Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/SikcyN-FCLQ8LcLfeHdTzwWr0_Y.roa
File: SikcyN-FCLQ8LcLfeHdTzwWr0_Y.roa (raw, json)
Hash identifier: oLZeC+cPjx7McGfeTCYLEWgJRHTD8d8k+pyAGRgK2cM=
Subject key identifier: 4A:29:1C:C8:DF:85:08:B4:3C:2D:C2:DF:78:77:53:CF:05:AB:D3:F6
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 0F
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/SikcyN-FCLQ8LcLfeHdTzwWr0_Y.roa
Signing time: Mon 25 Mar 2024 15:32:28 +0000
ROA not before: Mon 25 Mar 2024 15:32:28 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 20473
IP address blocks: 157.20.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 14:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: Mar 25 15:32:28 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=4A291CC8DF8508B43C2DC2DF787753CF05ABD3F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fb:af:92:28:e1:f0:09:58:6c:26:28:43:b3:
b8:fc:5d:56:c1:c9:4a:ef:8a:33:4a:f3:f9:16:98:
b3:2a:dd:a2:60:20:e3:5c:6d:89:4b:06:94:c4:80:
b9:ff:4c:31:b8:76:04:a0:d0:9c:db:af:76:2c:63:
b8:47:a9:fe:e8:10:8a:6a:c8:1c:fa:00:68:15:0b:
b5:d7:09:2d:41:27:d2:92:6e:67:44:7e:35:ab:a3:
93:24:da:8b:55:8c:65:73:12:0b:06:1f:97:45:51:
88:25:18:3d:31:83:1a:e7:20:8a:74:bc:38:61:46:
f1:ae:a8:ab:9d:17:da:3c:1d:01:d3:03:cd:da:11:
0a:18:12:0d:de:36:bd:c4:cc:05:06:b1:f8:52:ef:
ac:43:59:b7:92:42:55:f7:ef:9b:76:ab:c3:ec:63:
25:32:e8:76:a8:f9:54:0f:3f:55:d6:80:45:b6:f8:
ee:55:87:b2:20:aa:3a:85:13:6e:c3:eb:7d:2b:ca:
d8:c3:5f:5b:1d:4a:a3:a7:7e:a9:d5:17:be:ee:aa:
3d:57:e5:26:d6:19:f9:40:de:85:1f:bd:a3:01:7b:
48:6f:41:43:21:a5:53:cc:42:87:e4:66:08:8f:53:
03:da:9e:19:3e:8f:21:67:14:ea:a3:1a:89:16:80:
e2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:29:1C:C8:DF:85:08:B4:3C:2D:C2:DF:78:77:53:CF:05:AB:D3:F6
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/SikcyN-FCLQ8LcLfeHdTzwWr0_Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.248.0/24
Signature Algorithm: sha256WithRSAEncryption
28:38:a3:1d:9c:9a:b6:27:b7:92:87:e6:60:89:2e:97:ad:fd:
70:85:de:0a:92:fe:d7:13:63:2e:07:e3:c1:49:44:68:a7:9c:
4f:af:9f:68:89:a8:85:ef:7b:c4:99:f8:ce:47:14:bc:7e:66:
7e:6a:ff:d8:7b:b8:be:01:aa:39:5d:f4:71:ad:f2:b8:ed:bf:
4a:3a:b9:0d:dc:eb:ab:38:00:dd:4e:99:48:72:b5:99:fb:98:
7d:b9:91:69:39:d3:8f:78:d1:a9:d2:bd:51:ae:ab:05:b6:f4:
07:33:c5:24:df:c6:4a:95:8f:5f:64:86:60:fd:4d:b4:c4:8c:
48:68:05:8c:d8:d9:51:e5:15:67:3e:8d:30:54:d0:7e:fd:1d:
f7:83:75:21:1e:8f:7f:f1:b6:e4:34:87:e2:c7:c2:d2:1e:66:
85:84:43:87:56:e8:f8:6e:e0:ba:21:ec:dc:49:fe:56:67:7e:
56:61:cf:0a:ec:09:df:05:77:67:80:e5:16:2f:fd:3c:f1:4b:
01:88:d5:d9:b8:92:9d:62:fb:75:1c:a5:a3:a8:b0:b7:b0:6a:
8c:be:c3:5e:8e:70:c3:20:82:2f:4e:03:4a:e3:30:da:fd:86:
5f:84:cd:0d:e5:5b:c9:a5:b6:45:08:34:1f:29:08:77:a5:c1:
23:a6:dc:72
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDMyNTE1
MzIyOFoXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoNEEyOTFDQzhERjg1MDhC
NDNDMkRDMkRGNzg3NzUzQ0YwNUFCRDNGNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMX7r5Io4fAJWGwmKEOzuPxdVsHJSu+KM0rz+RaYsyrdomAg41xt
iUsGlMSAuf9MMbh2BKDQnNuvdixjuEep/ugQimrIHPoAaBULtdcJLUEn0pJuZ0R+
NaujkyTai1WMZXMSCwYfl0VRiCUYPTGDGucginS8OGFG8a6oq50X2jwdAdMDzdoR
ChgSDd42vcTMBQax+FLvrENZt5JCVffvm3arw+xjJTLodqj5VA8/VdaARbb47lWH
siCqOoUTbsPrfSvK2MNfWx1Ko6d+qdUXvu6qPVflJtYZ+UDehR+9owF7SG9BQyGl
U8xCh+RmCI9TA9qeGT6PIWcU6qMaiRaA4l8CAwEAAaOCAeowggHmMB0GA1UdDgQW
BBRKKRzI34UItDwtwt94d1PPBavT9jAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC9TaWtjeU4tRkNMUThMY0xmZUhkVHp3
V3IwX1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT4MA0G
CSqGSIb3DQEBCwUAA4IBAQAoOKMdnJq2J7eSh+ZgiS6Xrf1whd4Kkv7XE2MuB+PB
SURop5xPr59oiaiF73vEmfjORxS8fmZ+av/Ye7i+Aao5XfRxrfK47b9KOrkN3Our
OADdTplIcrWZ+5h9uZFpOdOPeNGp0r1RrqsFtvQHM8Uk38ZKlY9fZIZg/U20xIxI
aAWM2NlR5RVnPo0wVNB+/R33g3UhHo9/8bbkNIfix8LSHmaFhEOHVuj4buC6Iezc
Sf5WZ35WYc8K7AnfBXdngOUWL/088UsBiNXZuJKdYvt1HKWjqLC3sGqMvsNejnDD
IIIvTgNK4zDa/YZfhM0N5VvJpbZFCDQfKQh3pcEjptxy
Generated at Sun Mar 31 16:34:08 2024 by rpki-client on console-fra.rpki-client.org