Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FUYU/kEjH-9ygk552C2MhXxoNvk2-V3Q.roa
File: kEjH-9ygk552C2MhXxoNvk2-V3Q.roa (raw, json)
Hash identifier: tJUkb2wRIfXb1pq0gzdWyhb0vKKR299+80h4KQ4lF4E=
Subject key identifier: 90:48:C7:FB:DC:A0:93:9E:76:0B:63:21:5F:1A:0D:BE:4D:BE:57:74
Certificate issuer: /CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Certificate serial: 0E
Authority key identifier: DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/kEjH-9ygk552C2MhXxoNvk2-V3Q.roa
Signing time: Sun 24 Mar 2024 09:06:03 +0000
ROA not before: Sun 24 Mar 2024 09:06:03 +0000
ROA not after: Fri 21 Feb 2025 15:30:22 +0000
asID: 150771
IP address blocks: 157.20.68.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 13:15:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Validity
Not Before: Mar 24 09:06:03 2024 GMT
Not After : Feb 21 15:30:22 2025 GMT
Subject: CN=9048C7FBDCA0939E760B63215F1A0DBE4DBE5774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f1:c5:1d:5e:26:fe:c2:db:c4:79:15:30:a6:
a5:6d:53:bc:ac:a3:e8:3f:ae:b3:d9:8e:2d:60:c3:
e4:6c:f7:3e:cf:b5:46:81:b0:1e:d3:e9:22:89:2b:
61:88:cd:9f:2e:dc:03:1f:e5:7c:e9:d9:bc:17:79:
8e:96:ab:73:c5:4f:20:f7:2a:c1:7e:68:00:7d:ca:
fa:8f:99:33:47:21:96:ee:bd:2e:23:bc:b0:1d:4d:
01:16:0e:3a:33:25:05:5c:db:21:36:dc:24:e7:c1:
7f:39:fa:a8:39:b5:78:d5:4d:42:44:c3:17:e4:95:
e2:23:5d:c1:67:c4:1e:02:f1:8a:65:0e:16:e8:4e:
da:04:23:4b:79:db:ad:0e:c9:42:af:97:20:91:c7:
9a:dd:c4:f0:43:8e:a7:f5:06:9c:a6:e8:a0:89:53:
12:b3:91:87:7f:a5:0d:70:79:cb:74:b4:1b:1a:91:
27:57:95:5b:d3:49:6b:1a:61:00:5b:84:42:33:5c:
3a:3c:db:6f:ea:32:15:ac:e0:a5:8d:ac:41:24:46:
8f:53:4a:71:2b:cf:05:76:4b:36:35:38:fc:d2:b1:
96:ed:99:fb:55:ab:f5:d7:ba:99:a2:44:26:2a:36:
45:c3:b7:51:3d:ac:7c:a6:44:63:a3:97:57:f2:5a:
ae:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:48:C7:FB:DC:A0:93:9E:76:0B:63:21:5F:1A:0D:BE:4D:BE:57:74
X509v3 Authority Key Identifier:
keyid:DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/kEjH-9ygk552C2MhXxoNvk2-V3Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.68.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:72:7f:ae:b1:97:1c:71:7f:21:a5:07:67:e7:27:4f:1c:73:
7a:c8:3e:0e:53:3a:c0:e6:c5:de:c4:ef:c3:8f:3c:86:55:db:
58:56:f2:54:b1:3f:42:d8:19:5a:d1:38:ff:ab:87:d7:50:7d:
de:de:fd:c5:35:e8:b9:59:19:dc:b7:25:48:9b:ac:4b:e3:5b:
49:22:33:df:9a:b8:6f:30:fb:9d:d9:f9:23:6b:c4:37:23:42:
44:f9:a4:ac:8c:ab:a8:7f:23:ad:b5:cf:fe:b0:ac:e8:04:f3:
33:be:e2:47:ec:26:f1:6e:0d:89:a6:85:a9:06:dc:b6:80:e9:
12:e8:53:08:48:cc:9a:5c:43:d7:96:a7:d2:9d:85:32:05:87:
5e:88:45:df:28:b5:ba:c9:ce:2a:8a:33:da:17:15:16:56:48:
c4:45:72:a5:b0:f4:3a:96:a1:3b:31:83:5e:e6:1b:78:fe:f8:
f2:6d:f8:f3:8f:61:ed:fb:e2:b9:78:64:0e:dc:69:34:49:21:
fa:2b:f4:4e:87:f0:7d:f4:0b:df:d9:b5:95:6b:af:d7:16:72:
98:ba:14:39:d4:43:cb:db:38:ca:a4:c5:ee:b5:ee:3d:6a:1f:
c1:49:0a:51:e6:1d:ad:0e:a3:66:99:7e:4d:dd:58:09:7e:ff:
c0:a9:a1:6e
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERTg3
MkJBRDI2MkQxOEYwQTY3NDlFMDI3MkQ5NzUyNjFEOTQ5RUMzMB4XDTI0MDMyNDA5
MDYwM1oXDTI1MDIyMTE1MzAyMlowMzExMC8GA1UEAxMoOTA0OEM3RkJEQ0EwOTM5
RTc2MEI2MzIxNUYxQTBEQkU0REJFNTc3NDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJfxxR1eJv7C28R5FTCmpW1TvKyj6D+us9mOLWDD5Gz3Ps+1RoGw
HtPpIokrYYjNny7cAx/lfOnZvBd5jparc8VPIPcqwX5oAH3K+o+ZM0chlu69LiO8
sB1NARYOOjMlBVzbITbcJOfBfzn6qDm1eNVNQkTDF+SV4iNdwWfEHgLximUOFuhO
2gQjS3nbrQ7JQq+XIJHHmt3E8EOOp/UGnKbooIlTErORh3+lDXB5y3S0GxqRJ1eV
W9NJaxphAFuEQjNcOjzbb+oyFazgpY2sQSRGj1NKcSvPBXZLNjU4/NKxlu2Z+1Wr
9de6maJEJio2RcO3UT2sfKZEY6OXV/JarjcCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBSQSMf73KCTnnYLYyFfGg2+Tb5XdDAfBgNVHSMEGDAWgBTehyutJi0Y8KZ0ngJy
2XUmHZSewzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9GVVlVLzNv
Y3JyU1l0R1BDbWRKNENjdGwxSmgyVW5zTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
M29jcnJTWXRHUENtZEo0Q2N0bDFKaDJVbnNNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRlVZVS9rRWpILTl5Z2s1NTJDMk1oWHhvTnZr
Mi1WM1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRREMA0G
CSqGSIb3DQEBCwUAA4IBAQBqcn+usZcccX8hpQdn5ydPHHN6yD4OUzrA5sXexO/D
jzyGVdtYVvJUsT9C2Bla0Tj/q4fXUH3e3v3FNei5WRnctyVIm6xL41tJIjPfmrhv
MPud2fkja8Q3I0JE+aSsjKuofyOttc/+sKzoBPMzvuJH7Cbxbg2JpoWpBty2gOkS
6FMISMyaXEPXlqfSnYUyBYdeiEXfKLW6yc4qijPaFxUWVkjERXKlsPQ6lqE7MYNe
5ht4/vjybfjzj2Ht++K5eGQO3Gk0SSH6K/ROh/B99Avf2bWVa6/XFnKYuhQ51EPL
2zjKpMXute49ah/BSQpR5h2tDqNmmX5N3VgJfv/AqaFu
-----END CERTIFICATE-----
Generated at Sun Mar 24 13:55:29 2024 by rpki-client on console-ams.rpki-client.org