Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/yFh52OduHU5zudKM8bK8eaKW_rE.roa
File: yFh52OduHU5zudKM8bK8eaKW_rE.roa (raw, json)
Hash identifier: w69kQaGTVq+EPw3WrWQD61Uf91f0eeWde4iy5FFI8ZM=
Subject key identifier: C8:58:79:D8:E7:6E:1D:4E:73:B9:D2:8C:F1:B2:BC:79:A2:96:FE:B1
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 3A
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/yFh52OduHU5zudKM8bK8eaKW_rE.roa
Signing time: Mon 06 May 2024 08:21:52 +0000
ROA not before: Mon 06 May 2024 08:21:52 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 15353
IP address blocks: 157.20.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 08:20:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58 (0x3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: May 6 08:21:52 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=C85879D8E76E1D4E73B9D28CF1B2BC79A296FEB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f3:03:d3:71:ad:16:67:e4:ea:d4:d1:11:15:
c8:de:45:bf:72:40:d9:d3:56:c1:37:2d:04:90:5a:
a0:53:37:73:7e:da:14:ff:2f:e7:79:ae:a6:ec:25:
fa:1b:26:4f:77:0d:f8:07:b6:a8:d2:f3:83:97:aa:
94:47:54:22:27:46:9f:a1:f0:5a:fe:cd:f6:84:01:
37:c3:a4:d3:78:c5:45:24:c4:55:6f:01:ce:96:79:
c2:d8:ff:a5:33:7b:aa:dc:17:c2:74:eb:03:5e:9c:
6f:c1:e9:9e:58:57:f3:e1:22:c9:0c:bc:b4:77:67:
d6:5a:8f:81:4c:61:4b:98:ca:8a:77:ea:99:22:f7:
8e:bd:48:e1:a4:96:b5:60:f4:0f:78:04:a9:1b:90:
d5:d1:e9:18:f7:c2:b7:8b:d6:0f:75:4e:e1:3b:53:
64:e8:60:cc:c8:da:b0:9a:e1:14:8c:0f:72:57:67:
28:51:b5:ec:e7:ac:8f:07:9f:a6:2e:14:84:cb:7a:
bf:f7:63:af:84:f3:16:9f:13:a0:42:e1:8b:cc:6a:
e6:9b:02:59:8b:3e:b2:82:90:0d:8f:c9:30:9c:29:
ba:f0:57:d7:07:a7:6c:7b:da:d7:38:bf:81:99:52:
8e:b4:af:28:2f:91:c0:25:0b:bf:44:92:86:80:69:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:58:79:D8:E7:6E:1D:4E:73:B9:D2:8C:F1:B2:BC:79:A2:96:FE:B1
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/yFh52OduHU5zudKM8bK8eaKW_rE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:95:8d:d7:e2:f7:a5:be:1c:6b:e4:b2:39:82:bc:41:ba:f2:
17:43:30:f9:3e:84:ac:29:9d:13:e8:19:42:f1:47:07:86:5c:
22:de:87:e3:e1:cc:f7:a0:46:70:3d:af:61:a4:8a:a2:89:4d:
17:52:5c:e5:28:52:01:ab:56:3f:a1:b7:e2:69:9e:50:f8:d0:
d5:2a:84:6c:fe:90:5f:60:74:18:8a:29:93:17:2a:bf:9c:bf:
39:4e:b0:ec:91:c7:3c:36:11:11:8c:df:61:48:77:f6:1a:59:
19:9a:38:90:7c:a4:04:0b:ae:02:4b:95:cf:2a:4c:9f:aa:ac:
d9:34:e2:96:6e:09:0a:e9:a6:70:8d:ce:f8:3f:d4:b5:37:b1:
52:f5:c2:91:5b:a5:a5:c6:d9:b9:30:7a:e2:4c:3b:bb:7c:d2:
7e:97:9f:7a:a4:e2:18:2d:ca:39:eb:7f:f1:ef:c2:58:af:80:
90:71:bc:b8:e4:a5:1c:9d:be:59:a3:af:5f:2e:32:be:d3:80:
d7:42:24:d4:86:f0:d4:1d:f6:bf:6a:fb:f9:00:76:6f:2a:2b:
62:66:6d:6d:fa:0b:18:2a:d2:25:12:8d:a2:2d:b9:1c:76:76:
22:29:ba:7f:44:d9:ce:91:a7:72:6e:d2:85:6e:ec:e5:b3:26:
3a:88:a0:ba
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDUwNjA4
MjE1MloXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoQzg1ODc5RDhFNzZFMUQ0
RTczQjlEMjhDRjFCMkJDNzlBMjk2RkVCMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM3zA9NxrRZn5OrU0REVyN5Fv3JA2dNWwTctBJBaoFM3c37aFP8v
53mupuwl+hsmT3cN+Ae2qNLzg5eqlEdUIidGn6HwWv7N9oQBN8Ok03jFRSTEVW8B
zpZ5wtj/pTN7qtwXwnTrA16cb8HpnlhX8+EiyQy8tHdn1lqPgUxhS5jKinfqmSL3
jr1I4aSWtWD0D3gEqRuQ1dHpGPfCt4vWD3VO4TtTZOhgzMjasJrhFIwPcldnKFG1
7Oesjwefpi4UhMt6v/djr4TzFp8ToELhi8xq5psCWYs+soKQDY/JMJwpuvBX1wen
bHva1zi/gZlSjrSvKC+RwCULv0SShoBpImsCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBTIWHnY524dTnO50ozxsrx5opb+sTAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC95Rmg1Mk9kdUhVNXp1ZEtNOGJLOGVh
S1dfckUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT4MA0G
CSqGSIb3DQEBCwUAA4IBAQCklY3X4velvhxr5LI5grxBuvIXQzD5PoSsKZ0T6BlC
8UcHhlwi3ofj4cz3oEZwPa9hpIqiiU0XUlzlKFIBq1Y/obfiaZ5Q+NDVKoRs/pBf
YHQYiimTFyq/nL85TrDskcc8NhERjN9hSHf2GlkZmjiQfKQEC64CS5XPKkyfqqzZ
NOKWbgkK6aZwjc74P9S1N7FS9cKRW6Wlxtm5MHriTDu7fNJ+l596pOIYLco563/x
78JYr4CQcby45KUcnb5Zo69fLjK+04DXQiTUhvDUHfa/avv5AHZvKitiZm1t+gsY
KtIlEo2iLbkcdnYiKbp/RNnOkadybtKFbuzlsyY6iKC6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org