Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FUYU/ztnYNs2TjWKzcAyyhivlNeSRS9c.roa
File: ztnYNs2TjWKzcAyyhivlNeSRS9c.roa (raw, json)
Hash identifier: QsJf/Xb2zq77FkU7C4+i3iww/odaxLctiabV1ypHoEs=
Subject key identifier: CE:D9:D8:36:CD:93:8D:62:B3:70:0C:B2:86:2B:E5:35:E4:91:4B:D7
Certificate issuer: /CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Certificate serial: 07
Authority key identifier: DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/ztnYNs2TjWKzcAyyhivlNeSRS9c.roa
Signing time: Fri 22 Mar 2024 09:09:40 +0000
ROA not before: Fri 22 Mar 2024 09:09:40 +0000
ROA not after: Fri 21 Feb 2025 15:30:22 +0000
asID: 150771
IP address blocks: 157.20.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 09:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Validity
Not Before: Mar 22 09:09:40 2024 GMT
Not After : Feb 21 15:30:22 2025 GMT
Subject: CN=CED9D836CD938D62B3700CB2862BE535E4914BD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:06:66:66:5b:96:29:02:1a:fe:5b:7c:01:20:
fa:56:24:4f:fb:08:11:3a:03:4e:44:70:d8:5f:09:
e2:ee:31:18:74:af:1b:7d:01:20:b6:9f:5e:a0:12:
13:cd:46:2b:14:31:9f:08:da:60:d6:1f:cd:b0:ad:
4f:57:0f:fd:e7:f1:5d:14:d5:79:8f:25:a3:00:79:
f4:82:34:fb:cf:ce:e9:ad:f5:2c:55:09:02:95:65:
71:89:b3:e3:d1:43:f2:ba:ad:0a:35:2d:c0:24:f9:
17:71:86:a4:45:9f:d4:c2:1b:dc:50:56:31:35:1f:
2c:44:db:d6:d0:d1:d0:3d:19:6a:70:99:59:bf:0b:
29:ae:07:9d:93:ab:26:19:66:b7:19:96:dd:0b:8d:
55:72:10:62:ae:6b:65:3b:be:dc:0b:cc:37:f4:cf:
84:be:bf:5c:df:89:33:e8:69:04:67:19:f8:44:49:
03:32:2b:96:34:bd:86:69:3b:f9:ae:89:cb:b6:0c:
ae:cb:20:51:86:7d:7e:95:de:90:43:22:2c:6b:34:
71:b9:23:4b:d6:b6:0a:63:03:0c:8b:68:69:9c:11:
87:03:29:95:c3:b5:44:72:e9:3e:db:75:e2:86:cd:
1b:54:bf:b2:b9:42:c6:4c:17:f4:83:c1:a5:24:5f:
9d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D9:D8:36:CD:93:8D:62:B3:70:0C:B2:86:2B:E5:35:E4:91:4B:D7
X509v3 Authority Key Identifier:
keyid:DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/ztnYNs2TjWKzcAyyhivlNeSRS9c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.68.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:67:3e:e9:50:29:d2:60:b1:1a:1b:5e:e0:1f:18:c4:8a:fc:
c2:18:47:13:e8:df:09:17:c6:7c:c3:63:29:2b:8c:14:36:99:
ee:d9:7f:c1:ef:dc:39:90:0d:a4:d0:60:51:6e:31:97:9d:bc:
cc:ae:19:0c:ca:df:1e:6e:e1:ac:bb:e9:19:f8:f4:c3:f2:d2:
0e:aa:15:cf:e3:5f:39:79:8b:80:0e:0e:83:cc:36:c8:f1:23:
e6:f5:d1:ba:d8:66:14:10:36:11:ea:2a:a0:1d:17:33:bd:07:
d1:bf:0d:fd:6c:dc:5c:f5:f7:a9:d1:11:07:66:37:39:e6:04:
f4:49:a7:e1:25:6d:85:73:be:72:27:eb:49:b4:9c:8b:c2:e4:
1d:cd:9c:eb:2a:65:42:5a:b1:24:5d:eb:bb:1a:23:a3:b8:7a:
51:74:71:4b:45:52:8d:08:dc:a8:cb:0d:0b:e5:ea:6d:79:5d:
2e:64:f2:bd:84:bb:7e:0c:71:b4:55:10:5d:f5:72:f2:58:24:
dd:3f:e0:dc:e3:cd:45:1a:71:a1:e7:2a:b7:09:cd:c9:21:c4:
15:ff:91:6b:cc:ea:79:54:94:bd:d8:17:76:87:b9:ec:f4:5b:
0c:3d:89:12:94:05:50:19:37:a1:b8:4d:22:4c:3a:80:c2:95:
23:d5:f1:ee
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERTg3
MkJBRDI2MkQxOEYwQTY3NDlFMDI3MkQ5NzUyNjFEOTQ5RUMzMB4XDTI0MDMyMjA5
MDk0MFoXDTI1MDIyMTE1MzAyMlowMzExMC8GA1UEAxMoQ0VEOUQ4MzZDRDkzOEQ2
MkIzNzAwQ0IyODYyQkU1MzVFNDkxNEJENzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALIGZmZblikCGv5bfAEg+lYkT/sIEToDTkRw2F8J4u4xGHSvG30B
ILafXqASE81GKxQxnwjaYNYfzbCtT1cP/efxXRTVeY8lowB59II0+8/O6a31LFUJ
ApVlcYmz49FD8rqtCjUtwCT5F3GGpEWf1MIb3FBWMTUfLETb1tDR0D0ZanCZWb8L
Ka4HnZOrJhlmtxmW3QuNVXIQYq5rZTu+3AvMN/TPhL6/XN+JM+hpBGcZ+ERJAzIr
ljS9hmk7+a6Jy7YMrssgUYZ9fpXekEMiLGs0cbkjS9a2CmMDDItoaZwRhwMplcO1
RHLpPtt14obNG1S/srlCxkwX9IPBpSRfnZECAwEAAaOCAeowggHmMB0GA1UdDgQW
BBTO2dg2zZONYrNwDLKGK+U15JFL1zAfBgNVHSMEGDAWgBTehyutJi0Y8KZ0ngJy
2XUmHZSewzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9GVVlVLzNv
Y3JyU1l0R1BDbWRKNENjdGwxSmgyVW5zTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
M29jcnJTWXRHUENtZEo0Q2N0bDFKaDJVbnNNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRlVZVS96dG5ZTnMyVGpXS3pjQXl5aGl2bE5l
U1JTOWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRREMA0G
CSqGSIb3DQEBCwUAA4IBAQAtZz7pUCnSYLEaG17gHxjEivzCGEcT6N8JF8Z8w2Mp
K4wUNpnu2X/B79w5kA2k0GBRbjGXnbzMrhkMyt8ebuGsu+kZ+PTD8tIOqhXP4185
eYuADg6DzDbI8SPm9dG62GYUEDYR6iqgHRczvQfRvw39bNxc9fep0REHZjc55gT0
SafhJW2Fc75yJ+tJtJyLwuQdzZzrKmVCWrEkXeu7GiOjuHpRdHFLRVKNCNyoyw0L
5epteV0uZPK9hLt+DHG0VRBd9XLyWCTdP+Dc481FGnGh5yq3Cc3JIcQV/5FrzOp5
VJS92Bd2h7ns9FsMPYkSlAVQGTehuE0iTDqAwpUj1fHu
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org