Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/B0Yv1TTnDF9fOu-EsfCyLnyHxkE.roa
File: B0Yv1TTnDF9fOu-EsfCyLnyHxkE.roa (raw, json)
Hash identifier: GvEQcY+ed2vh4Rgx4UqjpJNIApfyOWMV/U2p5fPcoVw=
Subject key identifier: 07:46:2F:D5:34:E7:0C:5F:5F:3A:EF:84:B1:F0:B2:2E:7C:87:C6:41
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 15
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/B0Yv1TTnDF9fOu-EsfCyLnyHxkE.roa
Signing time: Tue 26 Mar 2024 07:31:19 +0000
ROA not before: Tue 26 Mar 2024 07:31:19 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 63473
IP address blocks: 157.20.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 14:20:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21 (0x15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: Mar 26 07:31:19 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=07462FD534E70C5F5F3AEF84B1F0B22E7C87C641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d6:0f:da:73:39:51:4f:a6:c4:44:c7:c2:64:
e2:9f:b3:f7:7f:ac:7a:ec:b8:78:f5:78:b3:4e:e1:
5c:6d:53:e7:29:d2:59:90:bd:c4:f0:db:e5:0a:e3:
0d:c6:c6:00:a1:1e:2d:ec:40:2c:8f:32:e5:11:bc:
3a:5a:26:da:6b:7b:d7:35:f0:55:6e:11:b8:19:a9:
e1:c8:1c:0c:4e:c7:98:ea:f4:b0:f0:21:f6:3d:61:
e9:ce:f5:c1:60:c2:55:b8:09:3a:73:0b:10:1d:f3:
0a:1a:89:17:9c:01:49:3e:44:d8:66:e9:44:79:8e:
ac:43:c3:d3:aa:7d:bc:24:28:ca:0a:94:19:ee:97:
b5:3e:58:7f:b1:34:ac:0d:3b:d8:e3:cc:41:a2:3d:
93:a0:0f:2a:a0:81:94:46:a4:f2:12:36:af:15:70:
c2:10:da:04:9b:90:6a:b9:de:2f:82:1e:34:d0:ba:
dc:e7:d8:d2:63:97:7d:0a:6d:65:99:5b:24:16:38:
f7:4d:d6:c6:30:14:0b:33:08:40:e8:d8:02:be:5d:
1f:72:f9:b6:23:67:f6:84:35:b6:c1:1b:80:4a:79:
32:73:f0:d4:f2:f4:ce:0b:85:fa:e5:a2:e6:0e:45:
91:a3:8a:93:94:0f:33:d9:ea:a5:9a:c7:8f:67:cd:
17:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:46:2F:D5:34:E7:0C:5F:5F:3A:EF:84:B1:F0:B2:2E:7C:87:C6:41
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/B0Yv1TTnDF9fOu-EsfCyLnyHxkE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.248.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:bf:53:3c:65:ec:87:99:08:93:16:77:c3:15:6e:fb:e3:0a:
a1:65:61:ac:3b:b0:d3:08:e3:d8:34:c0:b5:11:a8:c6:59:b7:
0e:52:e5:4e:be:c8:66:19:74:8a:50:49:da:9f:f2:6d:d9:bb:
0a:38:63:8f:9c:29:2b:26:dc:cc:ae:4d:64:ac:7d:23:f7:31:
3e:e5:9d:99:13:03:09:77:46:5a:d4:c2:62:24:04:58:2f:7c:
2d:b3:dc:22:bb:09:65:ad:72:8d:c5:06:2b:0c:c1:43:79:0a:
cb:c9:0f:a4:68:b2:f5:d2:ba:5e:0a:4e:ff:6a:56:14:7f:34:
a2:df:18:a2:42:79:46:35:57:dc:1f:be:f9:74:86:24:eb:5c:
e3:6e:da:3a:dc:f0:66:a7:98:1d:52:ce:ff:79:c8:e4:23:40:
f7:ff:ec:6f:b3:b9:7b:b0:aa:d0:72:19:0a:7f:6c:4d:aa:18:
92:b5:7c:68:f2:25:f6:26:63:8d:8d:2d:07:e9:be:68:2f:b3:
4a:8e:32:48:77:c8:0b:5d:a8:1d:6c:f1:04:c5:b2:19:22:5b:
4f:b2:40:e2:dd:31:00:de:98:95:47:97:74:ff:16:66:69:e1:
21:85:ac:7a:a8:15:58:5f:ec:dc:ef:a9:14:f8:9b:d2:0b:85:
b9:e0:93:ca
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDMyNjA3
MzExOVoXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoMDc0NjJGRDUzNEU3MEM1
RjVGM0FFRjg0QjFGMEIyMkU3Qzg3QzY0MTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPLWD9pzOVFPpsREx8Jk4p+z93+seuy4ePV4s07hXG1T5ynSWZC9
xPDb5QrjDcbGAKEeLexALI8y5RG8Olom2mt71zXwVW4RuBmp4cgcDE7HmOr0sPAh
9j1h6c71wWDCVbgJOnMLEB3zChqJF5wBST5E2GbpRHmOrEPD06p9vCQoygqUGe6X
tT5Yf7E0rA072OPMQaI9k6APKqCBlEak8hI2rxVwwhDaBJuQarneL4IeNNC63OfY
0mOXfQptZZlbJBY4903WxjAUCzMIQOjYAr5dH3L5tiNn9oQ1tsEbgEp5MnPw1PL0
zguF+uWi5g5FkaOKk5QPM9nqpZrHj2fNF4cCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBQHRi/VNOcMX18674Sx8LIufIfGQTAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC9CMFl2MVRUbkRGOWZPdS1Fc2ZDeUxu
eUh4a0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT4MA0G
CSqGSIb3DQEBCwUAA4IBAQAbv1M8ZeyHmQiTFnfDFW774wqhZWGsO7DTCOPYNMC1
EajGWbcOUuVOvshmGXSKUEnan/Jt2bsKOGOPnCkrJtzMrk1krH0j9zE+5Z2ZEwMJ
d0Za1MJiJARYL3wts9wiuwllrXKNxQYrDMFDeQrLyQ+kaLL10rpeCk7/alYUfzSi
3xiiQnlGNVfcH775dIYk61zjbto63PBmp5gdUs7/ecjkI0D3/+xvs7l7sKrQchkK
f2xNqhiStXxo8iX2JmONjS0H6b5oL7NKjjJId8gLXagdbPEExbIZIltPskDi3TEA
3piVR5d0/xZmaeEhhax6qBVYX+zc76kU+JvSC4W54JPK
-----END CERTIFICATE-----
Generated at Sun Mar 31 16:36:44 2024 by rpki-client on console-ams.rpki-client.org