Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/w8QZdWnGBknFXI9qzNyXvp0ubAE.roa
File: w8QZdWnGBknFXI9qzNyXvp0ubAE.roa (raw, json)
Hash identifier: +EEOiXWMG7HBbeLFENGT4g1KGg4QqFL+BaoCGJFPmQE=
Subject key identifier: C3:C4:19:75:69:C6:06:49:C5:5C:8F:6A:CC:DC:97:BE:9D:2E:6C:01
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 05
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/w8QZdWnGBknFXI9qzNyXvp0ubAE.roa
Signing time: Mon 25 Mar 2024 14:09:04 +0000
ROA not before: Mon 25 Mar 2024 14:09:04 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 60841
IP address blocks: 157.20.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 15:19:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: Mar 25 14:09:04 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=C3C4197569C60649C55C8F6ACCDC97BE9D2E6C01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f5:a5:34:89:30:f5:aa:36:38:bb:5d:fb:2f:
31:d5:92:c3:53:29:75:bd:44:0d:52:3f:e9:4d:45:
f2:c4:d1:35:60:3b:47:50:18:b0:28:d3:3b:8d:b5:
6b:d5:9b:50:89:1b:b5:c0:a7:9d:0e:6b:1d:3b:55:
26:ad:71:02:05:03:09:22:9c:cf:f6:05:55:ef:78:
80:2e:00:39:81:d1:a8:55:59:ff:eb:3b:cf:72:14:
8b:f0:d9:7e:48:6d:c0:ae:9b:3b:eb:76:cb:45:35:
6a:0c:58:d6:3d:c8:8b:48:92:c3:ab:40:16:5a:67:
7e:bf:4c:12:d9:d6:84:25:b3:0c:2f:e2:80:c9:54:
27:dd:8b:97:49:6b:bf:cb:f3:88:63:41:cd:72:2d:
ee:fd:fe:0a:1e:24:01:03:2f:f9:d4:69:c4:9d:49:
7b:f3:cc:35:ca:b8:7f:c9:7f:36:de:80:f1:54:14:
4a:2d:41:0c:f4:4d:46:6f:c9:b6:db:93:d5:01:3f:
d4:d2:07:66:8c:5d:a6:a1:c2:77:0f:70:07:31:af:
5d:ca:2f:17:c3:41:5f:ff:c7:75:ed:40:a3:1d:17:
68:94:88:5c:da:a6:60:4c:93:0f:c3:ac:3b:af:5b:
fd:04:c8:d0:98:42:e5:03:d8:ad:da:a2:98:08:f7:
f4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C4:19:75:69:C6:06:49:C5:5C:8F:6A:CC:DC:97:BE:9D:2E:6C:01
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/w8QZdWnGBknFXI9qzNyXvp0ubAE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:c0:7d:52:b6:3f:b3:a7:82:db:3c:c4:be:29:74:5e:de:52:
83:73:ae:0c:63:9a:c6:cc:9d:d8:9a:3b:81:f4:31:17:63:8e:
2c:46:47:2b:8c:58:50:63:e7:7e:44:fd:22:46:e9:b0:d0:47:
9b:a5:30:75:9d:c4:ad:64:57:3a:e0:b4:08:07:c1:f3:a6:ca:
9f:6a:15:80:7f:6f:65:11:89:30:fc:c7:04:c5:f5:e6:7e:2e:
ea:f6:00:15:06:41:bb:d2:b8:d5:f2:9d:54:3c:8e:b6:64:e5:
fe:05:54:e0:64:9c:58:21:83:2b:19:4e:04:bf:20:e0:e4:f0:
d6:34:24:13:bd:67:a3:76:a2:a2:64:36:73:30:cf:d2:e5:3c:
3b:16:81:9c:76:56:49:50:79:84:66:1f:16:9b:dc:a4:ed:3a:
dc:95:f4:a3:84:37:84:af:1b:47:3a:34:ea:c5:d3:43:e9:56:
f8:7e:38:e4:ed:fd:c7:fb:cf:53:d9:42:a3:bf:b1:c5:cc:2c:
80:e0:75:0c:c8:bd:97:01:52:2d:b6:8f:0c:08:ab:7c:84:a4:
e9:b0:14:75:99:af:ba:42:e8:77:b2:6e:a0:27:9f:2b:c5:28:
c0:1a:36:9c:8a:3b:d4:17:5a:f7:6d:db:4d:d4:7a:7b:70:19:
21:0a:81:f5
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDMyNTE0
MDkwNFoXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoQzNDNDE5NzU2OUM2MDY0
OUM1NUM4RjZBQ0NEQzk3QkU5RDJFNkMwMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPX1pTSJMPWqNji7XfsvMdWSw1Mpdb1EDVI/6U1F8sTRNWA7R1AY
sCjTO421a9WbUIkbtcCnnQ5rHTtVJq1xAgUDCSKcz/YFVe94gC4AOYHRqFVZ/+s7
z3IUi/DZfkhtwK6bO+t2y0U1agxY1j3Ii0iSw6tAFlpnfr9MEtnWhCWzDC/igMlU
J92Ll0lrv8vziGNBzXIt7v3+Ch4kAQMv+dRpxJ1Je/PMNcq4f8l/Nt6A8VQUSi1B
DPRNRm/JttuT1QE/1NIHZoxdpqHCdw9wBzGvXcovF8NBX//Hde1Aox0XaJSIXNqm
YEyTD8OsO69b/QTI0JhC5QPYrdqimAj39JMCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBTDxBl1acYGScVcj2rM3Je+nS5sATAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC93OFFaZFduR0JrbkZYSTlxek55WHZw
MHViQUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT4MA0G
CSqGSIb3DQEBCwUAA4IBAQCLwH1Stj+zp4LbPMS+KXRe3lKDc64MY5rGzJ3YmjuB
9DEXY44sRkcrjFhQY+d+RP0iRumw0EebpTB1ncStZFc64LQIB8HzpsqfahWAf29l
EYkw/McExfXmfi7q9gAVBkG70rjV8p1UPI62ZOX+BVTgZJxYIYMrGU4EvyDg5PDW
NCQTvWejdqKiZDZzMM/S5Tw7FoGcdlZJUHmEZh8Wm9yk7TrclfSjhDeErxtHOjTq
xdND6Vb4fjjk7f3H+89T2UKjv7HFzCyA4HUMyL2XAVItto8MCKt8hKTpsBR1ma+6
Quh3sm6gJ58rxSjAGjacijvUF1r3bdtN1Hp7cBkhCoH1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org