Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/hh4O_yodSxU1lzqmcDyMEdpgVYk.roa
File: hh4O_yodSxU1lzqmcDyMEdpgVYk.roa (raw, json)
Hash identifier: 7eym9fSz+0z39BaRSc5ux46L0eDG7dRTBZyeYax1xXE=
Subject key identifier: 86:1E:0E:FF:2A:1D:4B:15:35:97:3A:A6:70:3C:8C:11:DA:60:55:89
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 13
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/hh4O_yodSxU1lzqmcDyMEdpgVYk.roa
Signing time: Tue 26 Mar 2024 03:18:09 +0000
ROA not before: Tue 26 Mar 2024 03:18:09 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 63473
IP address blocks: 157.20.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Mar 2024 18:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: Mar 26 03:18:09 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=861E0EFF2A1D4B1535973AA6703C8C11DA605589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4b:16:50:85:b1:df:8f:21:2a:30:e2:fc:53:
8e:40:63:47:15:16:a0:38:6a:33:dc:9b:b0:8f:8b:
e8:60:c4:35:87:a1:40:b9:35:47:eb:35:0c:4e:42:
66:33:22:98:98:22:bd:c7:cb:e5:c5:e7:37:98:1c:
e7:79:a9:70:3a:0f:12:7e:14:27:df:d8:0c:b7:68:
80:79:3e:bd:4d:83:7e:76:ae:80:b7:1e:2b:46:26:
c9:05:a5:89:56:39:7e:38:2e:cb:d8:83:54:3c:44:
d3:14:b9:c7:57:1a:a2:6c:17:d6:ce:93:d6:84:de:
52:6a:02:c0:b1:70:03:cd:dc:6a:e9:b4:26:6a:c7:
a1:dc:8b:b5:07:83:11:44:54:da:7e:1b:ed:66:ca:
52:8f:a6:22:33:58:7d:89:b0:f0:fd:9c:09:75:0a:
e4:05:4f:20:6a:dd:80:99:b5:41:97:e4:70:d3:4c:
c8:71:bb:18:09:39:28:ad:1d:19:1c:c3:9c:c8:3d:
20:3c:e2:e2:5e:8b:30:55:7f:06:cc:1c:b7:a2:e2:
6e:53:91:d9:51:6b:15:68:fe:03:25:98:03:e5:db:
f3:6b:14:5e:c4:78:c6:65:4d:96:ca:e6:64:42:00:
fc:8e:76:b4:8a:ab:fc:7f:d7:43:90:3c:5a:c9:a4:
27:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1E:0E:FF:2A:1D:4B:15:35:97:3A:A6:70:3C:8C:11:DA:60:55:89
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/hh4O_yodSxU1lzqmcDyMEdpgVYk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.249.0/24
Signature Algorithm: sha256WithRSAEncryption
46:0c:c6:1a:00:bb:dd:f5:c2:d6:4d:40:38:fb:c2:e0:b8:6e:
97:a0:d0:0d:b2:dd:e9:06:d6:4f:1d:be:b7:00:76:9c:5d:71:
88:df:c7:c6:7e:a6:a2:bb:c8:45:1d:51:90:d7:94:61:38:51:
41:82:ce:a2:a1:46:11:31:6d:8d:ce:fb:c2:99:d4:a3:85:5f:
04:99:e5:e6:f7:d0:c8:c9:9e:07:7d:a7:aa:69:e1:43:72:1c:
0d:43:f9:bb:ec:e6:05:a1:43:80:e6:bd:5d:bb:ee:bd:fb:21:
c2:a1:67:5c:01:7c:29:58:63:2b:f2:a7:fa:a0:04:ef:29:b7:
b2:a5:25:75:1f:08:2f:2e:27:75:d9:2d:ba:a9:8c:ae:27:a2:
b0:96:41:0b:b7:f2:2d:6b:31:5a:1f:62:30:b8:38:bc:74:14:
5a:6d:88:bc:4b:af:4c:08:a0:bf:89:a9:5e:a8:3e:4e:1c:c5:
62:7b:12:62:6e:74:a6:a0:6c:91:95:01:6b:94:81:94:2c:7f:
94:48:03:75:51:33:cd:f5:63:da:f3:cd:9f:1e:19:6e:85:d6:
48:15:5e:41:44:4d:6c:4c:f0:70:26:c5:99:0d:ee:af:35:4c:
f2:59:c6:8e:0b:4c:5a:83:9d:9f:8f:74:9c:f5:c1:d1:d1:0c:
5e:04:52:84
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDMyNjAz
MTgwOVoXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoODYxRTBFRkYyQTFENEIx
NTM1OTczQUE2NzAzQzhDMTFEQTYwNTU4OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALZLFlCFsd+PISow4vxTjkBjRxUWoDhqM9ybsI+L6GDENYehQLk1
R+s1DE5CZjMimJgivcfL5cXnN5gc53mpcDoPEn4UJ9/YDLdogHk+vU2DfnaugLce
K0YmyQWliVY5fjguy9iDVDxE0xS5x1caomwX1s6T1oTeUmoCwLFwA83caum0JmrH
odyLtQeDEURU2n4b7WbKUo+mIjNYfYmw8P2cCXUK5AVPIGrdgJm1QZfkcNNMyHG7
GAk5KK0dGRzDnMg9IDzi4l6LMFV/Bswct6LiblOR2VFrFWj+AyWYA+Xb82sUXsR4
xmVNlsrmZEIA/I52tIqr/H/XQ5A8WsmkJwMCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBSGHg7/Kh1LFTWXOqZwPIwR2mBViTAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC9oaDRPX3lvZFN4VTFsenFtY0R5TUVk
cGdWWWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT5MA0G
CSqGSIb3DQEBCwUAA4IBAQBGDMYaALvd9cLWTUA4+8LguG6XoNANst3pBtZPHb63
AHacXXGI38fGfqaiu8hFHVGQ15RhOFFBgs6ioUYRMW2NzvvCmdSjhV8EmeXm99DI
yZ4HfaeqaeFDchwNQ/m77OYFoUOA5r1du+69+yHCoWdcAXwpWGMr8qf6oATvKbey
pSV1HwgvLid12S26qYyuJ6KwlkELt/ItazFaH2IwuDi8dBRabYi8S69MCKC/iale
qD5OHMViexJibnSmoGyRlQFrlIGULH+USAN1UTPN9WPa882fHhluhdZIFV5BRE1s
TPBwJsWZDe6vNUzyWcaOC0xag52fj3Sc9cHR0QxeBFKE
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org