk2TKb6pCj
13dy7UWVy3rE5QfrLd71jPC16uMNltIG83pVnf7qfxUKYaTgBn3AA5HXYOk0sTcm
h7Dud3yTju+sMpjuVUPV2p6OCjdeCQIP5gF8WRRFO2wHnspuIuXVabJM7C6AzweY
G2ryGDOasuYlLGXCezQqWxCKlQS7ewRuyP5/fBUFMwLjyvoM2G2zDicByTbuQUTh
Fby6O02n9pl1Bqp01j4F3WOPjOewoS+pfWMHxyhDeKio3CHMYkViVkptA2ESElMW
xegThxlchK1kma8sWvQJPG/tqVe3ObeOQIkN8UaVbyCy
-----END CERTIFICATE-----
Generated at Thu Aug 8 03:13:56 2024 by rpki-client on console-fra.rpki-client.org