Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FUYU/CYB-2Iwge7Wh8mrQA4L26516e7M.roa
File: CYB-2Iwge7Wh8mrQA4L26516e7M.roa (raw, json)
Hash identifier: HRJiDd73JRdnALwY9AmuOcI0p7dc3vWvLuRPipdd6cc=
Subject key identifier: 09:80:7E:D8:8C:20:7B:B5:A1:F2:6A:D0:03:82:F6:EB:9D:7A:7B:B3
Certificate issuer: /CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Certificate serial: 05
Authority key identifier: DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/CYB-2Iwge7Wh8mrQA4L26516e7M.roa
Signing time: Fri 22 Mar 2024 09:08:39 +0000
ROA not before: Fri 22 Mar 2024 09:08:39 +0000
ROA not after: Fri 21 Feb 2025 15:30:22 +0000
asID: 150771
IP address blocks: 157.20.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 09:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Validity
Not Before: Mar 22 09:08:39 2024 GMT
Not After : Feb 21 15:30:22 2025 GMT
Subject: CN=09807ED88C207BB5A1F26AD00382F6EB9D7A7BB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ff:48:0c:14:f7:9f:0c:15:f3:ab:26:45:03:
b2:17:dd:4e:51:59:ca:58:7c:11:91:03:4e:b8:1b:
64:5f:50:a5:63:3b:52:94:34:50:b1:1d:c3:55:07:
f3:87:d0:e2:ed:89:98:50:50:6d:18:15:c3:c0:11:
50:0a:77:87:6b:4b:21:27:3c:a4:d4:56:d5:c4:3a:
ab:b6:03:5d:9c:a8:ae:0e:1e:99:2c:19:b0:09:76:
17:e4:d5:fe:b6:71:f3:f2:cf:78:59:5a:40:a7:c2:
12:1b:f4:8d:9a:99:19:b8:0a:54:60:11:a3:73:98:
bb:0d:43:9e:97:58:b3:a9:53:d4:56:d6:38:d8:6f:
18:55:ac:6e:34:34:c2:ba:9d:64:31:c4:c8:a2:26:
2a:e6:0d:bc:ea:b6:96:7d:db:d2:7c:9d:e4:17:72:
25:1e:e1:14:af:da:a7:2a:95:52:52:76:22:cb:ac:
15:ba:9b:00:06:67:36:19:2d:0d:08:f2:e6:2d:e0:
a5:60:57:42:c2:ad:cf:70:55:b2:0a:dd:0b:17:f5:
71:5b:33:de:39:e0:ca:60:c8:a6:5d:3b:0c:f1:b7:
54:0c:ea:9f:a0:8d:27:86:6b:92:98:b3:89:05:b8:
d8:24:bc:b1:a7:98:18:39:df:1d:47:ba:af:69:58:
02:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:80:7E:D8:8C:20:7B:B5:A1:F2:6A:D0:03:82:F6:EB:9D:7A:7B:B3
X509v3 Authority Key Identifier:
keyid:DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/CYB-2Iwge7Wh8mrQA4L26516e7M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.69.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:16:d2:ad:66:57:b5:4f:f2:c5:19:a8:80:4b:08:cf:d1:50:
65:15:68:4a:7e:5c:2d:6d:b7:c5:f0:b5:ea:ad:91:50:e0:fd:
72:7f:a3:ab:6c:64:c5:6c:22:41:c7:75:30:fb:d6:a8:3c:a9:
89:12:fa:e4:56:e3:18:5e:a4:37:42:59:9c:a9:29:dd:e1:f4:
70:30:78:20:dd:ae:97:a9:06:d9:1e:6f:3c:56:87:b0:cb:8d:
3b:45:ee:27:90:2d:97:7c:e7:a7:94:71:13:22:32:ba:bf:21:
d0:ab:e5:66:33:b5:4a:58:91:a9:b6:15:aa:90:63:55:8c:2a:
46:9a:7f:a4:71:f7:29:f2:c5:54:4d:97:ce:37:92:57:43:80:
80:50:9e:c6:ec:2b:2d:4f:08:61:47:b3:00:82:c4:c0:6e:80:
0b:4e:94:21:cd:3c:ae:08:8b:23:77:c3:61:89:92:3c:75:b3:
fa:07:6d:65:0c:b3:82:bd:a8:24:51:32:68:ef:b2:05:6e:16:
5a:e5:1e:d6:ba:68:0b:7d:d1:4d:bb:df:7a:b0:6f:4e:9f:72:
4b:4e:c0:57:9e:f4:27:ca:f5:30:da:4b:45:72:21:4a:ff:7a:
cc:6a:a2:ca:53:ee:49:9f:70:47:47:ac:06:e9:00:af:cf:5f:
3d:4d:95:54
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERTg3
MkJBRDI2MkQxOEYwQTY3NDlFMDI3MkQ5NzUyNjFEOTQ5RUMzMB4XDTI0MDMyMjA5
MDgzOVoXDTI1MDIyMTE1MzAyMlowMzExMC8GA1UEAxMoMDk4MDdFRDg4QzIwN0JC
NUExRjI2QUQwMDM4MkY2RUI5RDdBN0JCMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANv/SAwU958MFfOrJkUDshfdTlFZylh8EZEDTrgbZF9QpWM7UpQ0
ULEdw1UH84fQ4u2JmFBQbRgVw8ARUAp3h2tLISc8pNRW1cQ6q7YDXZyorg4emSwZ
sAl2F+TV/rZx8/LPeFlaQKfCEhv0jZqZGbgKVGARo3OYuw1DnpdYs6lT1FbWONhv
GFWsbjQ0wrqdZDHEyKImKuYNvOq2ln3b0nyd5BdyJR7hFK/apyqVUlJ2IsusFbqb
AAZnNhktDQjy5i3gpWBXQsKtz3BVsgrdCxf1cVsz3jngymDIpl07DPG3VAzqn6CN
J4ZrkpiziQW42CS8saeYGDnfHUe6r2lYAp8CAwEAAaOCAeowggHmMB0GA1UdDgQW
BBQJgH7YjCB7taHyatADgvbrnXp7szAfBgNVHSMEGDAWgBTehyutJi0Y8KZ0ngJy
2XUmHZSewzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9GVVlVLzNv
Y3JyU1l0R1BDbWRKNENjdGwxSmgyVW5zTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
M29jcnJTWXRHUENtZEo0Q2N0bDFKaDJVbnNNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRlVZVS9DWUItMkl3Z2U3V2g4bXJRQTRMMjY1
MTZlN00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRRFMA0G
CSqGSIb3DQEBCwUAA4IBAQBcFtKtZle1T/LFGaiASwjP0VBlFWhKflwtbbfF8LXq
rZFQ4P1yf6OrbGTFbCJBx3Uw+9aoPKmJEvrkVuMYXqQ3QlmcqSnd4fRwMHgg3a6X
qQbZHm88Voewy407Re4nkC2XfOenlHETIjK6vyHQq+VmM7VKWJGpthWqkGNVjCpG
mn+kcfcp8sVUTZfON5JXQ4CAUJ7G7CstTwhhR7MAgsTAboALTpQhzTyuCIsjd8Nh
iZI8dbP6B21lDLOCvagkUTJo77IFbhZa5R7WumgLfdFNu996sG9On3JLTsBXnvQn
yvUw2ktFciFK/3rMaqLKU+5Jn3BHR6wG6QCvz189TZVU
-----END CERTIFICATE-----
Generated at Sun Mar 24 10:20:14 2024 by rpki-client on console-fra.rpki-client.org