Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FUYU/W1C2_97AXClFEPmx-1OTuV15ET8.roa
File: W1C2_97AXClFEPmx-1OTuV15ET8.roa (raw, json)
Hash identifier: 5/xaDhhwzYFRqpVuO3w5XYuszC6dxCvavIrwS1NjprQ=
Subject key identifier: 5B:50:B6:FF:DE:C0:5C:29:45:10:F9:B1:FB:53:93:B9:5D:79:11:3F
Certificate issuer: /CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Certificate serial: 03
Authority key identifier: DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/W1C2_97AXClFEPmx-1OTuV15ET8.roa
Signing time: Fri 22 Mar 2024 08:58:34 +0000
ROA not before: Fri 22 Mar 2024 08:58:34 +0000
ROA not after: Fri 21 Feb 2025 15:30:22 +0000
asID: 150771
IP address blocks: 157.20.68.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 24 Mar 2024 09:05:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Validity
Not Before: Mar 22 08:58:34 2024 GMT
Not After : Feb 21 15:30:22 2025 GMT
Subject: CN=5B50B6FFDEC05C294510F9B1FB5393B95D79113F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9a:57:a5:7d:66:1a:49:8f:e5:79:6f:a8:df:
f3:22:73:e4:cc:db:96:9b:bf:eb:ce:cf:21:24:74:
da:97:cb:e9:1e:c4:a6:ed:6d:e1:98:ee:b1:2a:23:
c8:74:1d:a8:27:d4:93:4f:7a:43:a8:a3:4e:eb:de:
e8:af:9a:ec:fa:d2:fa:f6:f7:52:49:d3:12:26:08:
7f:d5:a9:ff:e0:fc:21:ab:11:8d:7b:dc:6e:ee:c5:
24:b5:d4:8b:c1:94:4c:5f:18:0d:52:9a:a4:5a:4b:
6e:68:f6:9c:a3:b6:4f:43:0a:4a:bb:84:bc:15:c2:
2e:0c:d1:da:1c:b9:65:bd:ca:48:96:4f:a8:53:d7:
0a:c0:e5:c7:a1:8e:8b:73:e9:da:6e:ca:d1:8a:b2:
0f:dc:28:98:e4:e9:f9:9a:da:f3:c6:7b:02:92:24:
c3:00:57:6a:38:87:25:39:77:bf:8b:4e:26:fd:8a:
37:8e:67:2d:f1:c1:c9:3e:80:39:13:14:7b:13:fa:
54:4b:4f:eb:35:54:d2:2a:e7:19:eb:2a:c0:52:a7:
c7:9c:c9:a3:48:07:1c:b6:b9:38:60:34:1f:bd:d0:
a5:13:ea:47:22:46:6c:71:ec:12:21:0a:88:80:b0:
2b:ff:6c:d5:b0:f9:3c:67:e8:5f:c5:01:73:f6:dc:
56:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:50:B6:FF:DE:C0:5C:29:45:10:F9:B1:FB:53:93:B9:5D:79:11:3F
X509v3 Authority Key Identifier:
keyid:DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/W1C2_97AXClFEPmx-1OTuV15ET8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.68.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:23:2a:12:e8:14:e4:fd:59:13:41:9c:64:fc:bb:f5:8a:a6:
52:6c:5a:d6:f5:b7:e9:1d:aa:47:5d:cd:1c:76:33:5a:73:5c:
