Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FUYU/-KEXJqGmXSeOFXOycQ70uT6PuyM.roa
File: -KEXJqGmXSeOFXOycQ70uT6PuyM.roa (raw, json)
Hash identifier: heAXoaZ9Sg4EYYYFulJLxYRd0+yojel8I6uGHjLg8Ug=
Subject key identifier: F8:A1:17:26:A1:A6:5D:27:8E:15:73:B2:71:0E:F4:B9:3E:8F:BB:23
Certificate issuer: /CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Certificate serial: 10
Authority key identifier: DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/-KEXJqGmXSeOFXOycQ70uT6PuyM.roa
Signing time: Sun 24 Mar 2024 09:10:35 +0000
ROA not before: Sun 24 Mar 2024 09:10:35 +0000
ROA not after: Fri 21 Feb 2025 15:30:22 +0000
asID: 150771
IP address blocks: 157.20.68.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 24 Mar 2024 13:10:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Validity
Not Before: Mar 24 09:10:35 2024 GMT
Not After : Feb 21 15:30:22 2025 GMT
Subject: CN=F8A11726A1A65D278E1573B2710EF4B93E8FBB23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:93:ec:64:c8:e7:85:3b:7e:42:21:de:59:4f:
d0:27:66:b6:17:83:31:6d:8b:f3:59:02:bb:49:68:
24:97:dc:27:97:ae:63:fa:84:65:26:a6:b5:66:33:
9d:73:89:3a:89:37:41:ef:51:84:dc:bb:56:06:d8:
50:00:01:3b:6d:79:86:51:09:be:62:17:81:47:01:
79:e1:73:14:da:81:ac:df:3b:72:df:1c:65:8b:c5:
08:cb:da:24:0e:07:d9:01:9d:cf:d3:7b:ab:1d:4c:
73:ca:7e:a6:b6:09:df:ec:27:0c:08:99:83:1c:e3:
8a:b2:0d:d1:ef:56:14:5f:c7:a8:97:7f:c8:5f:44:
57:f1:f7:9a:11:d8:a4:5d:84:b7:26:cd:66:db:b2:
de:00:c3:f4:40:5c:c5:76:b3:96:f6:32:10:d7:dc:
96:b5:50:92:a6:48:47:6a:cb:e2:90:a0:15:5d:20:
9a:99:dd:7b:a2:ae:00:11:86:74:c9:b4:8f:07:1e:
29:75:57:22:9c:c1:f3:ca:96:ad:2f:c4:dd:72:b7:
e5:54:62:61:11:45:56:b0:8f:1f:25:80:a4:f5:c8:
89:12:69:ad:4a:3b:2e:eb:dc:29:be:06:70:86:29:
2f:70:c2:6f:0f:42:78:72:a5:78:5c:07:d0:5d:d8:
0d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A1:17:26:A1:A6:5D:27:8E:15:73:B2:71:0E:F4:B9:3E:8F:BB:23
X509v3 Authority Key Identifier:
keyid:DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/-KEXJqGmXSeOFXOycQ70uT6PuyM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.68.0/23
Signature Algorithm: sha256WithRSAEncryption
90:f2:97:1e:59:4b:89:2b:6f:b7:80:17:cf:9d:ff:79:81:9b:
fe:09:51:a9:5d:9a:71:45:c0:af:86:a0:46:c0:ee:12:00:0b:
ed:87:a8:ec:63:51:7f:72:f3:bd:8d:35:41:03:e1:d2:b7:58:
29:2a:a2:ce:88:08:69:15:3c:ac:1c:82:bb:25:2b:8d:fb:82:
d4:7c:bb:b0:21:19:6c:3e:77:fa:f3:a8:fe:cd:2f:60:4d:cd:
bb:aa:06:4a:63:8f:3b:d7:dd:bb:90:cc:2e:fd:ed:70:fd:1e:
54:8b:ac:94:a6:1c:e7:9d:9f:0a:9c:e8:54:e4:f6:44:e1:72:
d6:e4:f3:13:8e:1f:72:9c:5f:e4:b0:20:75:af:4d:ea:0e:2e:
dc:e7:ee:66:f6:78:88:b9:a3:e1:0a:bf:95:1c:4b:59:82:68:
7c:a0:e1:50:b5:f7:8f:15:40:ae:ca:0a:57:4e:21:72:8e:67:
73:5b:6e:b4:9a:cc:e7:9f:e5:28:31:76:53:65:86:6b:01:0f:
69:b0:3e:26:f8:ef:65:aa:be:6f:e7:98:de:b5:e8:23:7e:9b:
9e:b6:f1:a6:5e:88:29:f1:71:bb:c2:c1:25:e9:8b:d5:5c:9c:
7b:10:b0:c0:09:0a:ec:29:e3:0a:42:86:6d:6f:fd:bc:3a:97:
fa:70:e7:2b
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERTg3
MkJBRDI2MkQxOEYwQTY3NDlFMDI3MkQ5NzUyNjFEOTQ5RUMzMB4XDTI0MDMyNDA5
MTAzNVoXDTI1MDIyMTE1MzAyMlowMzExMC8GA1UEAxMoRjhBMTE3MjZBMUE2NUQy
NzhFMTU3M0IyNzEwRUY0QjkzRThGQkIyMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK6T7GTI54U7fkIh3llP0CdmtheDMW2L81kCu0loJJfcJ5euY/qE
ZSamtWYznXOJOok3Qe9RhNy7VgbYUAABO215hlEJvmIXgUcBeeFzFNqBrN87ct8c
ZYvFCMvaJA4H2QGdz9N7qx1Mc8p+prYJ3+wnDAiZgxzjirIN0e9WFF/HqJd/yF9E
V/H3mhHYpF2EtybNZtuy3gDD9EBcxXazlvYyENfclrVQkqZIR2rL4pCgFV0gmpnd
e6KuABGGdMm0jwceKXVXIpzB88qWrS/E3XK35VRiYRFFVrCPHyWApPXIiRJprUo7
LuvcKb4GcIYpL3DCbw9CeHKleFwH0F3YDd0CAwEAAaOCAeowggHmMB0GA1UdDgQW
BBT4oRcmoaZdJ44Vc7JxDvS5Po+7IzAfBgNVHSMEGDAWgBTehyutJi0Y8KZ0ngJy
2XUmHZSewzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9GVVlVLzNv
Y3JyU1l0R1BDbWRKNENjdGwxSmgyVW5zTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
M29jcnJTWXRHUENtZEo0Q2N0bDFKaDJVbnNNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRlVZVS8tS0VYSnFHbVhTZU9GWE95Y1E3MHVU
NlB1eU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRREMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ8pceWUuJK2+3gBfPnf95gZv+CVGpXZpxRcCvhqBG
wO4SAAvth6jsY1F/cvO9jTVBA+HSt1gpKqLOiAhpFTysHIK7JSuN+4LUfLuwIRls
Pnf686j+zS9gTc27qgZKY4871927kMwu/e1w/R5Ui6yUphznnZ8KnOhU5PZE4XLW
5PMTjh9ynF/ksCB1r03qDi7c5+5m9niIuaPhCr+VHEtZgmh8oOFQtfePFUCuygpX
TiFyjmdzW260msznn+UoMXZTZYZrAQ9psD4m+O9lqr5v55jetegjfpuetvGmXogp
8XG7wsEl6YvVXJx7ELDACQrsKeMKQoZtb/28Opf6cOcr
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org