Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/G1lRlOL4yUs-g3VL_du75v54zDY.roa
File: G1lRlOL4yUs-g3VL_du75v54zDY.roa (raw, json)
Hash identifier: T9wzxcdVF5Y4lYpafvZjxt7bZhAA29TTVlrS2Qi7tbs=
Subject key identifier: 1B:59:51:94:E2:F8:C9:4B:3E:83:75:4B:FD:DB:BB:E6:FE:78:CC:36
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 3C
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/G1lRlOL4yUs-g3VL_du75v54zDY.roa
Signing time: Mon 06 May 2024 08:22:26 +0000
ROA not before: Mon 06 May 2024 08:22:26 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 15353
IP address blocks: 157.20.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 08:20:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60 (0x3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: May 6 08:22:26 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=1B595194E2F8C94B3E83754BFDDBBBE6FE78CC36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9c:88:71:72:10:83:56:73:6a:e5:ca:ed:e1:
c5:92:0a:58:43:51:54:ec:56:33:13:95:31:85:12:
ea:7d:22:68:21:02:d0:70:63:de:15:f2:f4:45:9b:
a4:77:f8:e7:4b:e9:69:77:72:22:1f:cb:69:34:5d:
60:39:d4:26:f1:60:42:63:a9:10:9f:a6:26:96:32:
d5:2e:68:ae:e0:75:ac:03:9c:d9:14:18:af:94:e9:
9a:85:60:57:bb:d5:34:42:27:76:97:8a:f0:fa:58:
21:41:f6:85:d7:03:db:92:9e:d1:24:0f:d4:08:c8:
09:78:d1:f3:f1:3a:25:27:5a:d2:96:96:76:10:2d:
e2:91:08:af:92:8a:6d:26:9e:41:dc:42:c8:c9:79:
35:ea:a6:df:73:d7:34:0d:0e:39:05:18:64:78:37:
69:9e:39:9b:aa:87:86:37:1a:7a:1f:04:2a:06:e2:
fc:6c:62:7e:aa:fb:a0:6c:a4:89:6c:84:09:a8:79:
d9:7a:da:65:ec:29:b2:51:0e:4e:4f:85:1e:2d:83:
66:b9:52:64:5c:d1:de:d8:a4:7d:8e:c7:9b:f7:1b:
ce:86:55:f9:21:19:93:ab:7c:bb:0f:10:3b:55:f8:
f5:ea:10:ed:68:e7:03:6d:60:d4:90:26:c6:20:cf:
03:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:59:51:94:E2:F8:C9:4B:3E:83:75:4B:FD:DB:BB:E6:FE:78:CC:36
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/G1lRlOL4yUs-g3VL_du75v54zDY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.249.0/24
Signature Algorithm: sha256WithRSAEncryption
41:57:24:f4:72:40:da:a3:d3:6c:7a:83:fe:15:db:7d:76:a6:
c1:28:54:de:79:38:2d:1e:eb:70:97:07:8e:c4:2c:51:ea:0f:
55:66:f9:6f:b6:45:aa:59:c3:31:b3:18:b3:5a:3f:b4:bf:11:
6d:37:b1:d6:23:b9:93:e2:82:94:c8:56:72:e7:43:f1:90:0f:
b2:ea:ab:2f:f5:b6:62:d8:26:c9:d1:34:56:6a:5f:e0:1f:40:
f1:25:fd:8f:97:c4:82:9a:af:64:a5:a6:3b:3e:d8:2e:9e:1a:
a8:77:2d:fa:39:0e:04:8f:76:f1:bb:52:9a:04:84:59:57:74:
3e:2f:85:fa:8b:7c:f1:4b:a9:f4:ab:9b:29:a7:64:50:4c:30:
05:72:06:76:8a:bd:01:49:1c:b8:2e:d4:e7:35:8d:9d:00:95:
28:e6:cb:bb:99:db:69:d9:19:3a:43:fd:25:b9:0c:bc:e4:76:
9e:04:ae:e7:49:e8:90:44:33:05:5b:25:88:3e:c5:28:95:be:
52:49:d9:1c:7f:57:84:34:cf:82:d1:b5:28:a8:65:2a:75:97:
0c:d1:96:e5:a9:f2:1c:95:98:10:dd:94:e2:5a:e2:25:5e:59:
27:59:58:45:d1:b5:2c:f4:d6:18:83:45:78:d3:b6:6c:e5:c7:
7e:36:45:5f
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDUwNjA4
MjIyNloXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoMUI1OTUxOTRFMkY4Qzk0
QjNFODM3NTRCRkREQkJCRTZGRTc4Q0MzNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALuciHFyEINWc2rlyu3hxZIKWENRVOxWMxOVMYUS6n0iaCEC0HBj
3hXy9EWbpHf450vpaXdyIh/LaTRdYDnUJvFgQmOpEJ+mJpYy1S5oruB1rAOc2RQY
r5TpmoVgV7vVNEIndpeK8PpYIUH2hdcD25Ke0SQP1AjICXjR8/E6JSda0paWdhAt
4pEIr5KKbSaeQdxCyMl5Neqm33PXNA0OOQUYZHg3aZ45m6qHhjcaeh8EKgbi/Gxi
fqr7oGykiWyECah52XraZewpslEOTk+FHi2DZrlSZFzR3tikfY7Hm/cbzoZV+SEZ
k6t8uw8QO1X49eoQ7WjnA21g1JAmxiDPA5cCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBQbWVGU4vjJSz6DdUv927vm/njMNjAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC9HMWxSbE9MNHlVcy1nM1ZMX2R1NzV2
NTR6RFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT5MA0G
CSqGSIb3DQEBCwUAA4IBAQBBVyT0ckDao9NseoP+Fdt9dqbBKFTeeTgtHutwlweO
xCxR6g9VZvlvtkWqWcMxsxizWj+0vxFtN7HWI7mT4oKUyFZy50PxkA+y6qsv9bZi
2CbJ0TRWal/gH0DxJf2Pl8SCmq9kpaY7Ptgunhqody36OQ4Ej3bxu1KaBIRZV3Q+
L4X6i3zxS6n0q5spp2RQTDAFcgZ2ir0BSRy4LtTnNY2dAJUo5su7mdtp2Rk6Q/0l
uQy85HaeBK7nSeiQRDMFWyWIPsUolb5SSdkcf1eENM+C0bUoqGUqdZcM0ZblqfIc
lZgQ3ZTiWuIlXlknWVhF0bUs9NYYg0V407Zs5cd+NkVf
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org