33:ec:f5:35:a4:fa:d7:80:dc:b3:35:93:ee:de:83:37:af:8d:
0c:6e:fa:d3:a9:b9:54:ca:7f:91:40:5c:ae:14:f9:d6:0e:c4:
6d:9a:88:db:6c:5a:a8:89:c9:88:0c:d7:67:cd:74:5f:db:42:
e3:2e:94:87:e6:6f:92:20:37:0a:2e:64:e2:c8:07:e3:2a:a2:
89:84:9a:3b:2e:1b:34:3c:2a:eb:51:91:f9:8d:49:22:d7:04:
44:e5:03:d3:2c:4e:92:1c:cd:02:c6:1d:6e:c8:17:25:d5:b6:
91:73:df:e8:49:9e:50:1c:ec:49:d5:7e:4d:a3:aa:e4:7c:d5:
b7:fe:5b:d6:e3:45:bd:44:5b:96:c8:4e:f3:2e:8d:90:b6:f7:
dc:d2:6f:71:cc:87:a0:ad:ba:bc:0b:ab:e5:1b:72:40:87:d5:
f6:10:9c:71:88:37:e3:ef:16:51:21:4f:96:8a:4e:71:a1:bc:
12:e3:fe:e4:96:f3:3e:06:5e:12:26:f9:a7:15:35:70:a3:91:
5a:79:7b:4e:55:5c:8e:43:50:ff:e6:44:31:81:ee:ff:8d:a1:
50:11:1f:48
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERTg3
MkJBRDI2MkQxOEYwQTY3NDlFMDI3MkQ5NzUyNjFEOTQ5RUMzMB4XDTI0MDMyMjA4
NTgzNFoXDTI1MDIyMTE1MzAyMlowMzExMC8GA1UEAxMoNUI1MEI2RkZERUMwNUMy
OTQ1MTBGOUIxRkI1MzkzQjk1RDc5MTEzRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALuaV6V9ZhpJj+V5b6jf8yJz5Mzblpu/687PISR02pfL6R7Epu1t
4ZjusSojyHQdqCfUk096Q6ijTuve6K+a7PrS+vb3UknTEiYIf9Wp/+D8IasRjXvc
bu7FJLXUi8GUTF8YDVKapFpLbmj2nKO2T0MKSruEvBXCLgzR2hy5Zb3KSJZPqFPX
CsDlx6GOi3Pp2m7K0YqyD9womOTp+Zra88Z7ApIkwwBXajiHJTl3v4tOJv2KN45n
LfHByT6AORMUexP6VEtP6zVU0irnGesqwFKnx5zJo0gHHLa5OGA0H73QpRPqRyJG
bHHsEiEKiICwK/9s1bD5PGfoX8UBc/bcVm0CAwEAAaOCAeowggHmMB0GA1UdDgQW
BBRbULb/3sBcKUUQ+bH7U5O5XXkRPzAfBgNVHSMEGDAWgBTehyutJi0Y8KZ0ngJy
2XUmHZSewzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9GVVlVLzNv
Y3JyU1l0R1BDbWRKNENjdGwxSmgyVW5zTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
M29jcnJTWXRHUENtZEo0Q2N0bDFKaDJVbnNNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRlVZVS9XMUMyXzk3QVhDbEZFUG14LTFPVHVW
MTVFVDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRREMA0G
CSqGSIb3DQEBCwUAA4IBAQBvIyoS6BTk/VkTQZxk/Lv1iqZSbFrW9bfpHapHXc0c
djNac1wz7PU1pPrXgNyzNZPu3oM3r40MbvrTqblUyn+RQFyuFPnWDsRtmojbbFqo
icmIDNdnzXRf20LjLpSH5m+SIDcKLmTiyAfjKqKJhJo7Lhs0PCrrUZH5jUki1wRE
5QPTLE6SHM0Cxh1uyBcl1baRc9/oSZ5QHOxJ1X5No6rkfNW3/lvW40W9RFuWyE7z
Lo2Qtvfc0m9xzIegrbq8C6vlG3JAh9X2EJxxiDfj7xZRIU+Wik5xobwS4/7klvM+
Bl4SJvmnFTVwo5FaeXtOVVyOQ1D/5kQxge7/jaFQER9I
-----END CERTIFICATE-----
Generated at Sun Mar 24 10:20:14 2024 by rpki-client on console-fra.rpki-client.org