Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/Hz9qv_38npmOaT205FUlsQzc2GI.roa
File: Hz9qv_38npmOaT205FUlsQzc2GI.roa (raw, json)
Hash identifier: 8fJiAyrvHb4RwBLeRoL4ZZoFZ+nDeXcS+GccqDE7Aqk=
Subject key identifier: 1F:3F:6A:BF:FD:FC:9E:99:8E:69:3D:B4:E4:55:25:B1:0C:DC:D8:62
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 1C
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/Hz9qv_38npmOaT205FUlsQzc2GI.roa
Signing time: Sat 30 Mar 2024 18:55:15 +0000
ROA not before: Sat 30 Mar 2024 18:55:15 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 396982
IP address blocks: 157.20.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 14:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: Mar 30 18:55:15 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=1F3F6ABFFDFC9E998E693DB4E45525B10CDCD862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:94:83:1c:67:7c:1a:8a:b8:8a:b1:a0:a6:
31:f5:0a:6f:43:fb:f9:44:22:77:d7:46:36:b4:2c:
2d:4d:3f:a0:99:2f:bc:6c:b9:27:5e:71:31:c4:00:
c8:ab:ec:9c:5b:b9:25:c6:cc:6d:bc:f7:46:fe:60:
0a:51:0d:80:3c:5c:73:82:70:00:e4:21:92:1d:fc:
0d:cf:5c:1e:01:f7:ec:40:01:42:a9:98:b6:67:7a:
b3:19:5c:64:21:d0:b8:e8:31:f2:2d:70:ea:63:b0:
7a:16:dd:27:f4:57:9b:25:9b:c4:9c:bd:57:2e:74:
8d:1b:bc:16:73:2a:ef:59:ea:55:9e:f2:1f:87:f3:
60:dd:47:45:a6:a7:21:71:91:b4:9b:f7:27:f1:41:
58:6c:e4:b5:b7:46:d4:eb:1d:06:04:7f:d4:06:ff:
e3:94:87:9b:34:ad:cf:fe:b9:fe:87:ab:6c:a2:14:
9f:6b:54:da:d6:d1:36:59:ac:3a:7e:61:42:11:cc:
ef:f3:2a:18:ca:be:62:d5:a7:ce:89:21:0d:f6:a7:
8d:8f:2d:b9:ed:e8:6f:c1:9a:04:89:ee:3a:f7:53:
04:e1:82:34:aa:75:b6:71:03:9f:f9:62:d3:17:bf:
7b:c0:f5:1b:ed:1c:c6:45:79:78:8d:9a:a4:33:0c:
36:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3F:6A:BF:FD:FC:9E:99:8E:69:3D:B4:E4:55:25:B1:0C:DC:D8:62
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/Hz9qv_38npmOaT205FUlsQzc2GI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.249.0/24
Signature Algorithm: sha256WithRSAEncryption
57:40:22:5e:b1:28:88:a4:b6:66:8a:bf:2d:bb:b1:45:66:d0:
8c:52:2f:bf:ee:ea:3a:93:5b:97:5a:ee:36:58:65:6a:35:08:
a9:1d:a6:ff:a4:1e:3e:f0:60:6b:b8:70:98:41:a0:77:c9:01:
88:0d:07:3a:0f:fe:ca:42:68:8b:f4:f4:6d:ed:6c:d0:8a:d1:
74:a9:6f:d2:50:71:6e:e6:c3:34:7a:c4:9d:e3:b3:91:10:7c:
92:79:db:ac:10:98:76:c0:85:56:e4:b9:0d:58:59:39:ff:5d:
f6:4b:ce:90:45:9e:03:c4:49:7a:02:76:c8:c2:9c:fe:92:6c:
3a:91:9b:42:5e:19:9a:cd:54:5c:47:0b:3c:90:5f:a6:2c:41:
28:b2:66:1e:0f:c2:f1:ad:a8:1c:71:9e:ef:b5:8c:18:94:f8:
db:32:1b:c6:53:1d:40:a5:ed:4c:4f:55:61:fd:55:c9:30:08:
88:f6:95:58:6b:90:1d:59:58:61:57:85:e2:09:51:06:45:0c:
e0:5d:0c:3a:c7:8a:1d:b7:30:ff:f4:08:cd:95:4d:67:e7:79:
5b:8d:8d:5c:5d:c9:91:88:69:2a:a0:c8:6f:9d:95:79:35:79:
b5:a8:91:17:c4:e5:a2:8b:b4:5f:6b:b9:16:be:2f:0e:09:67:
3b:68:9d:d1
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDMzMDE4
NTUxNVoXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoMUYzRjZBQkZGREZDOUU5
OThFNjkzREI0RTQ1NTI1QjEwQ0RDRDg2MjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMpxlIMcZ3wairiKsaCmMfUKb0P7+UQid9dGNrQsLU0/oJkvvGy5
J15xMcQAyKvsnFu5JcbMbbz3Rv5gClENgDxcc4JwAOQhkh38Dc9cHgH37EABQqmY
tmd6sxlcZCHQuOgx8i1w6mOwehbdJ/RXmyWbxJy9Vy50jRu8FnMq71nqVZ7yH4fz
YN1HRaanIXGRtJv3J/FBWGzktbdG1OsdBgR/1Ab/45SHmzStz/65/oerbKIUn2tU
2tbRNlmsOn5hQhHM7/MqGMq+YtWnzokhDfanjY8tue3ob8GaBInuOvdTBOGCNKp1
tnEDn/li0xe/e8D1G+0cxkV5eI2apDMMNjUCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBQfP2q//fyemY5pPbTkVSWxDNzYYjAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC9Iejlxdl8zOG5wbU9hVDIwNUZVbHNR
emMyR0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT5MA0G
CSqGSIb3DQEBCwUAA4IBAQBXQCJesSiIpLZmir8tu7FFZtCMUi+/7uo6k1uXWu42
WGVqNQipHab/pB4+8GBruHCYQaB3yQGIDQc6D/7KQmiL9PRt7WzQitF0qW/SUHFu
5sM0esSd47OREHySedusEJh2wIVW5LkNWFk5/132S86QRZ4DxEl6AnbIwpz+kmw6
kZtCXhmazVRcRws8kF+mLEEosmYeD8LxragccZ7vtYwYlPjbMhvGUx1Ape1MT1Vh
/VXJMAiI9pVYa5AdWVhhV4XiCVEGRQzgXQw6x4odtzD/9AjNlU1n53lbjY1cXcmR
iGkqoMhvnZV5NXm1qJEXxOWii7Rfa7kWvi8OCWc7aJ3R
-----END CERTIFICATE-----
Generated at Sun Mar 31 16:34:08 2024 by rpki-client on console-fra.rpki-client.org